/// <summary> /// 校验验证码 /// </summary> private bool ValidateVerifyCode() { if (DNTRequest.GetString("vcode") == "") { if (pagename == "showforum.aspx") { //版块如不设置密码,必无校验码 //return; } else if (pagename.EndsWith("ajax.aspx")) { if (DNTRequest.GetString("t") == "quickreply") { ResponseAjaxVcodeError(); return(false); } } else { if (DNTRequest.GetString("loginsubmit") == "true" && pagename == "login.aspx")//添加快捷登陆方式的验证码判断 { //快速登录时不报错 } else if (DNTRequest.GetFormString("agree") == "true" && pagename == "register.aspx") { //同意注册协议也不受此限制 } else { AddErrLine("验证码错误"); return(false); } } } else { if (!OnlineUsers.CheckUserVerifyCode(olid, DNTRequest.GetString("vcode"))) { if (pagename.EndsWith("ajax.aspx")) { ResponseAjaxVcodeError(); return(false); } else { AddErrLine("验证码错误"); return(false); } } } return(true); }
private void Submit_CategoryInfo() { if (!OnlineUsers.CheckUserVerifyCode(olid, DNTRequest.GetString("vcode"))) { completeinfo = "验证码错误,请重新输入"; return; } if (commentcontent == "") { completeinfo = "请输入评论内容"; return; } SpacePostInfo __spacepostinfo = BlogProvider.GetSpacepostsInfo(Space.Data.DbProvider.GetInstance().GetSpacePost(postid)); if (__spacepostinfo.CommentStatus == 1) { completeinfo = "当前日志不允许评论"; return; } if ((__spacepostinfo.CommentStatus == 2) && (userid < 1)) { completeinfo = "当前日志仅允许注册用户评论"; return; } SpaceCommentInfo __spacecommentinfo = new SpaceCommentInfo(); __spacecommentinfo.PostID = postid; __spacecommentinfo.Author = Utils.HtmlEncode(commentauthor != ""?commentauthor:"匿名"); __spacecommentinfo.Email = Utils.HtmlEncode(commentemail); __spacecommentinfo.Url = commenturl; __spacecommentinfo.Ip = DNTRequest.GetIP(); __spacecommentinfo.PostDateTime = DateTime.Now; __spacecommentinfo.Content = Utils.HtmlEncode(ForumUtils.BanWordFilter(commentcontent)); __spacecommentinfo.ParentID = 0; __spacecommentinfo.Uid = (commentauthor == username) ? userid: -1; __spacecommentinfo.PostTitle = Utils.HtmlEncode(ForumUtils.BanWordFilter(__spacepostinfo.Title)); Space.Data.DbProvider.GetInstance().AddSpaceComment(__spacecommentinfo); Space.Data.DbProvider.GetInstance().CountUserSpaceCommentCountByUserID(__spacepostinfo.Uid, 1); Space.Data.DbProvider.GetInstance().CountSpaceCommentCountByPostID(postid, 1); if (DNTRequest.GetString("notice") == "true") { SendSpaceCommentNotice(__spacecommentinfo); } }
public void VerifyLoginInf() { if (!OnlineUsers.CheckUserVerifyCode(olid, DNTRequest.GetString("vcode"))) { Response.Redirect("syslogin.aspx?result=3"); return; } DataTable dt = new DataTable(); if (config.Passwordmode == 1) { int uid = Discuz.Forum.Users.CheckDvBbsPassword(DNTRequest.GetString("username"), DNTRequest.GetString("password")); dt = DatabaseProvider.GetInstance().GetUserInfo(uid); } else { dt = DatabaseProvider.GetInstance().GetUserInfo(UserName.Text.Trim(), Utils.MD5(PassWord.Text.Trim())); } if (dt.Rows.Count > 0) { UserGroupInfo usergroupinfo = AdminUserGroups.AdminGetUserGroupInfo(Convert.ToInt32(dt.Rows[0]["groupid"].ToString())); if (usergroupinfo.Radminid == 1) { ForumUtils.WriteUserCookie(Convert.ToInt32(dt.Rows[0]["uid"].ToString().Trim()), 1440, GeneralConfigs.GetConfig().Passwordkey); int userid = Convert.ToInt32(dt.Rows[0]["uid"].ToString().Trim()); string username = UserName.Text.Trim(); int usergroupid = Convert.ToInt16(dt.Rows[0]["groupid"].ToString().Trim()); string secques = dt.Rows[0]["secques"].ToString().Trim(); string ip = DNTRequest.GetIP(); UserGroupInfo __usergroupinfo = AdminUserGroups.AdminGetUserGroupInfo(usergroupid); string grouptitle = __usergroupinfo.Grouptitle; HttpCookie cookie = new HttpCookie("dntadmin"); cookie.Values["key"] = ForumUtils.SetCookiePassword(Utils.MD5(PassWord.Text.Trim()) + secques + userid.ToString(), config.Passwordkey); cookie.Expires = DateTime.Now.AddMinutes(30); HttpContext.Current.Response.AppendCookie(cookie); AdminVistLogs.InsertLog(userid, username, usergroupid, grouptitle, ip, "后台管理员登陆", ""); try { SoftInfo.LoadSoftInfo(); } catch { Response.Write("<script type=\"text/javascript\">top.location.href='index.aspx';</script>"); Response.End(); } //升级general.config文件 try { GeneralConfigs.Serialiaze(GeneralConfigs.GetConfig(), Server.MapPath("../config/general.config")); } catch { } Response.Write("<script type=\"text/javascript\">top.location.href='index.aspx';</script>"); Response.End(); return; } else { Response.Redirect("syslogin.aspx?result=2"); return; } } else { Response.Redirect("syslogin.aspx?result=1"); return; } }