/// <summary> /// 验证密码是否正确 /// </summary> /// <param name="password">密码字符串</param> /// <returns>正确返回true,否则返回false</returns> public bool ComparePassword(string password) { try { string encryptPasswordBase64 = HisEncryption.EncodeString(_passwordKey, HisEncryption.PasswordLength, password); return(encryptPasswordBase64 == m_Password); } catch (Exception ex) { throw new Exception(ex.Message); } }
/// <summary> /// 改变用户密码 /// </summary> /// <param name="user">User对象</param> /// <param name="oldPassword">原密码</param> /// <param name="newPassword">新密码</param> public void ChangeUserPassword(Users user, string oldPassword, string newPassword) { try { if (user == null) { throw new ArgumentNullException("user", Resources.UserInfoIsNull); } if (user.ComparePassword(oldPassword)) { DateTime now = DateTime.Now; string encryptDateTime = now.ToString("yyyyMMdd") + now.ToString("T"); string encryptNewPassword = HisEncryption.EncodeString( encryptDateTime, HisEncryption.PasswordLength, newPassword); //***********************************Modified By wwj 2011-06-07************************************* //DataAccessFactory.DefaultDataAccess.ExecuteNoneQuery(string.Format(UpdateCZRYK, encryptNewPassword, encryptDateTime, user.ID)); SqlParameter[] sqlParam = new SqlParameter[] { new SqlParameter("@ID", SqlDbType.VarChar), new SqlParameter("@Passwd", SqlDbType.VarChar), new SqlParameter("@RegDate", SqlDbType.VarChar) }; sqlParam[0].Value = user.Id; sqlParam[1].Value = encryptNewPassword; sqlParam[2].Value = encryptDateTime; sql_helper.ExecuteNoneQuery("usp_UpdateUserPassword", sqlParam, CommandType.StoredProcedure); //*************************************************************************************************** user.Password = newPassword; user.PasswordKey = encryptNewPassword; } else { throw new InvalidUserPasswordException("原密码不正确"); } } catch (Exception ex) { throw new Exception(ex.Message); } }