private static UserInfo DataReader2UserInfo(IDataReader reader)
{
UserInfo info = new UserInfo();
info.Uid = Convert.ToInt32(reader["uid"]);
info.Username = reader["username"].ToString();
info.Password = reader["password"].ToString();
info.Groupid = Convert.ToInt32(reader["groupid"]);
info.Adminid = Convert.ToInt32(reader["adminid"]);
info.Qq = reader["qq"].ToString();
info.Email = reader["email"].ToString();
info.Secquestion = reader["secques"].ToString();
info.Secanswer = reader["secans"].ToString();
info.Msn = reader["msn"].ToString();
info.Hi = reader["hi"].ToString();
info.Nickname = reader["nickname"].ToString();
info.Realname = reader["realname"].ToString();
info.Bdday = Convert.ToDateTime(reader["bdday"]).ToString("yyyy-MM-dd");
info.Regip = reader["regip"].ToString();
info.Regdate = Convert.ToDateTime(reader["regdate"]).ToString("yyyy-MM-dd");
info.Lastlogip = reader["lastlogip"].ToString();
info.Lastlogdate = Convert.ToDateTime(reader["lastlogdate"]).ToString("yyyy-MM-dd");
info.Del = Convert.ToInt32(reader["del"]);
info.Articlecount = Convert.ToInt32(reader["articlecount"]);
info.Topiccount = Convert.ToInt32(reader["topiccount"]);
info.Replycount = Convert.ToInt32(reader["replycount"]);
return info;
}
public void EditUser(UserInfo info)
{
DbParameter[] dbparams =
{
DbHelper.MakeInParam("?uid", (DbType)MySqlDbType.String, 4, info.Uid),
DbHelper.MakeInParam("?username", (DbType)MySqlDbType.String, 100, info.Username),
DbHelper.MakeInParam("?password", (DbType)MySqlDbType.String, 100, info.Password),
DbHelper.MakeInParam("?groupid", (DbType)MySqlDbType.Int32, 4, info.Groupid),
DbHelper.MakeInParam("?adminid", (DbType)MySqlDbType.Int32, 4, info.Adminid),
DbHelper.MakeInParam("?qq", (DbType)MySqlDbType.String, 100, info.Qq),
DbHelper.MakeInParam("?email", (DbType)MySqlDbType.String, 100, info.Email),
DbHelper.MakeInParam("?secques", (DbType)MySqlDbType.String, 50, info.Secquestion),
DbHelper.MakeInParam("?secans", (DbType)MySqlDbType.String, 32, info.Secanswer),
DbHelper.MakeInParam("?msn", (DbType)MySqlDbType.String, 100, info.Msn),
DbHelper.MakeInParam("?hi", (DbType)MySqlDbType.String, 100, info.Hi),
DbHelper.MakeInParam("?nickname", (DbType)MySqlDbType.String, 100, info.Nickname),
DbHelper.MakeInParam("?realname", (DbType)MySqlDbType.String, 100, info.Realname),
DbHelper.MakeInParam("?regip", (DbType)MySqlDbType.String, 100, info.Regip),
DbHelper.MakeInParam("?del", (DbType)MySqlDbType.Int32, 4, info.Del),
DbHelper.MakeInParam("?articlecount", (DbType)MySqlDbType.Int32, 4, info.Articlecount),
DbHelper.MakeInParam("?topiccount", (DbType)MySqlDbType.Int32, 4, info.Topiccount),
DbHelper.MakeInParam("?replycount", (DbType)MySqlDbType.Int32, 4, info.Replycount),
DbHelper.MakeInParam("?lastlogip", (DbType)MySqlDbType.String, 100, info.Lastlogip),
DbHelper.MakeInParam("?bdday", (DbType)MySqlDbType.Datetime, 8, info.Bdday),
DbHelper.MakeInParam("?lastlogdate", (DbType)MySqlDbType.Datetime, 8, info.Lastlogdate),
DbHelper.MakeInParam("?regdate", (DbType)MySqlDbType.Datetime, 8, info.Regdate)
};
DbHelper.ExecuteNonQuery(CommandType.Text, "UPDATE wy_users SET username=?username,password=?password,groupid=?groupid,adminid=?adminid,qq=?qq,email=?email,secques=?secques,secans=?secans,msn=?msn,hi=?hi,nickname=?nickname,realname=?realname,regip=?regip,del=?del,articlecount=?articlecount,topiccount=?topiccount,replycount=?replycount,lastlogip=?lastlogip,bdday=?bdday,lastlogdate=?lastlogdate,regdate=?regdate WHERE uid=?uid", dbparams);
}
public void AddUser(UserInfo info)
{
DbParameter[] dbparams =
{
DbHelper.MakeInParam("?username", (DbType)MySqlDbType.String, 100, info.Username),
DbHelper.MakeInParam("?password", (DbType)MySqlDbType.String, 100, info.Password),
DbHelper.MakeInParam("?groupid", (DbType)MySqlDbType.Int32, 4, info.Groupid),
DbHelper.MakeInParam("?adminid", (DbType)MySqlDbType.Int32, 4, info.Adminid),
DbHelper.MakeInParam("?qq", (DbType)MySqlDbType.String, 100, info.Qq),
DbHelper.MakeInParam("?email", (DbType)MySqlDbType.String, 100, info.Email),
DbHelper.MakeInParam("?secques", (DbType)MySqlDbType.String, 50, info.Secquestion),
DbHelper.MakeInParam("?secans", (DbType)MySqlDbType.String, 32, info.Secanswer),
DbHelper.MakeInParam("?msn", (DbType)MySqlDbType.String, 100, info.Msn),
DbHelper.MakeInParam("?hi", (DbType)MySqlDbType.String, 100, info.Hi),
DbHelper.MakeInParam("?nickname", (DbType)MySqlDbType.String, 100, info.Nickname),
DbHelper.MakeInParam("?realname", (DbType)MySqlDbType.String, 100, info.Realname),
DbHelper.MakeInParam("?regip", (DbType)MySqlDbType.String, 100, info.Regip),
DbHelper.MakeInParam("?del", (DbType)MySqlDbType.Int32, 4, info.Del),
DbHelper.MakeInParam("?articlecount", (DbType)MySqlDbType.Int32, 4, info.Articlecount),
DbHelper.MakeInParam("?topiccount", (DbType)MySqlDbType.Int32, 4, info.Topiccount),
DbHelper.MakeInParam("?replycount", (DbType)MySqlDbType.Int32, 4, info.Replycount),
DbHelper.MakeInParam("?lastlogip", (DbType)MySqlDbType.String, 100, info.Lastlogip),
DbHelper.MakeInParam("?bdday", (DbType)MySqlDbType.Datetime, 8, info.Bdday),
DbHelper.MakeInParam("?lastlogdate", (DbType)MySqlDbType.Datetime, 8, info.Lastlogdate),
DbHelper.MakeInParam("?regdate", (DbType)MySqlDbType.Datetime, 8, info.Regdate)
};
DbHelper.ExecuteNonQuery(CommandType.Text, "INSERT INTO wy_users(username,password,groupid,adminid,qq,email,secques,secans,msn,hi,nickname,realname,regip,del,articlecount,topiccount,replycount,lastlogip,bdday,lastlogdate,regdate) VALUES(?username,?password,?groupid,?adminid,?qq,?email,?secques,?secans,?msn,?hi,?nickname,?realname,?regip,?del,?articlecount,?topiccount,?replycount,?lastlogip,?bdday,?lastlogdate,?regdate)", dbparams);
}
public void EditUser(UserInfo info)
{
DbParameter[] dbparams =
{
DbHelper.MakeInParam("@uid", DbType.String, 4, info.Uid),
DbHelper.MakeInParam("@username", DbType.String, 100, info.Username),
DbHelper.MakeInParam("@password", DbType.String, 100, info.Password),
DbHelper.MakeInParam("@groupid", DbType.Int32, 4, info.Groupid),
DbHelper.MakeInParam("@adminid", DbType.Int32, 4, info.Adminid),
DbHelper.MakeInParam("@qq", DbType.String, 100, info.Qq),
DbHelper.MakeInParam("@email", DbType.String, 100, info.Email),
DbHelper.MakeInParam("@secques", DbType.String, 50, info.Secquestion),
DbHelper.MakeInParam("@secans", DbType.String, 32, info.Secanswer),
DbHelper.MakeInParam("@msn", DbType.String, 100, info.Msn),
DbHelper.MakeInParam("@hi", DbType.String, 100, info.Hi),
DbHelper.MakeInParam("@nickname", DbType.String, 100, info.Nickname),
DbHelper.MakeInParam("@realname", DbType.String, 100, info.Realname),
DbHelper.MakeInParam("@regip", DbType.String, 100, info.Regip),
DbHelper.MakeInParam("@del", DbType.Int32, 4, info.Del),
DbHelper.MakeInParam("@articlecount", DbType.Int32, 4, info.Articlecount),
DbHelper.MakeInParam("@topiccount", DbType.Int32, 4, info.Topiccount),
DbHelper.MakeInParam("@replycount", DbType.Int32, 4, info.Replycount),
DbHelper.MakeInParam("@lastlogip", DbType.String, 100, info.Lastlogip),
DbHelper.MakeInParam("@bdday", DbType.DateTime, 8, info.Bdday),
DbHelper.MakeInParam("@lastlogdate", DbType.DateTime, 8, info.Lastlogdate),
DbHelper.MakeInParam("@regdate", DbType.DateTime, 8, info.Regdate)
};
DbHelper.ExecuteNonQuery(CommandType.Text, "UPDATE wy_users SET username=@username,password=@password,groupid=@groupid,adminid=@adminid,qq=@qq,email=@email,secques=@secques,secans=@secans,msn=@msn,hi=@hi,nickname=@nickname,realname=@realname,regip=@regip,del=@del,articlecount=@articlecount,topiccount=@topiccount,replycount=@replycount,lastlogip=@lastlogip,bdday=@bdday,lastlogdate=@lastlogdate,regdate=@regdate WHERE uid=@uid", dbparams);
}
public void AddUser(UserInfo info)
{
DbParameter[] dbparams =
{
DbHelper.MakeInParam("@username", DbType.String, 100, info.Username),
DbHelper.MakeInParam("@password", DbType.String, 100, info.Password),
DbHelper.MakeInParam("@groupid", DbType.Int32, 4, info.Groupid),
DbHelper.MakeInParam("@adminid", DbType.Int32, 4, info.Adminid),
DbHelper.MakeInParam("@qq", DbType.String, 100, info.Qq),
DbHelper.MakeInParam("@email", DbType.String, 100, info.Email),
DbHelper.MakeInParam("@secques", DbType.String, 50, info.Secquestion),
DbHelper.MakeInParam("@secans", DbType.String, 32, info.Secanswer),
DbHelper.MakeInParam("@msn", DbType.String, 100, info.Msn),
DbHelper.MakeInParam("@hi", DbType.String, 100, info.Hi),
DbHelper.MakeInParam("@nickname", DbType.String, 100, info.Nickname),
DbHelper.MakeInParam("@realname", DbType.String, 100, info.Realname),
DbHelper.MakeInParam("@regip", DbType.String, 100, info.Regip),
DbHelper.MakeInParam("@del", DbType.Int32, 4, info.Del),
DbHelper.MakeInParam("@articlecount", DbType.Int32, 4, info.Articlecount),
DbHelper.MakeInParam("@topiccount", DbType.Int32, 4, info.Topiccount),
DbHelper.MakeInParam("@replycount", DbType.Int32, 4, info.Replycount),
DbHelper.MakeInParam("@lastlogip", DbType.String, 100, info.Lastlogip),
DbHelper.MakeInParam("@bdday", DbType.DateTime, 8, info.Bdday),
DbHelper.MakeInParam("@lastlogdate", DbType.DateTime, 8, info.Lastlogdate),
DbHelper.MakeInParam("@regdate", DbType.DateTime, 8, info.Regdate)
};
DbHelper.ExecuteNonQuery(CommandType.Text, "INSERT INTO wy_users(username,password,groupid,adminid,qq,email,secques,secans,msn,hi,nickname,realname,regip,del,articlecount,topiccount,replycount,lastlogip,bdday,lastlogdate,regdate) VALUES(@username,@password,@groupid,@adminid,@qq,@email,@secques,@secans,@msn,@hi,@nickname,@realname,@regip,@del,@articlecount,@topiccount,@replycount,@lastlogip,@bdday,@lastlogdate,@regdate)", dbparams);
}
protected override void Page_Show()
{
pagetitle = "注册用户";
UserInfo userinfo = GetUserInfo();
if (userinfo != null)
{
ShowError("注册用户", "您已经登录了,请不要重复注册帐号!", "", "usercontrolpanel.aspx");
}
if (ispost)
{
string email = YRequest.GetString("email");
string password = YRequest.GetString("password");
string username = YRequest.GetString("username");
string secquestion = YRequest.GetString("secretquestion");
string secanswer = YRequest.GetString("secretanswer");
if (email != string.Empty && password != string.Empty && username != string.Empty)
{
if (Users.GetUserInfo(username, 1) != null)
{
ShowError("注册用户", "注册失败,用户名已存在!", "", "");
}
else if (Users.GetUserInfo(email, 0) != null)
{
ShowError("注册用户", "注册失败,Email已存在!", "", "");
}
if (secquestion == string.Empty || secanswer == string.Empty)
{
ShowError("注册用户", "注册失败,找回密码提示或答案为空.请填写完整以保障帐号安全!", "", "");
}
UserInfo info = new UserInfo();
info.Adminid = 0;
info.Articlecount = 0;
info.Bdday = DateTime.Now.ToString("yyyy-MM-dd hh:mm:ss");
info.Del = 0;
info.Email = email;
info.Secquestion = secquestion;
info.Secanswer = Natsuhime.Common.Utils.MD5(secanswer);
info.Groupid = 1;
info.Hi = "";
info.Lastlogdate = DateTime.Now.ToString("yyyy-MM-dd hh:mm:ss");
info.Lastlogip = "";
info.Msn = "";
info.Nickname = username;
info.Password = Natsuhime.Common.Utils.MD5(password);
info.Qq = "";
info.Realname = "";
info.Regdate = DateTime.Now.ToString("yyyy-MM-dd hh:mm:ss");
info.Regip = YRequest.GetIP();
info.Replycount = 0;
info.Topiccount = 0;
info.Username = username;
Users.AddUser(info);
ShowMsg("注册用户", "注册帐号成功,跳转到用户中心.", "", "usercontrolpanel.aspx");
}
}
}
protected override void Page_Show()
{
userinfo = GetUserInfo();
if (userinfo == null)
{
ShowError("用户中心", "身份验证失败,请登录后再访问用户中心,谢谢~", "", "login.aspx");
}
else
{
pagetitle = string.Format("{0}的用户中心", userinfo.Username);
int pageid = YRequest.GetInt("pageid", 1);
int pagecount = Articles.GetUserArticleCollectionPageCount(userinfo.Uid, 8);
pagecounthtml = Utils.GetPageNumbersHtml(pageid, pagecount, "usercontrolpanel.aspx", 8, "pageid", "");
myarticlelist = Articles.GetUserArticleCollection(userinfo.Uid, 8, pageid);
if (ispost)
{
string oldpassword = YRequest.GetString("oldpassword");
string newpassword = YRequest.GetString("newpassword");
string newpassword2 = YRequest.GetString("newpassword2");
if (newpassword == newpassword2)
{
string newMD5Password = Natsuhime.Common.Utils.MD5(oldpassword);
if (newMD5Password == userinfo.Password)
{
userinfo.Password = newMD5Password;
Users.EditUser(userinfo);
ShowMsg("用户中心", "", "修改密码修改成功.", "");
}
else
{
ShowError("用户中心", "修改密码失败,旧密码验证错误!请检查是否输入正确,大小写锁定键是否被打开等.", "", "");
}
}
else
{
ShowError("用户中心", "修改密码失败,两次输入的新密码不一致.", "", "");
}
}
}
}
protected bool CheckAdminLogin()
{
HttpCookie cookie = System.Web.HttpContext.Current.Request.Cookies["cmsnt"];
userinfo = null;
if (cookie != null && cookie.Values["userid"] != null && cookie.Values["password"] != null)
{
int uid = Convert.ToInt32(cookie.Values["userid"]);
string password = cookie.Values["password"].ToString().Trim();
if (uid > 0 && password != string.Empty)
{
userinfo = LiteCMS.Core.Users.GetUserInfo(uid, password);
}
}
if (userinfo != null)
{
HttpCookie admincookie = Request.Cookies["cmsntadmin"];
admininfo = null;
if (admincookie != null && admincookie.Values["adminid"] != null && admincookie.Values["password"] != null)
{
int adminid = Convert.ToInt32(admincookie.Values["adminid"]);
string password = admincookie.Values["password"].ToString().Trim();
if (adminid > 0 && password != string.Empty)
{
//admininfo todo
admininfo = Admins.GetAdminInfo(adminid, password);
if (admininfo != null && admininfo.Uid == userinfo.Uid)
{
admincookie.Expires = DateTime.Now.AddMinutes(20d);
Response.AppendCookie(admincookie);
adminpath = admincookie.Values["path"].ToString().Trim();
return true;
}
}
}
}
adminpath = "";
return false;
}
public static void EditUser(UserInfo info)
{
DatabaseProvider.GetInstance().EditUser(info);
}
