whm
/
myshippingweb
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
main
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'd504895649'
${ noResults }
myshippingweb/Sources/mld/web/Web/Site/index.aspx.cs

675 lines
27 KiB
C#
Raw Normal View History Unescape Escape

从svn移植
1 year ago
using System;
using System.Collections.Generic;
using System.Data.SqlClient;
using System.IO;
using System.Linq;
using System.Net;
using System.Net.Mail;
using System.Net.Mime;
using System.Text;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using web.Classes;
namespace web.Web.Site
{
public partial class index : System.Web.UI.Page
{
public List<HomePagePartModel> _PageData;
public string _CopyRight;
protected void Page_Load(object sender, EventArgs e)
{
if (Request["action"]=="sign")
{
string msg = "";
string phone = Request["phone"];
string pwd = Request["pwd"];
string pwd2 = Request["pwd2"];
string msgcode = Request["vcode"];
string email = Request["email"];
string comname = Request["comname"];
string username = Request["username"];
string realname = Request["realname"];
string yaoqingma = Request["yaoqingma"];
string gslx = Request["gslx"];
string COMTYPE = Request["COMTYPE"];
var cscode = Request["c"];
if (cscode==null||cscode=="")
{
cscode = "";
}
string imgpath = "";
if (Request.Files.Count > 0)
{
var file = Request.Files[0];
if (file != null)//验证是否包含文件
{
//取得文件的扩展名,并转换成小写
if (true)
{
//对上传文件的大小进行检测限定文件最大不超过8M
if (file.ContentLength < 8192000)
{
string timeStr = DateTime.Now.ToString("yyyyMMdd_HHmmss");
string filepath = Server.MapPath("/UserInfo/img/");
if (Directory.Exists(filepath) == false)//如果不存在就创建file文件夹
{
Directory.CreateDirectory(filepath);
}
string savePath = filepath + timeStr + ".jpg";
file.SaveAs(savePath);
imgpath = savePath;
}
else
{
msg = "文件大小超出8M请重新选择";
}
}
}
}
UserSign(phone, email, pwd, pwd2, msgcode, comname,username,realname,imgpath,yaoqingma,cscode, gslx,COMTYPE.Trim(),out msg);
Response.Write(msg);
Response.End();
}
else if (Request["action"] == "code")
{
string msg = "";
string phone = Request["phone"];
string code= getAndSendCode(phone,out msg);
Response.Write(msg);
Response.End();
}
else if (Request["action"]== "suggest")
{
string msg = Request["msg"];
string mail = Request["mail"];
string name = Request["name"];
string rst = MailSuggestion(msg, mail,name);
Response.Write(rst);
Response.End();
}
else if (Request["action"]=="forgot")
{
string phone = Request["phone"];
string pwd = Request["pwd"];
string pwd2 = Request["pwd2"];
string msgcode = Request["vcode"];
string username = Request["username"];
string msg = ChangePwd(username,pwd,phone,msgcode);
Response.Write(msg);
Response.End();
}
else if (Request["action"]=="checkusername")
{
string username = Request["username"];
bool rst = checkUserName(username);
if (rst)
{
Response.Write("{\"valid\":true}");
Response.End();
}
else
{
Response.Write("{\"valid\":false}");
Response.End();
}
}
else if (Request["action"] == "checkphone")
{
string phone = Request["phone"];
bool rst = checkPhone(phone);
if (rst)
{
Response.Write("{\"valid\":true}");
Response.End();
}
else
{
Response.Write("{\"valid\":false}");
Response.End();
}
}
else
{
_PageData = GetDataList();
GetCopyRight();
}
}
private bool checkUserName(string username) {
string sql = "select count(*) from [user] where codename = '" + username + "'";
return !(Convert.ToInt32(SQLHelperDS.ExcuteScalarSQL(sql)) > 0);
}
private bool checkPhone(string phone)
{
string sql = "select count(*) from user_baseinfo where mobile = '" + phone + "'";
return !(Convert.ToInt32(SQLHelperDS.ExcuteScalarSQL(sql)) > 0);
}
private string ChangePwd(string username, string pwd, string phone, string msgcode)
{
if (CheckMsgCode(phone, msgcode))
{
string sql = @"select count(*) from [user] u
left join user_baseinfo ub on u.GID = ub.USERID
where u.CODENAME = @CODENAME and ub.MOBILE = @MOBILE ";
SqlParameter p1 = new SqlParameter("@CODENAME", username);
SqlParameter p2 = new SqlParameter("@MOBILE", phone);
SqlParameter p3 = new SqlParameter("@password", pwd);
SqlParameter p4 = new SqlParameter("@CODENAME", username);
SqlParameter[] sp = new SqlParameter[] { p1,p2};
int rst = Convert.ToInt32(SQLHelperDS.ExcuteScalarSQL(sql, sp));
if (rst>0)
{
string updSql = @"update [user] set password = @password where codename = @CODENAME";
SqlParameter[] sp2 = new SqlParameter[] { p4, p3 };
int cnt = SQLHelperDS.ExcuteSQL(updSql,sp2);
return cnt > 0 ? "更改成功" : "更改失败,请联系管理员!";
}
else
{
return "用户名与手机号不匹配!";
}
}
else
{
return "验证码错误!";
}
}
private string MailSuggestion(string msg,string mail,string name)
{
try
{
string title = "平台意见建议";
string content = "姓名:"+name+"<br>联系方式:" + mail + "<br>内容:<br>" + msg + "<br>";
SendMailWithInfo(title, content, "平台意见", "衣国豪");
return "谢谢您的支持!";
}
catch (Exception)
{
return "谢谢您的支持!";
throw;
}
}
private List<HomePagePartModel> GetDataList() {
string sql = "select * from HomePageSetting";
List<HomePagePartModel> list = new List<HomePagePartModel>();
using (SqlDataReader reader = SQLHelper.GetReader(sql))
{
while (reader.Read())
{
HomePagePartModel m = new HomePagePartModel();
m.id = Convert.ToInt32(reader["id"]);
m.PageName = reader["PageName"].ToString();
m.PartName = reader["PartName"].ToString();
m.PartTitle = reader["PartTitle"].ToString();
m.PartSubTitle = reader["PartSubTitle"].ToString();
m.PartContent = reader["PartContent"].ToString();
m.PartImage = reader["PartImage"].ToString();
m.OrderIndex = Convert.ToInt32(reader["OrderIndex"]);
m.UpdateTime = reader["UpdateTime"].ToString();
list.Add(m);
}
}
return list;
}
private void GetCopyRight()
{
string sql = "select content from BaseInfo where name = 'copyright'";
string right = SQLHelper.ExcuteScalarSQL(sql).ToString();
_CopyRight = right;
}
private bool UserSign(string phone,string email,string password,string passwordRe,
string msgcode,string comname,string username,string realname,string picPath,string yaoqingma,string cscode,string authUserid, string COMTYPE, out string msg) {
msg = "";
bool exRst = false;
if (CheckMsgCode(phone, msgcode))
{
//入库
string sql1 = "select count(*) from [user] where codename = '" + username + "'";
string sql2 = "select count(*) from user_baseinfo where mobile = '" + phone + "'";
string comid = "";
string compname = "";
bool hadYaoQingMa = GetComIdInfoWithYaoQingMa(yaoqingma, out comid, out compname);
if (Convert.ToInt32(SQLHelperDS.ExcuteScalarSQL(sql1)) > 0)
{
msg = "该用户名已被占用!";
return false;
}
else
{
if (Convert.ToInt32(SQLHelperDS.ExcuteScalarSQL(sql2)) > 0)
{
msg = "该手机号已被占用!";
return false;
}
else
{
string uid = Guid.NewGuid().ToString();
StringBuilder sbIns = new StringBuilder();
sbIns.Append("insert into [user] (gid,username,codename,password,showname,comname,yaoqingma,cscode,COMTYPE)");
sbIns.Append(" values ");
sbIns.Append("('" + uid + "',");
sbIns.Append("'',");
sbIns.Append("'" + username + "',");
sbIns.Append("'" + password + "',");
sbIns.Append("'" + realname + "',");
sbIns.Append("'" + comname + "',");
sbIns.Append("'" + yaoqingma + "',");
sbIns.Append("'" + cscode + "',");
sbIns.Append("'" + COMTYPE + "')");
if (SQLHelperDS.ExcuteSQL(sbIns.ToString()) > 0)
{
StringBuilder sbIns2 = new StringBuilder();
sbIns2.Append("insert into user_baseinfo (gid,userid,companyname,deptname,mobile,email1) ");
sbIns2.Append(" values ");
sbIns2.Append("('" + Guid.NewGuid().ToString() + "',");
sbIns2.Append("'"+uid+"',");
if (compname=="")
{
sbIns2.Append("'MYSHIPPING',");
}
else
{
sbIns2.Append("'"+ compname + "',");
}
if (hadYaoQingMa)
{
sbIns2.Append("'操作部',");
}
else
{
sbIns2.Append("'客户部',");
}
sbIns2.Append("'" + phone + "',");
sbIns2.Append("'" + email + "')");
if (SQLHelperDS.ExcuteSQL(sbIns2.ToString()) > 0)
{
if (comid=="")
{
comid = "Com3d0c29b8680c4462a89cc63327cb5c1e";
}
StringBuilder sbIns3 = new StringBuilder();
sbIns3.Append("insert into user_company ");
sbIns3.Append(" values ");
sbIns3.Append("('" + Guid.NewGuid().ToString() + "',");
sbIns3.Append("'" + comid + "',");
sbIns3.Append("'" + uid + "')");
if (SQLHelperDS.ExcuteSQL(sbIns3.ToString()) > 0)
{
//权限
StringBuilder sbIns4 = new StringBuilder();
sbIns4.Append("insert into user_userattribute values (NEWID(),'"+uid+"','2E5E6066-1C5D-4B04-BF8C-56637C20FC8C','true')");
if (SQLHelperDS.ExcuteSQL(sbIns4.ToString()) > 0)
{
string tempUserId = "999999";
if (comid== "Come190e77e76d744248ccac709630c21d3")
{
//青岛华途
tempUserId = "bb4d2af2-63ea-4a1e-854a-a252cd1c301c";
}
else
{
tempUserId = authUserid;
}
StringBuilder sbIns5 = new StringBuilder();
sbIns5.Append("insert into user_action (gid,actionid,userid,createuser,createtime,modifiedtime)");
sbIns5.Append(" SELECT NEWID(),ACTIONID,'" + uid + "','1BEC90E1-9780-472F-90C2-0C6390C044A4',GETDATE(),GETDATE() from user_action where USERID='"+ tempUserId + "'");
if (SQLHelperDS.ExcuteSQL(sbIns5.ToString()) > 0)
{
//可视范围
StringBuilder sbIns6 = new StringBuilder();
sbIns6.Append("insert into user_authority_range (GID,USERID,AUTHORITYID,VISIBLERANGE,OPERATERANGE,CREATEUSER,CREATETIME,MODIFIEDTIME)");
sbIns6.Append(" select NEWID(),'"+uid+"',AUTHORITYID,VISIBLERANGE,OPERATERANGE,CREATEUSER,GETDATE(),GETDATE() from user_authority_range where USERID = '"+ tempUserId + "'");
if (SQLHelperDS.ExcuteSQL(sbIns6.ToString()) > 0)
{
//发送注册信息给管理员邮箱
string title = "平台注册成功 " + comname + "-" + realname;
StringBuilder sb = new StringBuilder();
sb.Append("手机:" + phone + "<br>");
sb.Append("邮箱:" + email + "<br>");
sb.Append("密码:" + password + "<br>");
sb.Append("公司名称:" + comname + "<br>");
sb.Append("用户名:" + username + "<br>");
sb.Append("真实姓名:" + realname + "<br>");
sb.Append("邀请码:" + yaoqingma + "<br>");
sb.Append("销售代码:" + cscode + "<br>");
SendMailWithInfo(title, sb.ToString(), "平台注册", "衣国豪", picPath);
string ctitle = "MYSHIPPING平台注册成功";
string ccontent =" 您好您在MyShipping注册的账号已生效登陆ID"+username+"或"+phone+ ",密码:"+password+ ",请妥善保管,为提升您的使用体验,建议使用谷歌浏览器,谢谢支持!";
SendMailToCustWithInfo(email,ctitle,ccontent,"MYSHIPPING",realname);
msg = "success";
return true;
}
else
{
msg = "注册错误,代码:6";
return false;
}
}
else
{
msg = "注册错误,代码:5";
return false;
}
}
else
{
msg = "注册错误,代码:4";
return false;
}
}
else
{
msg = "注册错误,代码:3";
return false;
}
}
else
{
msg = "注册错误,代码:2";
return false;
}
}
else
{
msg = "注册错误,代码:1";
return false;
}
}
}
}
else
{
msg = "验证码错误!";
return false;
}
}
private bool CheckMsgCode(string phone, string code)
{
string sql = "select top 1 vcode from phone_vcode where phone = '"+phone+ "' order by createtime desc";
var obj = SQLHelperDS.ExcuteScalarSQL(sql);
string dbcode = "";
if (obj!=DBNull.Value)
{
dbcode = obj.ToString();
if (dbcode==code)
{
return true;
}
else
{
return false;
}
}
else
{
return false;
}
}
private string getAndSendCode(string phone,out string msg)
{
if (getCodeValidate(phone))
{
string code = getCode(phone);
if (code != "")
{
msg = "验证码已发送!";
AliMessageTools.SendSignCodeMsg(phone, code);
}
else
{
msg = "验证码获取失败!";
}
return code;
}
else
{
msg = "请求次数过多!";
return "";
}
}
private string getCode(string phone)
{
Random r = new Random();
string code = r.Next(1000, 10000).ToString();
StringBuilder sb = new StringBuilder();
sb.Append("insert into phone_vcode (phone,vcode) values");
sb.Append("('"+phone+"','"+code+"')");
try
{
int rst = SQLHelperDS.ExcuteSQL(sb.ToString());
return rst > 0 ? code : "";
}
catch (Exception ex)
{
return "";
throw;
}
}
private bool getCodeValidate(string phone)
{
string sql = "select count(*) from phone_vcode where phone = '"+phone+ "' and datediff(MINUTE, createtime, getdate()) < 1";
int cnt = 0;
var obj = SQLHelperDS.ExcuteScalarSQL(sql);
if (obj!=DBNull.Value)
{
cnt = Convert.ToInt32(obj);
return cnt <= 1;
}
else
{
return false;
}
}
private static void SendMailWithInfo(string title, string context, string comname, string toname,string picPath="")
{
// SendEmail se = new SendEmail("dongshengsoft@dongshengsoft.com", "admin@dongshengsoft.com", "", "", title, context, false);
// se.SetSmtp("admin@dongshengsoft.com", "ds!@#)(*", "smtpcom.263xmail.com", 25, false,
//System.Net.Mail.MailPriority.Normal);
MailAddress mafrom = new MailAddress("dongshengcangdan@h8j.top", comname, Encoding.GetEncoding(936));
MailAddress mato = new MailAddress("yiguohao@dongshengsoft.com", toname, Encoding.GetEncoding(936));
using (var smtp = new SmtpClient())
//TO:
using (var mail = new MailMessage(mafrom, mato))
{
//附件
if (picPath!="")
{
var attach = new Attachment(picPath, MediaTypeNames.Application.Octet);
//设置ContentId
mail.Attachments.Add(attach);
}
//标题和内容注意设置编码因为默认编码是ASCII
mail.Subject = title;
mail.SubjectEncoding = Encoding.UTF8;
//HTML内容
mail.Body = context;
mail.BodyEncoding = Encoding.UTF8;
//指示改电子邮件内容是HTML格式
mail.IsBodyHtml = true;
//SMTP设置根据邮箱类型设置这里是Live Mail的SMTP服务器地址
smtp.Host = "smtpdm.aliyun.com";
smtp.Port = 80;
smtp.EnableSsl = false;
smtp.UseDefaultCredentials = false;
smtp.Credentials = new NetworkCredential("dongshengcangdan@h8j.top", "A1B2C3ds040201");
smtp.DeliveryMethod = SmtpDeliveryMethod.Network;
//发送
smtp.Send(mail);
}
}
private static void SendMailToCustWithInfo(string tomail,string title, string context, string comname, string toname, string picPath = "")
{
// SendEmail se = new SendEmail("dongshengsoft@dongshengsoft.com", "admin@dongshengsoft.com", "", "", title, context, false);
// se.SetSmtp("admin@dongshengsoft.com", "ds!@#)(*", "smtpcom.263xmail.com", 25, false,
//System.Net.Mail.MailPriority.Normal);
MailAddress mafrom = new MailAddress("dongshengcangdan@h8j.top", comname, Encoding.GetEncoding(936));
MailAddress mato = new MailAddress(tomail, toname, Encoding.GetEncoding(936));
using (var smtp = new SmtpClient())
//TO:
using (var mail = new MailMessage(mafrom, mato))
{
//附件
if (picPath != "")
{
var attach = new Attachment(picPath, MediaTypeNames.Application.Octet);
//设置ContentId
mail.Attachments.Add(attach);
}
//标题和内容注意设置编码因为默认编码是ASCII
mail.Subject = title;
mail.SubjectEncoding = Encoding.UTF8;
//HTML内容
mail.Body = context;
mail.BodyEncoding = Encoding.UTF8;
//指示改电子邮件内容是HTML格式
mail.IsBodyHtml = true;
//SMTP设置根据邮箱类型设置这里是Live Mail的SMTP服务器地址
smtp.Host = "smtpdm.aliyun.com";
smtp.Port = 80;
smtp.EnableSsl = false;
smtp.UseDefaultCredentials = false;
smtp.Credentials = new NetworkCredential("dongshengcangdan@h8j.top", "A1B2C3ds040201");
smtp.DeliveryMethod = SmtpDeliveryMethod.Network;
//发送
smtp.Send(mail);
}
}
private bool GetComIdInfoWithYaoQingMa(string yaoqingma,out string comid,out string comname)
{
if (yaoqingma=="")
{
comid = "";
comname = "";
return false;
}
string sql = "select count(*) from company where codename = '"+yaoqingma+"'";
try
{
int cnt = Convert.ToInt32(SQLHelperDS.ExcuteScalarSQL(sql));
if (cnt > 0)
{
string sql2 = "select gid+','+NAME from company where codename = '" + yaoqingma + "'";
string cominfo = Convert.ToString(SQLHelperDS.ExcuteScalarSQL(sql2));
string gid = cominfo.Split(',')[0];
string name = cominfo.Split(',')[1];
string sql3 = "select count(*) from sys_dept where linkid = '" + gid + "' and deptname = '操作部'";
if (Convert.ToInt32(SQLHelperDS.ExcuteScalarSQL(sql3)) <= 0)
{
string time = DateTime.Now.ToString("yyyy-MM-dd HH:mm:ss");
string sql4 = "insert into sys_dept values('" + Guid.NewGuid().ToString() + "','" + gid + "','01','操作部','','','','1BEC90E1-9780-472F-90C2-0C6390C044A4','" + time + "','1BEC90E1-9780-472F-90C2-0C6390C044A4','" + time + "','')";
SQLHelperDS.ExcuteScalarSQL(sql4);
}
comid = gid;
comname = name;
return true;
}
else
{
comid = "";
comname = "";
return false;
}
}
catch (Exception)
{
comid = "";
comname = "";
return false;
throw;
}
}
}
}