漏洞修复

1 month ago · 1075ecdf47
--- a/V7/Learun.Application.Organization/User/UserBLL.cs
+++ b/V7/Learun.Application.Organization/User/UserBLL.cs
@@ -1147,7 +1147,7 @@ namespace Learun.Application.Organization
                        {
                            userEntity = new UserEntity()
                            {
                                LoginMsg = "账户不存在!",
                                LoginMsg = "密码和账户名不匹配!",
                                LoginOk = false
                            };
                            return userEntity;
@@ -1157,7 +1157,7 @@ namespace Learun.Application.Organization
                    {
                        userEntity = new UserEntity()
                        {
                            LoginMsg = "账户不存在!",
                            LoginMsg = "密码和账户名不匹配!",
                            LoginOk = false
                        };
                        return userEntity;
@@ -1184,13 +1184,13 @@ namespace Learun.Application.Organization
                        }
                        else
                        {
                            userEntity.LoginMsg = "密码和账户名不匹配!";
                            userEntity.LoginMsg = "密码和账户名不匹配！";
                        }
                    }
                }
                else
                {
                    userEntity.LoginMsg = "账户被系统锁定,请联系管理员!";
                    userEntity.LoginMsg = "账户被系统锁定,请联系管理员！";
                }
                return userEntity;
            }
--- a/V7/Learun.Application.Web/Areas/EducationalAdministration/Controllers/StuInfoFreshController.cs
+++ b/V7/Learun.Application.Web/Areas/EducationalAdministration/Controllers/StuInfoFreshController.cs
@@ -34,6 +34,7 @@ namespace Learun.Application.Web.Areas.EducationalAdministration.Controllers
        private AccommodationIBLL accommodationIBLL = new AccommodationBLL();
        private CdMajorIBLL cdMajorIBLL = new CdMajorBLL();
        private CdDeptIBLL cdDeptIBLL = new CdDeptBLL();
        private ModuleIBLL moduleIBLL = new ModuleBLL();

        #region  视图功能

@@ -322,6 +323,18 @@ namespace Learun.Application.Web.Areas.EducationalAdministration.Controllers
        [AjaxOnly]
        public ActionResult GetPageList(string pagination, string queryJson)
        {
            var menu = moduleIBLL.GetModuleList();
            if (!menu.Any(x => x.F_UrlAddress == "/EducationalAdministration/StuInfoFresh/StatusView"))
            {
                var jData = new
                {
                    rows = new List<StuInfoFreshEntity>(),
                    total = 0,
                    page = 1,
                    records = 0
                };
                return Success(jData);
            }
            Pagination paginationobj = pagination.ToObject<Pagination>();
            var data = stuInfoFreshIBLL.GetPageList(paginationobj, queryJson);
            var jsonData = new
--- a/V7/Learun.Application.Web/Controllers/LoginController.cs
+++ b/V7/Learun.Application.Web/Controllers/LoginController.cs
@@ -527,7 +527,7 @@ namespace Learun.Application.Web.Controllers
                var needlockaccount = userBll.GetEntityByMobile(username);
                userBll.UpdateState(needlockaccount.F_UserId,0);
                OperatorHelper.Instance.ClearCurrentErrorNum();
                return Fail("密码错误次数过多，账户已被锁定！");
                return Fail("账户已被锁定！");
            }

            #region  内部账户验证
@@ -1053,7 +1053,11 @@ namespace Learun.Application.Web.Controllers
                {
                    return CustomerIP;
                }

                CustomerIP = System.Web.HttpContext.Current.Request.UserHostAddress;
                if (!String.IsNullOrEmpty(CustomerIP))
                {
                    return CustomerIP;
                }
                CustomerIP = System.Web.HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];

                if (!String.IsNullOrEmpty(CustomerIP))