随笔- 20 文章- 4 评论- 32 阅读- 18977

因为有些变动，挺累，很久没更新。

这一篇纯粹是充数的烂鱼。

DotNetNuke的登录界面可以保存用户名和密码，但是，一旦保存之后，就连密码也不用输入了，这样不太安全；一般的做法是记住用户名，让用户自行修改密码比较好一些，这只需要修改两个文件，分别是：

\admin\Authentication\Login.ascx.vb：一旦登录成功，将用户名写入到Cookies中

1         Private Sub ValidateUser(ByVal objUser As UserInfo, ByVal ignoreExpiring As Boolean)
2             Dim validStatus As UserValidStatus = UserValidStatus.VALID
3             Dim strMessage As String = Null.NullString
4             Dim expiryDate As DateTime = Null.NullDate
5
6             If Not objUser.IsSuperUser Then
7                 validStatus = UserController.ValidateUser(objUser, PortalId, ignoreExpiring)
8             End If
9
10             UserId = objUser.UserID
11
12             'Check if the User has valid Password/Profile
13             Select Case validStatus
14                 Case UserValidStatus.VALID
15
16
17                     'Y 如果验证通过，则写Cookies，将用户名写到Cookies中
18                     Dim myCookie As New System.Web.HttpCookie("mycookies", objUser.Username)
19                     myCookie.Expires = DateTime.Now.AddDays(10)
20                     Response.Cookies.Add(myCookie)
21                     'End of Y
22
23
24                     'Set the Page Culture(Language) based on the Users Preferred Locale
25                     If (Not objUser.Profile Is Nothing) AndAlso (Not objUser.Profile.PreferredLocale Is Nothing) Then
26                         Localization.SetLanguage(objUser.Profile.PreferredLocale)
27                     Else
28                         Localization.SetLanguage(PortalSettings.DefaultLanguage)
29                     End If
30
31                     'Set the Authentication Type used
32                     AuthenticationController.SetAuthenticationType(AuthenticationType)
33
34                     'Complete Login
35                     UserController.UserLogin(PortalId, objUser, PortalSettings.PortalName, AuthenticationLoginBase.GetIPAddress(), chkCookie.Checked)
36
37                     ' redirect browser
38                     Response.Redirect(RedirectURL, True)
39                 Case UserValidStatus.PASSWORDEXPIRED
40                     strMessage = String.Format(Localization.GetString("PasswordExpired", Me.LocalResourceFile), expiryDate.ToLongDateString)
41                     AddLocalizedModuleMessage(strMessage, ModuleMessageType.YellowWarning, True)
42                     PageNo = 2
43                     pnlProceed.Visible = False
44                 Case UserValidStatus.PASSWORDEXPIRING
45                     strMessage = String.Format(Localization.GetString("PasswordExpiring", Me.LocalResourceFile), expiryDate.ToLongDateString)
46                     AddLocalizedModuleMessage(strMessage, ModuleMessageType.YellowWarning, True)
47                     PageNo = 2
48                     pnlProceed.Visible = True
49                 Case UserValidStatus.UPDATEPASSWORD
50                     AddModuleMessage("PasswordUpdate", ModuleMessageType.YellowWarning, True)
51                     PageNo = 2
52                     pnlProceed.Visible = False
53                 Case UserValidStatus.UPDATEPROFILE
54                     'Admin has forced profile update
55                     AddModuleMessage("ProfileUpdate", ModuleMessageType.YellowWarning, True)
56                     PageNo = 3
57             End Select
58
59             ShowPanel()
60
61         End Sub

\DesktopModules\AuthenticationServices\DNN\Login.ascx.vb：页面加载的时候，从Cookies中读取用户名

1         Private Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles MyBase.Load
2             '读Cookies用户名
3             Dim myCookie As System.Web.HttpCookie
4             myCookie = Request.Cookies.Get("mycookies")
5             Try
6                 txtUsername.Text = myCookie.Value
7             Catch ex As Exception
8
9             End Try
10
11             DotNetNuke.UI.Utilities.ClientAPI.RegisterKeyCapture(Me.Parent, Me.cmdLogin, Asc(vbCr))
12
13             If Not Request.IsAuthenticated Then
14                 If Page.IsPostBack = False Then
15                     Try
16                         If Not Request.QueryString("username") Is Nothing Then
17                             txtUsername.Text = Request.QueryString("username")
18                         End If
19                         If Not Request.QueryString("verificationcode") Is Nothing Then
20                             If PortalSettings.UserRegistration = PortalRegistrationType.VerifiedRegistration Then
21                                 'Display Verification Rows
22                                 rowVerification1.Visible = True
23                                 rowVerification2.Visible = True
24                                 txtVerification.Text = Request.QueryString("verificationcode")
25                             End If
26                         End If
27
28                     Catch
29                         'control not there
30                     End Try
31                 End If
32
33                 txtPassword.Attributes.Add("value", txtPassword.Text)
34
35                 Try
36                     If String.IsNullOrEmpty(txtUsername.Text) Then
37                         SetFormFocus(txtUsername)
38                     Else
39                         SetFormFocus(txtPassword)
40                     End If
41                 Catch
42                     'Not sure why this Try/Catch may be necessary, logic was there in old setFormFocus location stating the following
43                     'control not there or error setting focus
44                 End Try
45             End If
46
47             trCaptcha1.Visible = UseCaptcha
48             trCaptcha2.Visible = UseCaptcha
49
50             If UseCaptcha Then
51                 ctlCaptcha.ErrorMessage = Localization.GetString("InvalidCaptcha", Localization.SharedResourceFile)
52                 ctlCaptcha.Text = Localization.GetString("CaptchaText", Localization.SharedResourceFile)
53             End If
54
55         End Sub

把各自的函数代码一替换就完事了，哦，对了，版本是4.8.2，如果版本不对的话，自行把Cookies那一段代码剪切一下就可以了。