@Before(UCodeInterceptor.class)
 public void delete() {
   BigInteger id = getParaToBigInteger("id");
   final Comment c = CommentQuery.findById(id);
   if (c != null) {
     if (c.delete()) {
       MessageKit.sendMessage(Actions.COMMENT_DELETE, c);
       renderAjaxResultForSuccess();
       return;
     }
   }
   renderAjaxResultForError();
 }
 @Before(UCodeInterceptor.class)
 public void pub() {
   BigInteger id = getParaToBigInteger("id");
   Comment c = CommentQuery.findById(id);
   if (c != null) {
     c.setStatus(Content.STATUS_NORMAL);
     if (c.saveOrUpdate()) {
       MessageKit.sendMessage(Actions.COMMENT_UPDATE, c);
       renderAjaxResultForSuccess("success");
     } else {
       renderAjaxResultForError("pub fail!");
     }
   } else {
     renderAjaxResultForError("pub error!");
   }
 }
  @Clear(UserInterceptor.class)
  @ActionKey(Consts.ROUTER_USER_LOGIN) // 固定登陆的url
  public void login() {
    keepPara();

    String username = getPara("username");
    String password = getPara("password");

    if (username == null || password == null) {
      render("user_login.html");
      return;
    }

    long errorTimes = CookieUtils.getLong(this, "_login_errors", 0);
    if (errorTimes >= 3) {
      if (!validateCaptcha("_login_captcha")) { // 验证码没验证成功!
        if (isAjaxRequest()) {
          renderAjaxResultForError("没有该用户");
        } else {
          redirect(Consts.ROUTER_USER_LOGIN);
        }
        return;
      }
    }

    User user = User.DAO.findUserByUsername(username);
    if (null == user) {
      if (isAjaxRequest()) {
        renderAjaxResultForError("没有该用户");
      } else {
        setAttr("errorMsg", "没有该用户");
        render("user_login.html");
      }
      CookieUtils.put(this, "_login_errors", errorTimes + 1);
      return;
    }

    if (EncryptUtils.verlifyUser(user, password)) {
      MessageKit.sendMessage(Actions.USER_LOGINED, user);
      CookieUtils.put(this, Consts.COOKIE_LOGINED_USER, user.getId());
      if (this.isAjaxRequest()) {
        renderAjaxResultForSuccess("登陆成功");
      } else {
        String gotoUrl = getPara("goto");
        if (StringUtils.isNotEmpty(gotoUrl)) {
          gotoUrl = StringUtils.urlDecode(gotoUrl);
          gotoUrl = StringUtils.urlRedirect(gotoUrl);
          redirect(gotoUrl);
        } else {
          redirect(Consts.ROUTER_USER_CENTER);
        }
      }
    } else {
      if (isAjaxRequest()) {
        renderAjaxResultForError("密码错误");
      } else {
        setAttr("errorMsg", "密码错误");
        render("user_login.html");
      }
      CookieUtils.put(this, "_login_errors", errorTimes + 1);
    }
  }
  @Clear(UserInterceptor.class)
  public void doRegister() {

    if (!validateCaptcha("_register_captcha")) { // 验证码没验证成功!
      renderForRegister("not validate captcha", Consts.ERROR_CODE_NOT_VALIDATE_CAPTHCHE);
      return;
    }

    keepPara();

    String username = getPara("username");
    String email = getPara("email");
    String phone = getPara("phone");
    String password = getPara("password");
    String confirm_password = getPara("confirm_password");

    if (!StringUtils.isNotBlank(username)) {
      renderForRegister("username is empty!", Consts.ERROR_CODE_USERNAME_EMPTY);
      return;
    }

    if (!StringUtils.isNotBlank(email)) {
      renderForRegister("email is empty!", Consts.ERROR_CODE_EMAIL_EMPTY);
      return;
    } else {
      email = email.toLowerCase();
    }

    if (!StringUtils.isNotBlank(password)) {
      renderForRegister("password is empty!", Consts.ERROR_CODE_PASSWORD_EMPTY);
      return;
    }

    if (StringUtils.isNotEmpty(confirm_password)) {
      if (!confirm_password.equals(password)) {
        renderForRegister(
            "password is not equals confirm_password!", Consts.ERROR_CODE_PASSWORD_EMPTY);
        return;
      }
    }

    if (User.DAO.findUserByUsername(username) != null) {
      renderForRegister("username has exist!", Consts.ERROR_CODE_USERNAME_EXIST);
      return;
    }

    if (User.DAO.findUserByEmail(email) != null) {
      renderForRegister("email has exist!", Consts.ERROR_CODE_EMAIL_EXIST);
      return;
    }

    if (null != phone && User.DAO.findUserByPhone(phone) != null) {
      renderForRegister("phone has exist!", Consts.ERROR_CODE_PHONE_EXIST);
      return;
    }

    User user = new User();
    user.setUsername(username);
    user.setNickname(username);
    user.setEmail(email);
    user.setPhone(phone);

    String salt = EncryptUtils.salt();
    password = EncryptUtils.md5WithSalt(password, salt);
    user.setPassword(password);
    user.setSalt(salt);
    user.setCreateSource("register");
    user.setCreated(new Date());

    if (user.save()) {
      CookieUtils.put(this, Consts.COOKIE_LOGINED_USER, user.getId());
      MessageKit.sendMessage(Actions.USER_CREATED, user);

      if (isAjaxRequest()) {
        renderAjaxResultForSuccess();
      } else {
        String gotoUrl = getPara("goto");
        if (StringUtils.isNotEmpty(gotoUrl)) {
          gotoUrl = StringUtils.urlDecode(gotoUrl);
          gotoUrl = StringUtils.urlRedirect(gotoUrl);
          redirect(gotoUrl);
        } else {
          redirect(Consts.ROUTER_USER_CENTER);
        }
      }
    } else {
      renderAjaxResultForError();
    }
  }