public function chpwd() { if ($this->AjaxRequest) { $user = tSession::getLoginedUserInfo(); $userModel = Model::make("User"); $userObj = $userModel->getUserById($user->id); if (!($old = $this->post("old"))) { return $this->renderJson(400, "Missing required parameter:old password!"); } if (!($newPwd = $this->post("new"))) { return $this->renderJson(400, "Missing requried parameter:new password"); } if (!($confirm = $this->post("confirm"))) { return $this->renderJson(400, "Missing requred parameter:confirm password!"); } if ($newPwd !== $confirm) { return $this->renderJson(400, "两次新密码输入不相同!"); } if (!tPassword::verify($old, $userObj->passwd)) { return $this->renderJson(400, "原密码不正确!"); } $userObj->passwd = tPassword::hash($newPwd); $userObj->save(); return $this->renderJson(["code" => 200, "errmsg" => "ok"]); } }
public static function update() { $session = Factory::make('session'); //=========== get old cookie key in session ================== $user_login_key_old = $session->get("_login_cookie_key"); //============ get cookie val in session ===================== $user_login_val = $session->get("_login_cookie_val"); //============= product a new cookie key ===================== $user_login_key = tString::rand(12, tString::ALPHA); //============== product new cookie val ====================== $user_login_val_hash = tPassword::hash($user_login_val); //============== store the new cookie in session ============ $session->remove("_login_cookie_key"); $session->set("_login_cookie_key", $user_login_key); //============== set the new cookie with new key & val ===== setCookie($user_login_key, $user_login_val_hash, time() + 3600, '/'); //============== expire the old cookie ====================== setCookie($user_login_key_old, '', time() - 1, '/'); }