function login_authenticate($db, $username, $password) { if ($row = login_check_credential($db, $username, $password)) { fAuthorization::setUserToken(array('id' => $row['id'], 'name' => $username, 'email' => $row['email'], 'display_name' => $row['display_name'])); return true; } return false; }
fAuthorization::requireLoggedIn(); $errmsg = ''; if (fRequest::isPost()) { $old_password = fRequest::get('old-password'); $new_password = fRequest::get('new-password'); $confirm_password = fRequest::get('confirm-password'); $token = fAuthorization::getUserToken(); $username = $token['name']; $user_id = $token['id']; if (empty($old_password) or empty($new_password) or empty($confirm_password)) { $errmsg = '密码不能为空'; } else { if ($new_password != $confirm_password) { $errmsg = '两次输入的新密码不一致'; } else { if (login_check_credential($db, $username, $old_password) == false) { $errmsg = '旧密码错误'; } else { if (login_change_password($db, $user_id, $new_password)) { fURL::redirect(fSession::delete('change-password-referer', SITE_BASE)); } else { $errmsg = '修改密码失败'; } } } } } else { if (fSession::get('change-password-referer') == null) { fSession::set('change-password-referer', login_get_referer(SITE_BASE)); } }