public function password_post() { if (IS_POST) { if (empty($_POST['old_password'])) { $this->error("原始密码不能为空!"); } if (empty($_POST['password'])) { $this->error("新密码不能为空!"); } $uid = sp_get_current_userid(); $admin = $this->users_model->where("id={$uid}")->find(); $old_password = $_POST['old_password']; $password = $_POST['password']; if (sp_compare_password($old_password, $admin['user_pass'])) { if ($_POST['password'] == $_POST['repassword']) { if (sp_compare_password($password, $admin['user_pass'])) { $this->error("新密码不能和原始密码相同!"); } else { $data['user_pass'] = sp_password($password); $data['id'] = $uid; $r = $this->users_model->save($data); if ($r !== false) { $this->success("修改成功!"); } else { $this->error("修改失败!"); } } } else { $this->error("密码输入不一致!"); } } else { $this->error("原始密码不正确!"); } } }
public function dologin() { $login_page_showed_success = session("__SP_ADMIN_LOGIN_PAGE_SHOWED_SUCCESS__"); if (!$login_page_showed_success) { $this->error('login error!'); } $name = I("post.username"); if (empty($name)) { $this->error(L('USERNAME_OR_EMAIL_EMPTY')); } $pass = I("post.password"); if (empty($pass)) { $this->error(L('PASSWORD_REQUIRED')); } $verrify = I("post.verify"); if (empty($verrify)) { $this->error(L('CAPTCHA_REQUIRED')); } //验证码 if (!sp_check_verify_code()) { $this->error(L('CAPTCHA_NOT_RIGHT')); } else { $user = D("Common/Users"); if (strpos($name, "@") > 0) { //邮箱登陆 $where['user_email'] = $name; } else { $where['user_login'] = $name; } $result = $user->where($where)->find(); if (!empty($result) && $result['user_type'] == 1) { if (sp_compare_password($pass, $result['user_pass'])) { $role_user_model = M("RoleUser"); $role_user_join = C('DB_PREFIX') . 'role as b on a.role_id =b.id'; $groups = $role_user_model->alias("a")->join($role_user_join)->where(array("user_id" => $result["id"], "status" => 1))->getField("role_id", true); if ($result["id"] != 1 && (empty($groups) || empty($result['user_status']))) { $this->error(L('USE_DISABLED')); } //登入成功页面跳转 $_SESSION["ADMIN_ID"] = $result["id"]; $_SESSION['name'] = $result["user_login"]; $result['last_login_ip'] = get_client_ip(0, true); $result['last_login_time'] = date("Y-m-d H:i:s"); $user->save($result); setcookie("admin_username", $name, time() + 30 * 24 * 3600, "/"); $this->success(L('LOGIN_SUCCESS'), U("Index/index")); } else { $this->error(L('PASSWORD_NOT_RIGHT')); } } else { $this->error(L('USERNAME_NOT_EXIST')); } } }
private function _do_email_login() { $username = $_POST['username']; $password = $_POST['password']; if (strpos($username, "@") > 0) { //邮箱登陆 $where['user_email'] = $username; } else { $where['user_login'] = $username; } $users_model = M('Users'); $result = $users_model->where($where)->find(); $ucenter_syn = C("UCENTER_ENABLED"); $ucenter_old_user_login = false; $ucenter_login_ok = false; if ($ucenter_syn) { setcookie("thinkcmf_auth", ""); include UC_CLIENT_ROOT . "client.php"; list($uc_uid, $username, $password, $email) = uc_user_login($username, $password); if ($uc_uid > 0) { if (!$result) { $data = array('user_login' => $username, 'user_email' => $email, 'user_pass' => sp_password($password), 'last_login_ip' => get_client_ip(0, true), 'create_time' => time(), 'last_login_time' => time(), 'user_status' => '1', 'user_type' => 2); $id = $users_model->add($data); $data['id'] = $id; $result = $data; } } else { switch ($uc_uid) { case "-1": //用户不存在,或者被删除 if ($result) { //本应用已经有这个用户 if (sp_compare_password($password, $result['user_pass'])) { //本应用已经有这个用户,且密码正确,同步用户 $uc_uid2 = uc_user_register($username, $password, $result['user_email']); if ($uc_uid2 < 0) { $uc_register_errors = array("-1" => "用户名不合法", "-2" => "包含不允许注册的词语", "-3" => "用户名已经存在", "-4" => "Email格式有误", "-5" => "Email不允许注册", "-6" => "该Email已经被注册"); $this->error("同步用户失败--" . $uc_register_errors[$uc_uid2]); } $uc_uid = $uc_uid2; } else { $this->error("密码错误1!"); } } break; case -2: //密码错 if ($result) { //本应用已经有这个用户 if (sp_compare_password($password, $result['user_pass'])) { //本应用已经有这个用户,且密码正确,同步用户 $uc_user_edit_status = uc_user_edit($username, "", $password, "", 1); if ($uc_user_edit_status <= 0) { $this->error("登陆错误3!"); } list($uc_uid2) = uc_get_user($username); $uc_uid = $uc_uid2; $ucenter_old_user_login = true; } else { $this->error("密码错误4!"); } } else { $this->error("密码错误1!"); } break; } } $ucenter_login_ok = true; echo uc_user_synlogin($uc_uid); } //exit(); if (!empty($result)) { if (sp_compare_password($password, $result['user_pass']) || $ucenter_login_ok) { $_SESSION["user"] = $result; //写入此次登录信息 $data = array('last_login_time' => date("Y-m-d H:i:s"), 'last_login_ip' => get_client_ip(0, true)); $users_model->where("id=" . $result["id"])->save($data); $redirect = empty($_SESSION['login_http_referer']) ? __ROOT__ . "/" : $_SESSION['login_http_referer']; $_SESSION['login_http_referer'] = ""; $ucenter_old_user_login_msg = ""; if ($ucenter_old_user_login) { //$ucenter_old_user_login_msg="老用户请在跳转后,再次登陆"; } $this->success("登录验证成功!", $redirect); } else { $this->error("密码错误7!"); } } else { $this->error("用户名不存在!"); } }
function password_post() { if (IS_POST) { if (empty($_POST['old_password'])) { $this->error("原始密码不能为空!"); } if (empty($_POST['password'])) { $this->error("新密码不能为空!"); } $user_obj = D("Common/Users"); $uid = get_current_admin_id(); $admin = $user_obj->where(array("id" => $uid))->find(); $old_password = $_POST['old_password']; $password = $_POST['password']; if (sp_compare_password($old_password, $admin['user_pass'])) { if ($_POST['password'] == $_POST['repassword']) { if (sp_compare_password($password, $admin['user_pass'])) { $this->error("新密码不能和原始密码相同!"); } else { $data['user_pass'] = sp_password($password); $data['id'] = $uid; $r = $user_obj->save($data); if ($r !== false) { $this->success("修改成功!"); } else { $this->error("修改失败!"); } } } else { $this->error("密码输入不一致!"); } } else { $this->error("原始密码不正确!"); } } }