if (Site::getSessionUid() !== getRequest('uid') && !checkAuthority(9)) { handle(ERROR_PERMISSION . '01'); } $currentUser = new User(); $currentUser->uid = getRequest('uid'); $response = json_decode($currentUser->getData(), true); if (!password_verify(md5($response['username'] . getRequest('password_old') . '.cc'), $response['password'])) { handle(ERROR_PERMISSION . '02' . '密码错误!'); } $password_new = getRequest('password_new'); if ($password_new === '') { $password_new = getRequest('password_old'); } $password_new = password_hash(md5($response['username'] . $password_new . '.cc'), PASSWORD_BCRYPT); $currentUser->init($response['username'], $password_new, $response['email'], $response['level']); if (!$currentUser->checkVariables()) { handle(ERROR_INPUT . '01'); } $response = $currentUser->modify(); if ($response === false) { handle(ERROR_SYSTEM . '00'); } else { handle('0000'); } break; case 'changeLevel': if (!checkAuthority(9)) { handle(ERROR_PERMISSION . '01'); } $uid = getRequest('uid'); $level = max(0, min(9, (int) getRequest('level')));