public function loginAction()
{
//登录验证
$this->view->disable();
$code = trim(htmlspecialchars($this->request->getPost('code')));
if (strtolower($code) != $this->session->get('verify_code')) {
echo "<script>alert('验证码错误');history.back();</script>";
}
$username = trim(htmlspecialchars($this->request->getPost('username')));
$password = md5(trim(htmlspecialchars($this->request->getPost('password'))));
if (empty($code) || empty($username) || empty($password)) {
echo "<script>alert('用户名或密码不能为空');history.back();</script>";
}
$where = array("name = :name: and passwd = :passwd:", 'bind' => array('name' => $username, 'passwd' => $password));
$user = Admin::findFirst($where);
if ($user) {
if ($user->getActive() == 0) {
echo "<script>alert('该用户已经被冻结');history.back();</script>";
exit;
}
$this->session->set('depart_id', $user->getDepart());
$this->session->set('username', $username);
$this->session->set('uid', $user->getId());
// header("location:/backend/system/user");
$this->response->redirect('/backend/system/user');
} else {
echo "<script>alert('用户名或密码错误');history.back();</script>";
exit;
}
}
public function chpassAction()
{
//密码修改
if ($this->request->isPost()) {
$this->view->disable();
$oldpass = trim($this->request->getPost('oldpass'));
$newpass = trim($this->request->getPost('newpass'));
if (empty($oldpass) || empty($newpass)) {
echo "<script>alert('密码不能为空'),history.back();</script>";
exit;
}
$user = Admin::findFirst($this->uid);
if (md5($oldpass) != $user->getPasswd()) {
echo "<script>alert('原密码错误'),history.back();</script>";
exit;
}
$user->setPasswd(md5($newpass));
$user->update();
echo "<script>alert('密码修改成功'),history.back();</script>";
exit;
} else {
$this->response->setStatusCode(404, "Not Found");
}
}
