public function checkLogin() { C('TMPL_ACTION_ERROR', 'Users:loginAdmin'); $user = D('Users')->where(array('username' => $_POST['username']))->find(); if (!$user || $_POST['username'] !== 'admin' || md5($_POST['password'] . makeSecType()) !== $user['password']) { $msg = '登录信息错误,请核对用户名和密码。'; $this->error($msg); } else { $_SESSION['admin'] = $user; $this->redirect('Admin/index'); } }
protected function _before_insert(&$data, $options) { $data['password'] = md5($data['password'] . makeSecType()); }
public function setting() { if (IS_POST) { $empty = (empty($_POST['old_password']) or empty($_POST['password']) or empty($_POST['repassword'])); $empty && ($msg = L('password_not_empty')); $repassword_match = $_POST['password'] !== $_POST['repassword']; $repassword_match && ($msg = L('repassword_not_match')); if (!$empty && !$repassword_match) { $model = D('Users'); $uid = $_SESSION['user_id']; $condition = ['id' => $uid]; $old_password = $model->where($condition)->getField('password'); if ($old_password !== md5($_POST['old_password'] . makeSecType())) { $msg = L('confirm_password'); } else { $res = $model->where($condition)->save(['password' => md5($_POST['password'] . makeSecType())]); if ($res !== false) { $this->redirect('Index/index'); } else { $msg = L($model->getError()); } } } $this->error($msg); } $this->display(); }