$newPwd = _post("password", ""); if (strlen($newPwd) < 6 || strlen($newPwd) > 20) { throw new Exception("The length of new password shuould be between 6 and 20", -1); } if ($email == "" || $ucode == "") { throw new Exception("Invalid url", -1); } else { $re = new Recovery(); $re->changePwd($email, $ucode, $newPwd); echo json_encode(array("errCode" => 0, "errMessage" => "You has changed your password")); } } else { if ($step == 3) { $currPwd = _post("currpwd", ""); $newPwd = _post("password", ""); $userID = _post("uid", ""); $auth = Auth::getInstance(); if ($auth->getUserID() != $userID) { throw new Exception("unauthorized", -1); } $re = new Recovery(); $re->resetPwd($userID, $currPwd, $newPwd); echo json_encode(array("errCode" => 0, "errMessage" => "You has changed your password")); } } } } } catch (Exception $e) { $result = array("errCode" => $e->getCode(), "errMessage" => $e->getMessage()); echo json_encode($result); }