$newPwd = _post("password", "");
if (strlen($newPwd) < 6 || strlen($newPwd) > 20) {
throw new Exception("The length of new password shuould be between 6 and 20", -1);
}
if ($email == "" || $ucode == "") {
throw new Exception("Invalid url", -1);
} else {
$re = new Recovery();
$re->changePwd($email, $ucode, $newPwd);
echo json_encode(array("errCode" => 0, "errMessage" => "You has changed your password"));
}
} else {
if ($step == 3) {
$currPwd = _post("currpwd", "");
$newPwd = _post("password", "");
$userID = _post("uid", "");
$auth = Auth::getInstance();
if ($auth->getUserID() != $userID) {
throw new Exception("unauthorized", -1);
}
$re = new Recovery();
$re->resetPwd($userID, $currPwd, $newPwd);
echo json_encode(array("errCode" => 0, "errMessage" => "You has changed your password"));
}
}
}
}
} catch (Exception $e) {
$result = array("errCode" => $e->getCode(), "errMessage" => $e->getMessage());
echo json_encode($result);
}
