private function login($filter) { $user_data['login_name'] = $filter['uname']; $user_data['account_type'] = pamAccount::getAuthType('desktop'); $user_data['disabled'] = 0; $arr = app::get('desktop')->model('account')->getRow('account_id,login_password', $user_data); if (!$arr) { return false; } $checkPwd = pam_encrypt::check($filter['password'], $arr['login_password']); if (!$checkPwd) { return false; } return $arr; }
private function __verifyLogin($loginName, $password) { if (empty($loginName) || !$password) { pamAccount::setLoginErrorCount(); throw new \LogicException(app::get('desktop')->_('用户名或密码错误')); } $rows = app::get('desktop')->model('account')->getRow('*', array('login_name' => trim($loginName), 'disabled' => 0)); if ($rows && pam_encrypt::check($password, $rows['login_password'])) { pamAccount::setLoginErrorCount(true); } else { pamAccount::setLoginErrorCount(); throw new \LogicException(app::get('desktop')->_('用户名或密码错误')); } return $rows['account_id']; }
function chkpassword() { $this->begin('?app=desktop&ctl=users&act=index'); $users = $this->app->model('users'); if ($_POST) { $sdf = $users->dump($_POST['user_id'], '*', array(':account@desktop' => array('*'), 'roles' => array('*'))); $old_password = $sdf['account']['login_password']; //这里加了一个判断,判断是自行改密码还是超级管理员去修改 //如果是自行改密码,就去匹配自己的密码。如果是管理员的话,就去匹配超级管理员的密码 if ($_POST['self'] == 'self') { $_POST['user_id'] = $this->user->get_id(); $filter['account_id'] = $this->user->get_id(); $filter['account_type'] = pamAccount::getAuthType(); } else { $super_row = $users->getList('user_id', array('super' => '1')); $filter['account_id'] = $super_row[0]['user_id']; $filter['account_type'] = pamAccount::getAuthType(); $super_data = $users->dump($filter['account_id'], '*', array(':account@desktop' => array('*'))); } $pass_row = app::get('desktop')->model('account')->getRow('account_id,login_password', $filter); if (!$pass_row || !pam_encrypt::check(input::get('old_login_password'), $pass_row['login_password'])) { $this->end(false, app::get('desktop')->_('管理员密码或原始密码不正确')); } elseif (!(strlen($_POST['new_login_password']) >= 6 && preg_match("/\\d+/", $_POST['new_login_password']) && preg_match("/[a-zA-Z]+/", $_POST['new_login_password']))) { $this->end(false, app::get('desktop')->_('密码必须同时包含字母及数字且长度不能小于6!')); } elseif ($sdf['account']['login_name'] == $_POST['new_login_password']) { $this->end(false, app::get('desktop')->_('用户名与密码不能相同')); } elseif ($_POST['new_login_password'] !== $_POST['pam_account']['login_password']) { // //修改0000!=00000为true的问题@lujy $this->end(false, app::get('desktop')->_('两次密码不一致')); } else { $_POST['pam_account']['account_id'] = $_POST['user_id']; $_POST['pam_account']['login_password'] = pam_encrypt::make(trim($_POST['new_login_password'])); $users->save($_POST); $this->end(true, app::get('desktop')->_('密码修改成功')); } } $pagedata['user_id'] = $_GET['id']; $pagedata['self'] = $_GET['self']; $this->adminlog("修改平台管理员密码[{$_POST['user_id']}]", 1); return $this->page('desktop/users/chkpass.html', $pagedata); }
/** * @brief 企业密码修改 * * @param array $data 企业密码 * * @return int userId */ public function modifyPwd($data) { //检查数据安全 $data = utils::_filter_input($data); $accountShopModel = app::get('sysshop')->model('account'); $filter = array('seller_id' => pamAccount::getAccountId()); $account = $accountShopModel->getRow('seller_id,login_password', $filter); if (!$account) { return false; } //检查密码合法,是否一致 $this->checkPassport($data['login_password'], $data['psw_confirm']); if (!pam_encrypt::check($data['login_password_old'], $account['login_password'])) { throw new \LogicException(app::get('sysshop')->_('原密码填写错误,请重新填写!')); } $pamShopData['login_password'] = pam_encrypt::make($data['login_password']); $pamShopData['seller_id'] = $filter['seller_id']; $pamShopData['modified_time'] = time(); if (!($sellerId = $accountShopModel->save($pamShopData))) { throw new \LogicException(app::get('sysshop')->_('修改失败')); } return true; }
/** * 修改密码,需要使用旧密码进行修改,新密码和确认密码需要一致 * * @param int $userId 修改密码的user_id * @param array $data * * @return bool */ public function modifyPwd($data) { $data = utils::_filter_input($data); $pamUserModel = app::get('sysuser')->model('account'); $account = $pamUserModel->getRow('modified_time,createtime,login_password,login_account', array('user_id' => $data['user_id'])); if (!$account) { throw new \LogicException(app::get('sysuser')->_('会员信息有误')); } if ($data['type'] == "update" && $data['old_pwd']) { if (!pam_encrypt::check($data['old_pwd'], $account['login_password'])) { throw new \LogicException(app::get('sysuser')->_('原密码错误')); } } //检查密码合法,是否一致 $this->checkPwd($data['new_pwd'], $data['confirm_pwd']); $pamUserData['login_password'] = pam_encrypt::make($data['new_pwd']); if ($data['uname']) { $type = kernel::single('pam_tools')->checkLoginNameType($data['uname']); $this->checkSignupAccount(trim($data['uname']), $type); $pamUserData['login_account'] = $data['uname']; $pamUserData['login_type'] = 'common'; } $pamUserData['user_id'] = $data['user_id']; $pamUserData['modified_time'] = time(); if (!($userId = $pamUserModel->save($pamUserData))) { throw new \LogicException(app::get('sysuser')->_('修改失败')); } return true; }