function reset_pwd($username, $auth_key, $new_pwd)
{
if (mb_strlen($username, 'utf8') < 1 || mb_strlen($username, 'utf8') > 12) {
return 'User not exist';
}
if (strlen($new_pwd) != 32) {
return 'Invalid password, please refresh your browser';
}
if (strlen($auth_key) != 32) {
return 'Invalid auth key';
}
$result = get_user_information($username);
if ($result == null) {
return 'User not exist';
}
if (process_auth_key($result['auth_key'], $result['last_time']) != $auth_key) {
return 'Link is out of data';
}
$new_salt = rand_string(64);
$new_pwd = crypt_pwd($new_pwd, $new_salt);
$new_auth_key = rand_string();
$sql = "UPDATE `account` SET `auth_key`= ?, `password`=?, `salt`=? WHERE username= ? LIMIT 1";
$params = array($new_auth_key, $new_pwd, $new_salt, $username);
$count = (new MysqlDAO())->execute($sql, $params, 'ssss');
if ($count == 1) {
return '1';
} else {
return 'Sth is wrong with server';
}
}
function reset_pwd($username, $auth_key, $new_pwd)
{
if (is_name_valid($username) != '') {
return '用户不存在';
}
if (strlen($new_pwd) != 32) {
return '无效的密码';
}
if (strlen($auth_key) != 32) {
return '链接已失效';
}
$profile = get_user_information($username);
if ($profile == null) {
return '用户不存在';
}
if (process_auth_key($profile['auth_key'], $profile['last_time']) != $auth_key) {
return '链接已经失效';
}
$new_salt = rand_string();
$new_pwd = crypt_pwd($new_pwd, $new_salt);
$new_auth_key = rand_string(32);
$sql = 'UPDATE `ewu_account` SET `auth_key`= ?, `pwd`=?, `salt`=? WHERE username= ? LIMIT 1';
$a_params = array($new_auth_key, $new_pwd, $new_salt, $username);
$count = (new MysqlPDO())->execute($sql, $a_params);
if ($count == 1) {
return '1';
} else {
return '服务器繁忙,操作失败';
}
}