private function _validate_form() { // 先验证用户名和密码 $this->load->library('form_validation'); $this->form_validation->set_message('required', '请输入{field}'); $this->form_validation->set_rules('username', '用户名', array('required', array('is_username', function ($str) { if (is_username($str) || is_email($str) || is_phone($str)) { return true; } $this->form_validation->set_message('is_username', '无效{field}'); return false; }))); $this->form_validation->set_rules('password', '密码', array('required', array('is_password', function ($str) { if (!is_password($str)) { $this->form_validation->set_message('is_password', '无效{field}'); return false; } return true; }))); if (!$this->form_validation->run()) { return FALSE; } $this->form_validation->reset_validation(); $this->form_validation->set_message('required', '请输入{field}'); $this->form_validation->set_rules('captcha', '验证码', 'trim|required|callback_check_captcha'); return $this->form_validation->run(); }
/** * 检查管理员密码合法性 * @param string $password 密码 */ function checkpasswd($password) { if (!is_password($password)) { return false; } return true; }
public function edit_password($userid, $password){ $userid = intval($userid); if($userid < 1) return false; if(!is_password($password)) { showmessage(L('pwd_incorrect')); return false; } $passwordinfo = password($password); return $this->db->update($passwordinfo,array('userid'=>$userid)); }
/** * 修改密码 * @param unknown $userid 用户ID * @param unknown $password 密码 * @return boolean */ public function edit_password($userid, $password) { $userid = intval($userid); if ($userid < 1) { return false; } if (!is_password($password)) { return false; } $passwordinfo = password($password); return $this->where('userid=' . $userid)->save($passwordinfo); }
/** * 构造函数 */ public function __construct() { $this->db = pc_base::load_model('member_model'); pc_base::load_app_func('global'); /*获取系统配置*/ $this->settings = getcache('settings', 'admin'); $this->applist = getcache('applist', 'admin'); if (isset($_GET) && is_array($_GET) && count($_GET) > 0) { foreach ($_GET as $k => $v) { if (!in_array($k, array('m', 'c', 'a'))) { $_POST[$k] = $v; } } } if (isset($_POST['appid'])) { $this->appid = intval($_POST['appid']); } else { exit('0'); } if (isset($_POST['data'])) { parse_str(sys_auth($_POST['data'], 'DECODE', $this->applist[$this->appid]['authkey']), $this->data); if (empty($this->data) || !is_array($this->data)) { exit('0'); } if (!get_magic_quotes_gpc()) { $this->data = new_addslashes($this->data); } if (isset($this->data['username']) && $this->data['username'] != '' && is_username($this->data['username']) == false) { exit('-5'); } if (isset($this->data['email']) && $this->data['username'] != '' && is_email($this->data['email']) == false) { exit('-5'); } if (isset($this->data['password']) && $this->data['password'] != '' && (is_password($this->data['password']) == false || is_badword($this->data['password']))) { exit('-5'); } if (isset($this->data['newpassword']) && $this->data['newpassword'] != '' && (is_password($this->data['newpassword']) == false || is_badword($this->data['newpassword']))) { exit('-5'); } } else { exit('0'); } if (isset($GLOBALS['HTTP_RAW_POST_DATA'])) { $this->data['avatardata'] = $GLOBALS['HTTP_RAW_POST_DATA']; //if($this->applist[$this->appid]['authkey'] != $this->data['ps_auth_key']) { // exit('0'); //} } }
public function save() { $id = (int) $this->input->get_post('id'); $data['user_name'] = trim($this->input->get_post('user_name')); //判断名称是否有重复 $item = $this->model->getOne(array('user_name' => $data['user_name'])); if ($item && intval($item->uid) != intval($id)) { ajax_return(lang('service_user_name_exist')); } $data['pid'] = $this->user_info->uid; //地区 $data['district'] = $this->input->get_post('district'); if (!$id) { if (!is_username($data['user_name'])) { ajax_return('账号只允许字母开头,允许5-16字节,允许字母数字下划线'); } $password = $this->input->get_post('password'); if (!is_password($password)) { ajax_return('密码只允许6到20个字母、数字字符'); } $data['password'] = md5($password); } $data['gid'] = (int) $this->input->get_post('gid'); $data['email'] = $this->input->get_post('email'); if (!is_email($data['email']) and trim($data['email'])) { ajax_return('E-mail不是有效的邮箱格式!'); } $data['nickname'] = htmlspecialchars($this->input->get_post('nickname')); //保存信息 if ($id > 0) { $data['token'] = ''; $result = $this->model->update($data, array('uid' => $id)); } else { $data['regip'] = $this->egetip(); $data['regtime'] = time(); $result = $this->model->add($data); } //信息返回操作 if ($result) { ajax_return(lang('save_success'), 0, '', '/admin/user/index'); } else { ajax_return(lang('save_failed')); } }
/** * 重置密码处理 * * @return void */ public function reset_password_deal() { /* 教师信息 */ $teacher = $this->session->userdata('teacher'); if (!$teacher) { message('会话已失效,请重新提交', 'student/teacher_download/login'); } $old_password = $this->input->post('old_password'); $new_password = $this->input->post('new_password'); $repeat_password = $this->input->post('repeat_password'); if (my_md5($old_password) != $teacher['password']) { message('密码错误!请重试!'); } if (is_string($passwd_msg = is_password($new_password))) { message($passwd_msg); } if ($new_password != $repeat_password) { message('您两次输入密码不一致!请重试!'); } $rst = $this->db->update('teacher_download', array('password' => my_md5($new_password)), array('id' => $teacher['id'])); message('您的新密码已设置成功,重新登陆后生效', 'student/teacher_download/reset_password', 'success'); }
public function update_action() { if (!$this->input->is_ajax_request()) { show_404(); } $uid = (int) $this->input->post('uid'); $e = $this->input->post('email', true); $u = $this->input->post('username', true); $u = trim($u); $e = strtolower(trim($e)); if (!is_email($e)) { JSON('error', '对不起,请填写用个可以的电子邮件!'); } if ($this->user_model->get_info(array('uid !=' => $uid, 'email' => $e))) { JSON('error', '该电子邮件已在存,请换一个!'); } if (!is_username($u)) { JSON('error', '用户姓名可以由汉字、字母或数字组成,长度不保持 4-16 个字符!'); } if ($this->user_model->get_info(array('uid !=' => $uid, 'username' => $u))) { JSON('error', '该用户名称已存在,请换一个!'); } $p = $this->input->post('password', true); $r = $this->input->post('repassword', true); $p = strtolower(trim($p)); $r = strtolower(trim($r)); if ($p !== '') { if (!is_password($p)) { JSON('error', '密码必须由字母、数字和下划线组成,长度保持 6-16 个字符!'); } if ($p !== $r) { JSON('error', '两次输入的密码不一致,请重新确认密码!'); } $this->load->library('phpass'); $data['password'] = $this->phpass->HashPassword($p); } $data['email'] = $e; $data['username'] = $u; $data['intro'] = $this->input->post('intro', true); $data['state'] = (int) $this->input->post('state'); $this->db->update('user', $data, array('uid' => $uid)); unset($data); if ($this->db->affected_rows()) { JSON('success', '恭喜,用户 ' . $u . ' 更新成功!'); } else { JSON('error', '对不起,用户没有更新或更新失败!'); } }
/** * 重置密码 * * @return void */ public function reset_password() { if (!$this->check_power('teacher_download_manage')) { return; } $new_password = $this->input->post('new_password'); $new_confirm_password = $this->input->post('confirm_password'); $id = intval($this->input->post('uid')); if (is_string($passwd_msg = is_password($new_password))) { output_json(CODE_ERROR, $passwd_msg); } if (!strlen(trim($new_confirm_password))) { output_json(CODE_ERROR, '确认密码不能为空.'); } if ($new_confirm_password != $new_password) { output_json(CODE_ERROR, '两次密码输入不一致.'); } //检查旧密码是否正确 $passwd = TeacherDownloadModel::get_by_id($id, 'password'); if (!count($passwd)) { output_json(CODE_ERROR, '不存在该监考人员.'); } //检查帐号密码是否正确 $flag = TeacherDownloadModel::reset_password($id, my_md5($new_password)); if (!$flag) { output_json(CODE_ERROR, '密码修改失败,请重试'); } output_json(CODE_SUCCESS, '密码修改成功.'); }
public function account_change_mobile() { $memberinfo = $this->memberinfo; if (isset($_POST['dosubmit'])) { if (!is_password($_POST['password'])) { showmessage(L('password_format_incorrect'), HTTP_REFERER); } if ($this->memberinfo['password'] != password($_POST['password'], $this->memberinfo['encrypt'])) { showmessage(L('old_password_incorrect')); } $sms_report_db = pc_base::load_model('sms_report_model'); $mobile_verify = $_POST['mobile_verify']; $mobile = $_POST['mobile']; if ($mobile) { if (!preg_match('/^1([0-9]{10})$/', $mobile)) { exit('check phone error'); } $posttime = SYS_TIME - 600; $where = "`mobile`='{$mobile}' AND `send_userid`='" . $memberinfo['userid'] . "' AND `posttime`>'{$posttime}'"; $r = $sms_report_db->get_one($where, 'id,id_code', 'id DESC'); if ($r && $r['id_code'] == $mobile_verify) { $sms_report_db->update(array('id_code' => ''), $where); $this->db->update(array('mobile' => $mobile), array('userid' => $memberinfo['userid'])); showmessage("手机号码更新成功!", '?m=member&c=index&a=account_change_mobile&t=1'); } else { showmessage("短信验证码错误!请重新获取!"); } } else { showmessage("短信验证码已过期!请重新获取!"); } } else { include template('member', 'account_change_mobile'); } }
/** * 修改考生密码 */ public function reset_student_password() { $exam_ticket = trim($this->input->post('account')); $password = $this->input->post('password'); $confirm_password = $this->input->post('confirm_password'); if (!strlen($exam_ticket)) { output_json(CODE_ERROR, '请输入正确的准考证号.'); } if (is_string($passwd_msg = is_password($password))) { output_json(CODE_ERROR, $passwd_msg); } if (!strlen($confirm_password)) { output_json(CODE_ERROR, '确认密码不能为空.'); } if ($confirm_password != $password) { output_json(CODE_ERROR, '两次密码不一致.'); } //检查帐号密码是否正确 $this->load->model('exam/student_model'); $student = $this->student_model->is_valid_student($exam_ticket); if (!$student) { output_json(CODE_ERROR, '该考生不存在.'); } //判断该考生是否在当前考场中 $this->load->model('exam/exam_place_model'); $exam_place_model = $this->exam_place_model; $place_id = $this->session->userdata('exam_i_place_id'); $user_id = $student['uid']; if (!$exam_place_model->check_exam_place_student($place_id, $user_id)) { output_json(CODE_ERROR, '很抱歉,该考生不在本场考试中,有问题请联系系统管理员.'); } //重置考生密码 try { $this->student_model->reset_password($user_id, $password); output_json(CODE_SUCCESS, '修改成功, 该考生考试信息为:<p><strong>准考证号:</strong>' . $exam_ticket . ' </p><p><strong>新密码为:</strong> ' . $password . ' </p><font color="red">请记下该考生新密码, 以防丢失.</font>'); } catch (Exception $e) { output_json(CODE_ERROR, '密码修改失败,请重试(如多次出现类似情况,请联系系统管理员)'); } }
private function _validate_userinfo(&$data) { if (isset($data['username'])) { $data['username'] = strtolower(trim($data['username'])); if (!is_username($data['username'])) { return '用户名不合法'; } } if (isset($data['email'])) { $data['email'] = strtolower(trim($data['email'])); if (!$data['email']) { return 'Email不合法'; } } if (isset($data['phone'])) { $data['phone'] = (int) $data['phone']; if (!is_phone($data['phone'])) { return '手机号不合法'; } } if (isset($data['password'])) { if (!is_password($data['password'])) { return '密码不合法'; } } if (isset($data['qq'])) { $data['qq'] = (int) $data['qq']; !is_qq($data['qq']) && ($data['qq'] = 0); } isset($data['wechat']) && !is_wechat($data['wechat']) && ($data['wechat'] = ''); return true; }
public function resetpwd() { Fn::ajax_call($this, 'login', 'logout'); $hash = $this->input->get('code'); $uid = email_hash('decode', $hash, 1800); $uid && ($student = StudentModel::get_student($uid)); if (!$student) { message('重置链接已失效,请重新提交申请', 'student/index/forget'); } if ($this->input->post('act') == 'submit') { $password = $this->input->post('password'); $newpwd_confirm = $this->input->post('password_confirm'); if (is_string($passwd_msg = is_password($password))) { message($passwd_msg); } if ($password != $newpwd_confirm) { message('您两次输入密码不一致,返回请确认!'); } $this->db->update('student', array('password' => my_md5($password)), array('uid' => $uid)); $now_time = time() - 1800; $sql = "UPDATE {pre}user_resetpassword SET expiretime='{$now_time}' WHERE uid='{$uid}' and hash = '{$hash}'"; $row = $this->db->query($sql); message('您的新密码已设置成功.', 'student/index/login', 'success'); } else { $data = array(); $data['uinfo'] = StudentModel::studentLoginUInfo(); $data['hash'] = $hash; // 模版 $this->load->view('index/resetpwd', $data); } }
/** * 修改密码 */ public function editpwd() { Fn::ajax_call($this, 'login', 'logout'); if (!$this->_uinfo['uid']) { redirect('student/index/login'); } $data = array(); $data['uinfo'] = $this->_uinfo; $uid = $this->_uinfo['uid']; if ($oldpwd = $this->input->post('oldpwd')) { $newpwd = $this->input->post('newpwd'); $newpwd_confirm = $this->input->post('newpwd_confirm'); if (is_string($passwd_msg = is_password($newpwd))) { message($passwd_msg); } if ($newpwd != $newpwd_confirm) { message('新密码两次输入不一致!'); } $query = $this->db->select('password')->get_where('student', array('uid' => $uid)); $user = $query->row_array(); if ($user['password'] !== my_md5($oldpwd)) { message('原密码错误!'); } $this->db->update('student', array('password' => my_md5($newpwd)), array('uid' => $uid)); message('密码修改成功!', 'student/profile/preview', 'success'); } else { $this->load->view('profile/editpwd', $data); } }
$mobile = $user['authvalue']; $r = $db->get_one("SELECT userid FROM {$DT_PRE}member WHERE mobile='{$mobile}' AND vmobile=1 AND userid<>{$_userid}"); if ($r) { message($L['send_mobile_exist'], $MOD['linkurl']); } $db->query("UPDATE {$DT_PRE}member SET mobile='{$mobile}',vmobile=1,auth='',authvalue='',authtime=0 WHERE username='******'"); userclean($username); $db->query("INSERT INTO {$DT_PRE}validate (type,username,ip,addtime,status,title,editor,edittime) VALUES ('mobile','{$username}','{$DT_IP}','{$DT_TIME}','3','{$mobile}','system','{$DT_TIME}')"); message($L['send_mobile_success'], $MOD['linkurl']); } message($L['send_mobile_code_error']); } else { $DT['sms'] or message($L['send_sms_close']); if ($submit) { is_mobile($mobile) or message($L['send_mobile_bad']); if (!is_password($username, $password)) { message($L['member_login_password_bad']); } $r = $db->get_one("SELECT userid FROM {$DT_PRE}member WHERE mobile='{$mobile}' AND vmobile=1 AND userid<>{$_userid}"); if ($r) { message($L['send_mobile_exist']); } if (max_sms($mobile)) { message($L['sms_msg_max']); } $auth = random(6, '0123456789'); $content = lang('sms->sms_code', array($auth, $MOD['auth_days'] * 10)) . $DT['sms_sign']; $sms_code = send_sms($mobile, $content); if (1 || strpos($sms_code, $DT['sms_ok']) !== false) { $db->query("UPDATE {$DT_PRE}member SET auth='{$auth}',authvalue='{$mobile}',authtime='{$DT_TIME}' WHERE username='******'"); userclean($username);
public function account_manage_password() { if (isset($_POST['dosubmit'])) { if (!is_password($_POST['info']['password'])) { showmessage(L('password_format_incorrect'), HTTP_REFERER); } if ($this->memberinfo['password'] != password($_POST['info']['password'], $this->memberinfo['encrypt'])) { showmessage(L('old_password_incorrect'), HTTP_REFERER); } //修改会员邮箱 if ($this->memberinfo['email'] != $_POST['info']['email'] && is_email($_POST['info']['email'])) { $email = $_POST['info']['email']; $updateinfo['email'] = $_POST['info']['email']; } else { $email = ''; } $newpassword = password($_POST['info']['newpassword'], $this->memberinfo['encrypt']); $updateinfo['password'] = $newpassword; $this->db->update($updateinfo, array('userid' => $this->memberinfo['userid'])); if (pc_base::load_config('system', 'phpsso')) { //初始化phpsso $this->_init_phpsso(); $res = $this->client->ps_member_edit('', $email, $_POST['info']['password'], $_POST['info']['newpassword'], $this->memberinfo['phpssouid'], $this->memberinfo['encrypt']); } showmessage(L('operation_success'), HTTP_REFERER); } else { $show_validator = true; $memberinfo = $this->memberinfo; include template('member', 'account_manage_password'); } }
$success['false'][] = 'Server is marked for deletion'; } else { if (isdomain($dns)) { $query = $sql->prepare("UPDATE `webVhost` SET `defaultDomain`=? WHERE `webVhostID`=? AND `resellerID`=? LIMIT 1"); $query->execute(array($dns, $localServerID, $resellerID)); $domainRowCount = $query->rowCount(); } } $updateArray = array(); $eventualUpdate = ''; if (isset($data['active']) and active_check($data['active'])) { $updateArray[] = $data['active']; $eventualUpdate .= ',`active`=?'; $active = $data['active']; } if (isset($data['password']) and is_password($data['password'], 255)) { $updateArray[] = $data['private']; $updateArray[] = $aeskey; $eventualUpdate .= ',`ftpPassword`=AES_ENCRYPT(?,?)'; $private = $data['password']; } if (isset($data['hdd']) and isid($data['hdd'], 10)) { $updateArray[] = $data['hdd']; $eventualUpdate .= ',`hdd`=?'; $hdd = $data['hdd']; $query = $sql->prepare("SELECT IF(`hddOverbook`='Y',(`maxHDD`/100) * (100+`overbookPercent`),`maxHDD`) AS `maxHDD` FROM `webMaster` WHERE `webMasterID`=? LIMIT 1"); $query->execute(array($webMasterID)); $maxHDD = (int) $query->fetchColumn(); $query = $sql->prepare("SELECT SUM(v.`hdd`) AS `a` FROM `webVhost` WHERE `webMasterID`=?"); $query->execute(array($localServerID)); if ($maxHDD + $oldHDD - $query->fetchColumn() - $hdd < 0) {
public function login() { $this->_session_start(); //获取用户siteid $siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1; //定义站点id常量 if (!defined('SITEID')) { define('SITEID', $siteid); } if (isset($_POST['dosubmit'])) { if (empty($_SESSION['connectid'])) { //判断验证码 $code = isset($_POST['code']) && trim($_POST['code']) ? trim($_POST['code']) : showmessage(L('input_code'), HTTP_REFERER); if ($_SESSION['code'] != strtolower($code)) { $_SESSION['code'] = ''; showmessage(L('code_error'), HTTP_REFERER); } $_SESSION['code'] = ''; } $username = isset($_POST['username']) && is_username($_POST['username']) ? trim($_POST['username']) : showmessage(L('username_empty'), HTTP_REFERER); $password = isset($_POST['password']) && trim($_POST['password']) ? trim($_POST['password']) : showmessage(L('password_empty'), HTTP_REFERER); is_password($_POST['password']) && is_badword($_POST['password']) == false ? trim($_POST['password']) : showmessage(L('password_format_incorrect'), HTTP_REFERER); $cookietime = intval($_POST['cookietime']); $synloginstr = ''; //同步登陆js代码 if (pc_base::load_config('system', 'phpsso')) { $this->_init_phpsso(); $status = $this->client->ps_member_login($username, $password); $memberinfo = unserialize($status); if (isset($memberinfo['uid'])) { //查询帐号 $r = $this->db->get_one(array('phpssouid' => $memberinfo['uid'])); if (!$r) { //插入会员详细信息,会员不存在 插入会员 $info = array('phpssouid' => $memberinfo['uid'], 'username' => $memberinfo['username'], 'password' => $memberinfo['password'], 'encrypt' => $memberinfo['random'], 'email' => $memberinfo['email'], 'regip' => $memberinfo['regip'], 'regdate' => $memberinfo['regdate'], 'lastip' => $memberinfo['lastip'], 'lastdate' => $memberinfo['lastdate'], 'groupid' => $this->_get_usergroup_bypoint(), 'modelid' => 10); //如果是connect用户 if (!empty($_SESSION['connectid'])) { $userinfo['connectid'] = $_SESSION['connectid']; } if (!empty($_SESSION['from'])) { $userinfo['from'] = $_SESSION['from']; } unset($_SESSION['connectid'], $_SESSION['from']); $this->db->insert($info); unset($info); $r = $this->db->get_one(array('phpssouid' => $memberinfo['uid'])); } $password = $r['password']; $synloginstr = $this->client->ps_member_synlogin($r['phpssouid']); } else { if ($status == -1) { //用户不存在 showmessage(L('user_not_exist'), 'index.php?m=member&c=index&a=login'); } elseif ($status == -2) { //密码错误 showmessage(L('password_error'), 'index.php?m=member&c=index&a=login'); } else { showmessage(L('login_failure'), 'index.php?m=member&c=index&a=login'); } } } else { //密码错误剩余重试次数 $this->times_db = pc_base::load_model('times_model'); $rtime = $this->times_db->get_one(array('username' => $username)); if ($rtime['times'] > 4) { $minute = 60 - floor((SYS_TIME - $rtime['logintime']) / 60); showmessage(L('wait_1_hour', array('minute' => $minute))); } //查询帐号 $r = $this->db->get_one(array('username' => $username)); if (!$r) { showmessage(L('user_not_exist'), 'index.php?m=member&c=index&a=login'); } //验证用户密码 $password = md5(md5(trim($password)) . $r['encrypt']); if ($r['password'] != $password) { $ip = ip(); if ($rtime && $rtime['times'] < 5) { $times = 5 - intval($rtime['times']); $this->times_db->update(array('ip' => $ip, 'times' => '+=1'), array('username' => $username)); } else { $this->times_db->insert(array('username' => $username, 'ip' => $ip, 'logintime' => SYS_TIME, 'times' => 1)); $times = 5; } showmessage(L('password_error', array('times' => $times)), 'index.php?m=member&c=index&a=login', 3000); } $this->times_db->delete(array('username' => $username)); } //如果用户被锁定 if ($r['islock']) { showmessage(L('user_is_lock')); } $userid = $r['userid']; $groupid = $r['groupid']; $username = $r['username']; $nickname = empty($r['nickname']) ? $username : $r['nickname']; $updatearr = array('lastip' => ip(), 'lastdate' => SYS_TIME); //vip过期,更新vip和会员组 if ($r['overduedate'] < SYS_TIME) { $updatearr['vip'] = 0; } //检查用户积分,更新新用户组,除去邮箱认证、禁止访问、游客组用户、vip用户,如果该用户组不允许自助升级则不进行该操作 if ($r['point'] >= 0 && !in_array($r['groupid'], array('1', '7', '8')) && empty($r[vip])) { $grouplist = getcache('grouplist'); if (!empty($grouplist[$r['groupid']]['allowupgrade'])) { $check_groupid = $this->_get_usergroup_bypoint($r['point']); if ($check_groupid != $r['groupid']) { $updatearr['groupid'] = $groupid = $check_groupid; } } } //如果是connect用户 if (!empty($_SESSION['connectid'])) { $updatearr['connectid'] = $_SESSION['connectid']; } if (!empty($_SESSION['from'])) { $updatearr['from'] = $_SESSION['from']; } unset($_SESSION['connectid'], $_SESSION['from']); $this->db->update($updatearr, array('userid' => $userid)); if (!isset($cookietime)) { $get_cookietime = param::get_cookie('cookietime'); } $_cookietime = $cookietime ? intval($cookietime) : ($get_cookietime ? $get_cookietime : 0); $cookietime = $_cookietime ? SYS_TIME + $_cookietime : 0; $phpcms_auth = sys_auth($userid . "\t" . $password, 'ENCODE', get_auth_key('login')); param::set_cookie('auth', $phpcms_auth, $cookietime); param::set_cookie('_userid', $userid, $cookietime); param::set_cookie('_username', $username, $cookietime); param::set_cookie('_groupid', $groupid, $cookietime); param::set_cookie('_nickname', $nickname, $cookietime); //param::set_cookie('cookietime', $_cookietime, $cookietime); $forward = isset($_POST['forward']) && !empty($_POST['forward']) ? urldecode($_POST['forward']) : 'index.php?m=member&c=index'; showmessage(L('login_success') . $synloginstr, $forward); } else { $setting = pc_base::load_config('system'); $forward = isset($_GET['forward']) && trim($_GET['forward']) ? urlencode($_GET['forward']) : ''; $siteid = isset($_REQUEST['siteid']) && trim($_REQUEST['siteid']) ? intval($_REQUEST['siteid']) : 1; $siteinfo = siteinfo($siteid); include template('member', 'login'); } }
/** * @description 重置密码 * @author * @final * @param int $uid 学生id * @param string $new_password 新密码 * @param string $confirm_password 重复密码 */ public function reset_password() { if (!$this->check_power('student_manage')) { return; } $new_password = $this->input->post('new_password'); $new_confirm_password = $this->input->post('confirm_password'); $uid = intval($this->input->post('uid')); if (is_string($passwd_msg = is_password($new_password))) { output_json(CODE_ERROR, $passwd_msg); } if (!strlen(trim($new_confirm_password))) { output_json(CODE_ERROR, '确认密码不能为空.'); } if ($new_confirm_password != $new_password) { output_json(CODE_ERROR, '两次密码输入不一致.'); } //检查是否存在该学生 $passwd = StudentModel::get_student($uid, 'password'); if (!count($passwd)) { output_json(CODE_ERROR, '不存在该学生.'); } //修改学生密码 $flag = StudentModel::reset_password($uid, my_md5($new_password)); if (!$flag) { output_json(CODE_ERROR, '密码修改失败,请重试'); } output_json(CODE_SUCCESS, '密码修改成功.'); }
/** * 题库管理员密码重置 * from 后台管理员批量导入 */ public function resetpwd() { $hash = $this->input->get('code'); $admin_id = admin_email_hash('decode', $hash, 1800); $admin_id && ($admin = CpUserModel::get_cpuser($admin_id)); if (!$admin) { message('重置链接已失效,请重新提交申请', 'admin/index/login'); } if ($this->input->post('act') == 'submit') { $password = $this->input->post('password'); $newpwd_confirm = $this->input->post('password_confirm'); if (is_string($passwd_msg = is_password($password))) { message($passwd_msg); } if ($password != $newpwd_confirm) { message('您两次输入密码不一致,返回请确认!'); } $this->db->update('admin', array('password' => my_md5($password)), array('admin_id' => $admin_id)); message('您的新密码已设置成功.', 'admin/index/login', 'success'); } else { // 模版 $this->load->view('cpuser/resetpwd', array('hash' => $hash)); } }
function forgot_pwd($type = 'bp') { $this->load->library('form_validation'); //开始验证,验证规则在config/form_validation.php $valid = $this->form_validation->run('index/reg'); if (!$valid) { //未通过验证 $msg = $this->form_validation->error_string(); ajax_return($msg, 3); } $pwd = trim($this->input->post('pwd')); if (!is_password($pwd)) { ajax_return(lang('pwd_format_is_not_valid')); } $model = $this->bp_users_model; if ($type == 'user_info') { $model = $this->user_info_model; } $user = null; $mobile = $this->input->post('mobile'); if ($mobile) { $username = htmlspecialchars(trim($this->input->post('username'))); if ($type == 'bp' && $username == '') { ajax_return('BP帐号不能为空!'); } elseif ($type == 'bp') { $user = $model->getOne(array('user_id' => $username, 'mobile' => $mobile)); } else { $user = $model->getOne(array('mobile' => $mobile)); } } //判断用户是否存在 if (!$user) { if ($type == 'bp') { ajax_return(lang('user_not_exist_or_valid')); } ajax_return(lang('user_not_exist'), 3); } $sms_code = $this->input->post('sms_code'); $this->load->model('sms_code_model'); $one = $this->sms_code_model->get_u_sms_code($mobile); //没有发送验证码 if (!$one) { ajax_return(lang('not_send_sms'), 3); } //验证码不正确 if ($sms_code != $one->smscode) { ajax_return(lang('sms_incorrect'), 3); } //验证码过期 if (time() - strtotime($one->send_date) > $one->expire_in) { ajax_return(lang('sms_code_time_out'), 3); } $password = md5($pwd); $flag = false; if ($type == 'bp') { $flag = $model->update(array('password' => $password), array('id' => $user->id)); } else { $flag = $model->update(array('pwd' => $password), array('uuid' => $user->uuid)); } if ($flag) { ajax_return('重置密码成功,请重新登录', 0); } ajax_return('重置密码失败,请使用新密码登录!'); }
if ($user['gid'] == 1) { $mobile and !is_mobile($mobile, $err) and message(1, $err); //$username AND !is_username($username, $err) AND message(3, $err); if ($mobile and $old['mobile'] != $mobile) { $user = user_read_by_mobile($mobile); $user and message(1, '用户手机已经存在'); } if ($username and $old['username'] != $username) { $user = user_read_by_username($username); $user and message(3, '用户已经存在'); } $arr['mobile'] = $mobile; $arr['username'] = $username; $arr['gid'] = $gid; if ($password) { !is_password($password, $err) and message(4, $err); $salt = mt_rand(10000000, 9999999999); $arr['password'] = md5($password . $salt); $arr['salt'] = $salt; } } $r = user_update($uid, $arr); $r !== FALSE ? message(0, '更新成功') : message(11, '更新失败'); } } elseif ($action == 'delete') { if ($method != 'POST') { message(-1, 'Method Error.'); } $uid = param('uid', 0); $state = user_delete($uid); $state === FALSE and message(11, '删除失败');
/** * @description 重置密码 * @author * @final * @param int $uid 管理员id * @param string $password 密码 * @param string $password_confirm 确认密码 */ public function reset_password() { $new_password = $this->input->post('new_password'); $new_confirm_password = $this->input->post('confirm_password'); $admin_id = intval($this->input->post('uid')); if (is_string($passwd_msg = is_password($new_password))) { output_json(CODE_ERROR, $passwd_msg); } if (!strlen(trim($new_confirm_password))) { output_json(CODE_ERROR, '确认密码不能为空.'); } if ($new_confirm_password != $new_password) { output_json(CODE_ERROR, '两次密码输入不一致.'); } //检查旧密码是否正确 $passwd = CpUserModel::get_cpuser($admin_id, 'password'); if (!count($passwd)) { output_json(CODE_ERROR, '不存在该管理员.'); } //检查帐号密码是否正确 $flag = $this->db->update('admin', array('password' => my_md5($new_password)), array('admin_id' => $admin_id)); if (!$flag) { output_json(CODE_ERROR, '密码修改失败,请重试'); } output_json(CODE_SUCCESS, '密码修改成功.'); }