private function login($filter)
{
$user_data['login_name'] = $filter['uname'];
$user_data['account_type'] = pamAccount::getAuthType('desktop');
$user_data['disabled'] = 0;
$arr = app::get('desktop')->model('account')->getRow('account_id,login_password', $user_data);
if (!$arr) {
return false;
}
$checkPwd = pam_encrypt::check($filter['password'], $arr['login_password']);
if (!$checkPwd) {
return false;
}
return $arr;
}
private function __verifyLogin($loginName, $password)
{
if (empty($loginName) || !$password) {
pamAccount::setLoginErrorCount();
throw new \LogicException(app::get('desktop')->_('用户名或密码错误'));
}
$rows = app::get('desktop')->model('account')->getRow('*', array('login_name' => trim($loginName), 'disabled' => 0));
if ($rows && pam_encrypt::check($password, $rows['login_password'])) {
pamAccount::setLoginErrorCount(true);
} else {
pamAccount::setLoginErrorCount();
throw new \LogicException(app::get('desktop')->_('用户名或密码错误'));
}
return $rows['account_id'];
}
function chkpassword()
{
$this->begin('?app=desktop&ctl=users&act=index');
$users = $this->app->model('users');
if ($_POST) {
$sdf = $users->dump($_POST['user_id'], '*', array(':account@desktop' => array('*'), 'roles' => array('*')));
$old_password = $sdf['account']['login_password'];
//这里加了一个判断,判断是自行改密码还是超级管理员去修改
//如果是自行改密码,就去匹配自己的密码。如果是管理员的话,就去匹配超级管理员的密码
if ($_POST['self'] == 'self') {
$_POST['user_id'] = $this->user->get_id();
$filter['account_id'] = $this->user->get_id();
$filter['account_type'] = pamAccount::getAuthType();
} else {
$super_row = $users->getList('user_id', array('super' => '1'));
$filter['account_id'] = $super_row[0]['user_id'];
$filter['account_type'] = pamAccount::getAuthType();
$super_data = $users->dump($filter['account_id'], '*', array(':account@desktop' => array('*')));
}
$pass_row = app::get('desktop')->model('account')->getRow('account_id,login_password', $filter);
if (!$pass_row || !pam_encrypt::check(input::get('old_login_password'), $pass_row['login_password'])) {
$this->end(false, app::get('desktop')->_('管理员密码或原始密码不正确'));
} elseif (!(strlen($_POST['new_login_password']) >= 6 && preg_match("/\\d+/", $_POST['new_login_password']) && preg_match("/[a-zA-Z]+/", $_POST['new_login_password']))) {
$this->end(false, app::get('desktop')->_('密码必须同时包含字母及数字且长度不能小于6!'));
} elseif ($sdf['account']['login_name'] == $_POST['new_login_password']) {
$this->end(false, app::get('desktop')->_('用户名与密码不能相同'));
} elseif ($_POST['new_login_password'] !== $_POST['pam_account']['login_password']) {
// //修改0000!=00000为true的问题@lujy
$this->end(false, app::get('desktop')->_('两次密码不一致'));
} else {
$_POST['pam_account']['account_id'] = $_POST['user_id'];
$_POST['pam_account']['login_password'] = pam_encrypt::make(trim($_POST['new_login_password']));
$users->save($_POST);
$this->end(true, app::get('desktop')->_('密码修改成功'));
}
}
$pagedata['user_id'] = $_GET['id'];
$pagedata['self'] = $_GET['self'];
$this->adminlog("修改平台管理员密码[{$_POST['user_id']}]", 1);
return $this->page('desktop/users/chkpass.html', $pagedata);
}
/**
* @brief 企业密码修改
*
* @param array $data 企业密码
*
* @return int userId
*/
public function modifyPwd($data)
{
//检查数据安全
$data = utils::_filter_input($data);
$accountShopModel = app::get('sysshop')->model('account');
$filter = array('seller_id' => pamAccount::getAccountId());
$account = $accountShopModel->getRow('seller_id,login_password', $filter);
if (!$account) {
return false;
}
//检查密码合法,是否一致
$this->checkPassport($data['login_password'], $data['psw_confirm']);
if (!pam_encrypt::check($data['login_password_old'], $account['login_password'])) {
throw new \LogicException(app::get('sysshop')->_('原密码填写错误,请重新填写!'));
}
$pamShopData['login_password'] = pam_encrypt::make($data['login_password']);
$pamShopData['seller_id'] = $filter['seller_id'];
$pamShopData['modified_time'] = time();
if (!($sellerId = $accountShopModel->save($pamShopData))) {
throw new \LogicException(app::get('sysshop')->_('修改失败'));
}
return true;
}
/**
* 修改密码,需要使用旧密码进行修改,新密码和确认密码需要一致
*
* @param int $userId 修改密码的user_id
* @param array $data
*
* @return bool
*/
public function modifyPwd($data)
{
$data = utils::_filter_input($data);
$pamUserModel = app::get('sysuser')->model('account');
$account = $pamUserModel->getRow('modified_time,createtime,login_password,login_account', array('user_id' => $data['user_id']));
if (!$account) {
throw new \LogicException(app::get('sysuser')->_('会员信息有误'));
}
if ($data['type'] == "update" && $data['old_pwd']) {
if (!pam_encrypt::check($data['old_pwd'], $account['login_password'])) {
throw new \LogicException(app::get('sysuser')->_('原密码错误'));
}
}
//检查密码合法,是否一致
$this->checkPwd($data['new_pwd'], $data['confirm_pwd']);
$pamUserData['login_password'] = pam_encrypt::make($data['new_pwd']);
if ($data['uname']) {
$type = kernel::single('pam_tools')->checkLoginNameType($data['uname']);
$this->checkSignupAccount(trim($data['uname']), $type);
$pamUserData['login_account'] = $data['uname'];
$pamUserData['login_type'] = 'common';
}
$pamUserData['user_id'] = $data['user_id'];
$pamUserData['modified_time'] = time();
if (!($userId = $pamUserModel->save($pamUserData))) {
throw new \LogicException(app::get('sysuser')->_('修改失败'));
}
return true;
}
