/** * 修改密码 */ public function actionResetPassword() { $this->layout = "main"; $key = Yii::$app->controller->id . '/' . Yii::$app->controller->action->id; $post = Yii::$app->request->post(); $config = Yii::$app->util->loadConfig('flow')[$key]['url']; if (!$this->isLogin) { return $this->actionLogin(); die; } if (empty($post)) { return $this->render('reset_password/step1', ['url' => $config]); } else { $pregPassword = $post['newPassword']; // 正则匹配 密码格式 $preg = "/((?=.*\\d)(?=.*\\D)|(?=.*[a-zA-Z])(?=.*[^a-zA-Z]))^.{8,16}\$/"; $space = "/\\s/"; $numSpace = preg_match($space, $pregPassword); $num = preg_match($preg, $pregPassword); $post = array_map('trim', $post); $post = array_map('htmlEntityString', $post); // 获取用户密码信息 $userBaseInfo = new UserBaseInfo(); $session = Yii::$app->session[UserBaseInfo::SESSION_KEY_USER]; $userId = $session['id']; $oldPassword = $userBaseInfo->getUserById($userId)['password']; $salt = $userBaseInfo->getUserById($userId)['password_salt']; $originPassword = md5(md5($post['origin-password']) . $salt); $newPassword = $post['newPassword']; // 判断新设置的密码是否与原密码箱等 if ($post['origin-password'] == $newPassword) { return $this->render('reset_password/step1', ['failure' => '新密码与原密码箱等', 'url' => $config]); } $userOperateLog = new UserOperateLog(); // 判断填入的密码与原密码是否相等 if ($oldPassword == $originPassword && $num != 0 && $numSpace == 0) { if (empty($session['open_id'])) { $userOperateLog->store('修改密码', $oldPassword, $originPassword); return $this->render('reset_password/step1', ['failure' => '登录失效', 'url' => $config]); } // 更改密码操作 $result = $userBaseInfo->updatePassword($userId, $newPassword); //写入日志 $userOperateLog->store('修改密码', $oldPassword, $originPassword, $result); // 判断操作结果 if ($result) { // 针对SSO用户同步相关信息 $data = $result; $data['open_id'] = $session['open_id']; try { $sso = Yii::$app->sso; $res = $sso->sync('password', $data); $sso->syncProfileLog($res, json_encode($data), 'password'); } catch (\Exception $e) { } $session = Yii::$app->session; unset($session[UserBaseInfo::SESSION_KEY_USER]); // $session->destroy(); $cookies = Yii::$app->response->cookies; unset($cookies[UserBaseInfo::COOKIE_KEY_ID]); unset($cookies[UserBaseInfo::COOKIE_KEY_NAME]); return $this->render('reset_password/step2'); } else { return $this->render('reset_password/step1', ['failure' => '修改密码失败', 'url' => $config]); } } else { $userOperateLog->store('修改密码', $oldPassword, $originPassword); return $this->render('reset_password/step1', ['failure' => '原密码输入错误', 'url' => $config]); } } }
/** * Action ResetPassword */ public function actionResetPassword() { // TODO: 内测痛过后增加请求的限制 $config = Yii::$app->util->loadConfig('flow'); $ca = 'user/find-password'; $session = Yii::$app->session; $session->open(); $curBusiName = $ca; $curBusiStep = 'step4'; //$session[$ca]; $userid = 1; //$session[$ca]['data']['userid']; $mobile = '18601352377'; //$session[$ca]['data']['mobile']; $password = '******'; //$session[$ca]['data']['password']; $rePassword = '******'; //$session[$ca]['data']['re_password']; if (!$userid) { Yii::$app->util->formatResData(900, 'error_user_nexists', '用户不存在'); } if (empty($password) || empty($rePassword)) { Yii::$app->util->formatResData(1000, 'param_missing_password', '密码不能为空'); } if (empty($rePassword)) { Yii::$app->util->formatResData(1001, 'param_missing_repassword', '密码确认不能为空'); } if ($password !== $rePassword) { Yii::$app->util->formatResData(1100, 'error_password_nequal', '两次密码输入不符'); } if (!isset($config[$curBusiName]) && !isset($config[$curBusiName][$curBusiStep])) { Yii::$app->util->formatResData(1002, 'missing_busi_param', '系统繁忙,请稍后重试'); } $stepConfig = $config[$curBusiName][$curBusiStep]; $relStep = isset($stepConfig['relStep']) ? $stepConfig['relStep'] : null; if (!$relStep || $curBusiStep !== $relStep) { Yii::$app->util->formatResData(1200, 'error_curstep_illegal', '系统繁忙,请稍后重试'); } $result = false; try { $mUser = new UserBaseInfo(); $result = $mUser->updatePassword($userid, $password); } catch (\Exception $e) { // TODO: 增加日志记录 } if ($result) { unset($session[$curBusiName]); unset($session['captcha_' . $curBusiName]); Yii::$app->util->formatResData(0, 'success', ['url' => $stepConfig['url']]); } else { Yii::$app->util->formatResData(1300, 'error_register', '重置密码失败'); } }