function changepwd($id = FALSE)
{
if (isset($_POST['id']) && isset($_POST['password']) && isset($_POST['repeatedpassword'])) {
if ($_POST['password'] != $_POST['repeatedpassword']) {
$message = "两次密码输入不相同,请重新输入";
respFailed($message);
} else {
$user_orm = ORM::factory('user')->where('id', $_POST['id'])->find();
if ($user_orm->loaded) {
$user_orm->password = sha1($_POST['password']);
$user_orm->save();
if ($user_orm->saved) {
respOk(array());
} else {
$message = "修改密码失败,数据库操作错误";
respFailed($message);
}
} else {
$message = "修改密码失败,不存在的用户ID";
respFailed($message);
}
}
} else {
$this->changepwd_render($id);
}
}
function validate()
{
$post = new Validation($_POST);
$post->add_rules('username', 'required');
$post->add_rules('password', 'required');
if (!$post->validate()) {
echo '必须填写用户名和密码';
return;
}
$username = $_POST['username'];
$password = $_POST['password'];
$user_orm = ORM::factory('user')->where(array('name' => $username, 'password' => sha1($password)))->find();
if ($user_orm->loaded) {
$id = $user_orm->id;
if ($user_orm->active == 1) {
$this->session->set('user_id', $id);
$this->session->set('username', $username);
$this->session->set('role_id', $user_orm->role_id);
respOk(array());
} else {
$message = "登录失败,用户处于禁止状态";
respFailed($message);
}
} else {
$message = "登录失败,用户名或密码错误";
respFailed($message);
}
return;
}