public function loginAction() { //登录验证 $this->view->disable(); $code = trim(htmlspecialchars($this->request->getPost('code'))); if (strtolower($code) != $this->session->get('verify_code')) { echo "<script>alert('验证码错误');history.back();</script>"; } $username = trim(htmlspecialchars($this->request->getPost('username'))); $password = md5(trim(htmlspecialchars($this->request->getPost('password')))); if (empty($code) || empty($username) || empty($password)) { echo "<script>alert('用户名或密码不能为空');history.back();</script>"; } $where = array("name = :name: and passwd = :passwd:", 'bind' => array('name' => $username, 'passwd' => $password)); $user = Admin::findFirst($where); if ($user) { if ($user->getActive() == 0) { echo "<script>alert('该用户已经被冻结');history.back();</script>"; exit; } $this->session->set('depart_id', $user->getDepart()); $this->session->set('username', $username); $this->session->set('uid', $user->getId()); // header("location:/backend/system/user"); $this->response->redirect('/backend/system/user'); } else { echo "<script>alert('用户名或密码错误');history.back();</script>"; exit; } }
public function chpassAction() { //密码修改 if ($this->request->isPost()) { $this->view->disable(); $oldpass = trim($this->request->getPost('oldpass')); $newpass = trim($this->request->getPost('newpass')); if (empty($oldpass) || empty($newpass)) { echo "<script>alert('密码不能为空'),history.back();</script>"; exit; } $user = Admin::findFirst($this->uid); if (md5($oldpass) != $user->getPasswd()) { echo "<script>alert('原密码错误'),history.back();</script>"; exit; } $user->setPasswd(md5($newpass)); $user->update(); echo "<script>alert('密码修改成功'),history.back();</script>"; exit; } else { $this->response->setStatusCode(404, "Not Found"); } }