Accueil Explorer Aide
S'inscrire Connexion
richod
/
ximushanyuan
1
0
Fork 0
Fichiers Tickets 0 Pull Requests 0 Wiki
Branche: master
Branches Tags
ximushanyuan
/
web
/
source
/
user
/
find-password.ctrl.php

find-password.ctrl.php 2.5 KB
Lien permanent Historique Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * [WeEngine System] Copyright (c) 2014 WE7.CC
    4. 

  4.  * WeEngine is NOT a free software, it under the license terms, visited http://www.we7.cc/ for more details.
    5. 

  5.  */
    6. 

  6. defined('IN_IA') or exit('Access Denied');
    7. 

  7. 

  8. load()->model('user');
    9. 

  9. load()->model('setting');
    10. 

  10. 

  11. $dos = array('find_password', 'valid_mobile', 'valid_code', 'set_password', 'success');
    12. 

  12. $do = in_array($do, $dos) ? $do : 'find_password';
    13. 

  13. 

  14. $setting_sms_sign = setting_load('site_sms_sign');
    15. 

  15. $find_password_sign = !empty($setting_sms_sign['site_sms_sign']['find_password']) ? $setting_sms_sign['site_sms_sign']['find_password'] : '';
    16. 

  16. 

  17. $mobile = trim($_GPC['mobile']);
    18. 

  18. if (in_array($do, array('valid_mobile', 'valid_code', 'set_password'))) {
    19. 

  19. 	if (empty($mobile)) {
    20. 

  20. 		iajax(-1, '手机号不能为空');
    21. 

  21. 	}
    22. 

  22. 	if (!preg_match(REGULAR_MOBILE, $mobile)) {
    23. 

  23. 		iajax(-1, '手机号格式不正确');
    24. 

  24. 	}
    25. 

  25. 

  26. 	$user_profile = table('users');
    27. 

  27. 	$find_mobile = $user_profile->userProfileMobile($mobile);
    28. 

  28. 	if (empty($find_mobile)) {
    29. 

  29. 		iajax(-1, '手机号不存在');
    30. 

  30. 	}
    31. 

  31. }
    32. 

  32. if ($do == 'valid_mobile') {
    33. 

  33. 	iajax(0, '本地校验成功');
    34. 

  34. }
    35. 

  35. 

  36. if ($do == 'valid_code') {
    37. 

  37. 	if ($_W['isajax'] && $_W['ispost']) {
    38. 

  38. 		$code = trim($_GPC['code']);
    39. 

  39. 		$image_verify =trim($_GPC['verify']);
    40. 

  40. 

  41. 		if (empty($code)) {
    42. 

  42. 			iajax(-1, '短信验证码不能为空');
    43. 

  43. 		}
    44. 

  44. 

  45. 		if (empty($image_verify)) {
    46. 

  46. 			iajax(-1, '图形验证码不能为空');
    47. 

  47. 		}
    48. 

  48. 

  49. 		$captcha = checkcaptcha($image_verify);
    50. 

  50. 		if (empty($captcha)) {
    51. 

  51. 			iajax(-1, '图形验证码错误,请重新获取');
    52. 

  52. 		}
    53. 

  53. 

  54. 		$user_table = table('users');
    55. 

  55. 		$code_info = $user_table->userVerifyCode($mobile, $code);
    56. 

  56. 		if (empty($code_info)) {
    57. 

  57. 			iajax(-1, '短信验证码不正确');
    58. 

  58. 		}
    59. 

  59. 		if ($code_info['createtime'] + 120 < TIMESTAMP) {
    60. 

  60. 			iajax(-1, '短信验证码已过期,请重新获取');
    61. 

  61. 		}
    62. 

  62. 

  63. 		iajax(0, '');
    64. 

  64. 	} else {
    65. 

  65. 		iajax(-1, '非法请求');
    66. 

  66. 	}
    67. 

  67. }
    68. 

  68. 

  69. if ($do == 'set_password') {
    70. 

  70. 	if ($_W['isajax'] && $_W['ispost']) {
    71. 

  71. 		$password = $_GPC['password'];
    72. 

  72. 		$repassword = $_GPC['repassword'];
    73. 

  73. 		if (empty($password) || empty($repassword)) {
    74. 

  74. 			iajax(-1, '密码不能为空');
    75. 

  75. 		}
    76. 

  76. 

  77. 		if ($password != $repassword) {
    78. 

  78. 			iajax(-1, '两次密码不一致');
    79. 

  79. 		}
    80. 

  80. 

  81. 		$user_info = user_single($find_mobile['uid']);
    82. 

  82. 		$password = user_hash($password, $user_info['salt']);
    83. 

  83. 		if ($password == $user_info['password']) {
    84. 

  84. 			iajax(-2, '不能使用最近使用的密码');
    85. 

  85. 		}
    86. 

  86. 		$result = pdo_update('users', array('password' => $password), array('uid' => $user_info['uid']));
    87. 

  87. 		if (empty($result)) {
    88. 

  88. 			iajax(0, '设置密码成功');
    89. 

  89. 		}
    90. 

  90. 		iajax(0);
    91. 

  91. 	}
    92. 

  92. }
    93. 

  93. template('user/find-password');
    94.