public static function sp_password($pw){
$decor=md5(Config::get("dbprefix"));
$mi=md5($pw);
return substr($decor,0,12).$mi.substr($decor,-4,4);
}
public static function create_encrypt(){
return self::sp_random_string();
}
/**
* 随机字符串生成
* @param int $len 生成的字符串长度
* @return string
*/
public static function sp_random_string($len = 6) {
$chars = array(
"a", "b", "c", "d", "e", "f", "g", "h", "i", "j", "k",
"l", "m", "n", "o", "p", "q", "r", "s", "t", "u", "v",
"w", "x", "y", "z", "A", "B", "C", "D", "E", "F", "G",
"H", "I", "J", "K", "L", "M", "N", "O", "P", "Q", "R",
"S", "T", "U", "V", "W", "X", "Y", "Z", "0", "1", "2",
"3", "4", "5", "6", "7", "8", "9"
);
$charsLen = count($chars) - 1;
shuffle($chars); // 将数组打乱
$output = "";
for ($i = 0; $i < $len; $i++) {
$output .= $chars[mt_rand(0, $charsLen)];
}
return $output;
}
public function modify_pwd() {
$this->act_data['modify_pwd']['desc'] = "修改密码";
$old_pwd = $this->request->post("old_pwd");
$new_pwd = $this->request->post("new_pwd");
//新的密码必须是6位数;
$num=strlen($new_pwd);
if($num!=6){
$e = new user_exception();
$e->seterror(625);
throw $e;
}
$affirm_new_pwd = $this->request->post("affirm_new_pwd");
$usin = Db::name(self::user)->field("user_password,f_user_encrypt")->where("user_id", $this->userinfo['user_id'])->find();
if (md5(tool::sp_password($old_pwd) . $usin['f_user_encrypt']) !== $usin['f_user_password']) {
$e = new user_exception();
$e->seterror(841);
throw $e;
}
if ($new_pwd !== $affirm_new_pwd) {
$e = new user_exception();
$e->seterror(842);
throw $e;
}
$create_encrypt_str = tool::create_encrypt();
$create_new_pwd = md5(tool::sp_password($new_pwd) . $create_encrypt_str);
Db::name(self::user)->where("f_user_id", $this->userinfo['user_id'])->update([
'user_password' => $create_new_pwd,
'user_encrypt' => $create_encrypt_str
]);
return ["msg" => "操作成功"];
}
浙公网安备 33010602011771号