find-password.ctrl.php 1.8 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465
  1. <?php
  2. /**
  3. * [WeEngine System] Copyright (c) 2014 WE7.CC
  4. * WeEngine is NOT a free software, it under the license terms, visited http://www.we7.cc/ for more details.
  5. */
  6. defined('IN_IA') or exit('Access Denied');
  7. load()->model('user');
  8. load()->model('setting');
  9. load()->model('utility');
  10. $dos = array('valid_mobile', 'set_password', 'success');
  11. $do = in_array($do, $dos) ? $do : '';
  12. $setting_sms_sign = setting_load('site_sms_sign');
  13. $find_password_sign = !empty($setting_sms_sign['site_sms_sign']['find_password']) ? $setting_sms_sign['site_sms_sign']['find_password'] : '';
  14. if (!empty($do)) {
  15. $mobile = safe_gpc_string($_GPC['receiver']);
  16. $find_mobile = user_check_mobile($mobile);
  17. if (is_error($find_mobile)) {
  18. iajax($find_mobile['errno'], $find_mobile['message']);
  19. }
  20. }
  21. if ($do == 'valid_mobile') {
  22. iajax(0, '手机号正确.');
  23. }
  24. if ($do == 'set_password') {
  25. if ($_W['isajax'] && $_W['ispost']) {
  26. $code = safe_gpc_string($_GPC['code']);
  27. if (empty($code)) {
  28. iajax(-1, '短信验证码不能为空');
  29. }
  30. $verify_res = utility_smscode_verify(0, $mobile, $code);
  31. if (is_error($verify_res)) {
  32. iajax($verify_res['errno'], $verify_res['message']);
  33. }
  34. $password = safe_gpc_string($_GPC['password']);
  35. $repassword = safe_gpc_string($_GPC['repassword']);
  36. if (empty($password) || empty($repassword)) {
  37. iajax(-1, '密码不能为空');
  38. }
  39. if ($password != $repassword) {
  40. iajax(-1, '两次密码不一致');
  41. }
  42. $user_info = user_single($find_mobile['uid']);
  43. $password = user_password($password, $find_mobile['uid']);
  44. if ($password == $user_info['password']) {
  45. iajax(-2, '密码未做更改');
  46. }
  47. $result = pdo_update('users', array('password' => $password), array('uid' => $user_info['uid']));
  48. if ($result) {
  49. iajax(0, '设置密码成功');
  50. } else {
  51. iajax(-1, '密码设置失败!');
  52. }
  53. }
  54. }
  55. template('user/find-password');