修改密码 MVC

控制器site

    public function actionPassword(){
        $model = new PasswordForm();
        /*判断请求属性
        if ($request->isAjax) { // 判断是否为AJAX 请求 };if ($request->isGet)  { // 判断是否为GET 请求 };if ($request->isPost) { // 判断是否为POST 请求};if ($request->isPut)  { // 判断是否为PUT 请求 }
        */
        $request = Yii::$app->request;

        if ($request->isPost && $model->load(Yii::$app->request->post()) && $model->changePassword()){

            Yii::$app->user->logout();
            return $this->goHome();
        }else{
            return $this->render('password',['model'=>$model]);
        }
    }

passworForm表单模型

    public function changePassword(){
/*rules验证,不习惯用else的话,把else删了自己创建rules*/
// if (!$this->validate()) {
// return null;
// }
$id=Yii::$app->user->id;
$user = User::findIdentity($id);
$password = $user->password_hash;
if (Yii::$app->getSecurity()->validatePassword($this->password,$password)){
if ($this->pass1 == $this->pass2){
$newpass = Yii::$app->getSecurity()->generatePasswordHash($this->pass1);
$user->password=$newpass;
$user->a($id,$newpass);
if ($user->save()){
return true;
}else{
return false;
}
}else{
Yii::$app->session->setFlash('error','两次密码不一样');
return false;
}
}else{
Yii::$app->session->setFlash('error','旧密码错误');
return false;
}
/*findIdentity($id)根据ID获取用户信息 getId()获取用户id*/
}

User模型

    public function a($id,$model){
        $user = User::findIdentity($id);   
        $user->password_hash=$model;
        $user->save();
    }

视图password.php

<?php

/* @var $this yii\web\View */
/* @var $form yii\bootstrap\ActiveForm */
/* @var $model PasswordForm */

use backend\models\PasswordForm;
use yii\helpers\Html;
use yii\bootstrap\ActiveForm;
//
$this->title = '修改密码';
$this->params['breadcrumbs'][] = $this->title;
?>
<div class="left">
    <div class="row">
        <div class="col-md-1">
        </div>
        <div class="col-md-6">
            <div class="box">
                <div class="box-header with-border">
                    <h3 class="box-title">修改密码</h3>
                </div>
                <?php $form = ActiveForm::begin(['id' => 'login-form', 'enableClientValidation' => false]); ?>
                <div class="box-body">

                    <div class="form-group">
                        <label for="inputEmail3" class="col-sm-2 control-label">当前用户</label>
                        <div class="col-sm-9">
                            <div type="text" readonly="readonly" disabled="disabled" class="form-control" id="user_role" >
                            <?= Yii::$app->user->identity->username; ?>
                            </div>
                        </div><br><br>
                    </div>

                    <div class="form-group">
                        <label for="inputPassword3" class="col-sm-2 control-label">旧密码</label>
                        <div class="col-sm-9">
                            <?= $form
                                ->field($model, 'password')
                                ->label(false)
                                ->textInput(['placeholder' => $model->getAttributeLabel('旧密码')]) ?>
                        </div>
                    </div>

                    <div class="form-group">
                        <label for="inputPassword3" class="col-sm-2 control-label">新密码</label>
                        <div class="col-sm-9">
                            <?= $form
                                ->field($model, 'pass1')
                                ->label(false)
                                ->passwordInput(['placeholder' => $model->getAttributeLabel('新密码')]) ?>
                        </div>
                    </div>

                    <div class="form-group">
                        <label for="inputPassword3" class="col-sm-2 control-label">确认密码</label>
                        <div class="col-sm-9">
                            <?= $form
                                ->field($model, 'pass2')
                                ->label(false)
                                ->passwordInput(['placeholder' => $model->getAttributeLabel('确认密码')]) ?>
                        </div>
                    </div>
                </div>
                <!-- /.box-body -->
                <div class="box-footer">
<!--                    <label id="msg_info" class="control-label text-green hide"><i class="fa fa-check"></i>修改密码成功</label>-->
                    <?= Html::submitButton('修改密码', ['class' => 'btn btn-primary']) ?>
                </div>
                <!-- /.box-footer -->
                <?php ActiveForm::end(); ?>
            </div>
        </div>

        <div class="col-md-5">
        </div>
    </div>
</div>

 

上一篇:PBKDF2加密的实现


下一篇:15-PHP代码审计——yii 2.0.37反序列化漏洞