From 4a478c317e49411e7d87255c1b83c9ad9b7ad9b8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A0=81=E9=BE=8D?= <695798354@qq.com> Date: Tue, 20 Sep 2022 08:54:29 +0000 Subject: [PATCH 1/4] =?UTF-8?q?=E6=9B=B4=E5=A5=BD=E7=9A=84=E4=BF=AE?= =?UTF-8?q?=E6=94=B9=E5=AF=86=E7=A0=81?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 码龍 <695798354@qq.com> --- application/admin/model/Admin.php | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/application/admin/model/Admin.php b/application/admin/model/Admin.php index 8c47f6f74..92107ce6f 100644 --- a/application/admin/model/Admin.php +++ b/application/admin/model/Admin.php @@ -4,6 +4,7 @@ namespace app\admin\model; use think\Model; use think\Session; +use fast\Random; class Admin extends Model { @@ -15,14 +16,19 @@ class Admin extends Model protected $updateTime = 'updatetime'; /** - * 重置用户密码 - * @author baiyouwen + * 修改用户密码 + * + * @param int $uid + * @param string $NewPassword + * @return boolean */ - public function resetPassword($uid, $NewPassword) + public static function changePassword($uid, $NewPassword) { - $passwd = $this->encryptPassword($NewPassword); - $ret = $this->where(['id' => $uid])->update(['password' => $passwd]); - return $ret; + $salt = Random::alnum(6); + return self::where('id', $uid)->update([ + 'salt' => $salt, + 'password' => self::encryptPassword($NewPassword, $salt) + ]); } // 密码加密 -- Gitee From b2369419040c7056c0fcc1a4f28033178db3ed11 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A0=81=E9=BE=8D?= <695798354@qq.com> Date: Tue, 20 Sep 2022 08:58:34 +0000 Subject: [PATCH 2/4] =?UTF-8?q?=E5=BC=80=E6=94=BE=E5=AF=86=E7=A0=81?= =?UTF-8?q?=E5=8A=A0=E5=AF=86=E6=96=B9=E6=B3=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 码龍 <695798354@qq.com> --- application/admin/model/Admin.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/application/admin/model/Admin.php b/application/admin/model/Admin.php index 92107ce6f..062028cd7 100644 --- a/application/admin/model/Admin.php +++ b/application/admin/model/Admin.php @@ -32,9 +32,9 @@ class Admin extends Model } // 密码加密 - protected function encryptPassword($password, $salt = '', $encrypt = 'md5') + public static function encryptPassword($password, $salt = '', $encrypt = 'md5') { - return $encrypt($password . $salt); + return $encrypt($encrypt($password) . $salt); } } -- Gitee From 56ececc487ae3eaa7c7d6ad874687d3b43007d4d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A0=81=E9=BE=8D?= <695798354@qq.com> Date: Tue, 20 Sep 2022 09:00:14 +0000 Subject: [PATCH 3/4] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E7=99=BB=E5=BD=95?= =?UTF-8?q?=E8=AE=A4=E8=AF=81=E6=96=B9=E6=B3=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 码龍 <695798354@qq.com> --- application/admin/library/Auth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/application/admin/library/Auth.php b/application/admin/library/Auth.php index be2b60a35..4900c013f 100644 --- a/application/admin/library/Auth.php +++ b/application/admin/library/Auth.php @@ -51,7 +51,7 @@ class Auth extends \fast\Auth $this->setError('Please try again after 1 day'); return false; } - if ($admin->password != md5(md5($password) . $admin->salt)) { + if ($admin->password != Admin::encryptPassword($password, $admin->salt)) { $admin->loginfailure++; $admin->save(); $this->setError('Password is incorrect'); -- Gitee From d0124563828bd2aa64d7e9c0d8b667faafbb6b7b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E7=A0=81=E9=BE=8D?= <695798354@qq.com> Date: Tue, 20 Sep 2022 09:03:17 +0000 Subject: [PATCH 4/4] =?UTF-8?q?=E5=A2=9E=E5=8A=A0|=E4=BF=AE=E6=94=B9=20?= =?UTF-8?q?=E5=AF=86=E7=A0=81=E5=8A=A0=E5=AF=86=E6=96=B9=E5=BC=8F=E8=B0=83?= =?UTF-8?q?=E7=94=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: 码龍 <695798354@qq.com> --- application/admin/controller/auth/Admin.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/application/admin/controller/auth/Admin.php b/application/admin/controller/auth/Admin.php index a7dc6da6b..614d5c00d 100644 --- a/application/admin/controller/auth/Admin.php +++ b/application/admin/controller/auth/Admin.php @@ -129,7 +129,7 @@ class Admin extends Backend exception(__("Please input correct password")); } $params['salt'] = Random::alnum(); - $params['password'] = md5(md5($params['password']) . $params['salt']); + $params['password'] = $this->model->encryptPassword($params['password'], $params['salt']); $params['avatar'] = '/assets/img/avatar.png'; //设置新管理员默认头像。 $result = $this->model->validate('Admin.add')->save($params); if ($result === false) { @@ -183,7 +183,7 @@ class Admin extends Backend exception(__("Please input correct password")); } $params['salt'] = Random::alnum(); - $params['password'] = md5(md5($params['password']) . $params['salt']); + $params['password'] = $this->model->encryptPassword($params['password'], $params['salt']); } else { unset($params['password'], $params['salt']); } -- Gitee