Pre Merge pull request !415 from 码龍/changeAdminPassword

2024-02-15 14:37:16 +00:00 · 2024-02-15 14:37:16 +00:00 · 449fcc4cf6
parent 4f466551e2 d012456382
commit 449fcc4cf6
3 changed files with 17 additions and 11 deletions
--- a/application/admin/controller/auth/Admin.php
+++ b/application/admin/controller/auth/Admin.php
@ -129,7 +129,7 @@ class Admin extends Backend
                        exception(__("Please input correct password"));
                    }
                    $params['salt'] = Random::alnum();
-                    $params['password'] = md5(md5($params['password']) . $params['salt']);
+                    $params['password'] = $this->model->encryptPassword($params['password'], $params['salt']);
                    $params['avatar'] = '/assets/img/avatar.png'; //设置新管理员默认头像。
                    $result = $this->model->validate('Admin.add')->save($params);
                    if ($result === false) {
@ -183,7 +183,7 @@ class Admin extends Backend
                            exception(__("Please input correct password"));
                        }
                        $params['salt'] = Random::alnum();
-                        $params['password'] = md5(md5($params['password']) . $params['salt']);
+                        $params['password'] = $this->model->encryptPassword($params['password'], $params['salt']);
                    } else {
                        unset($params['password'], $params['salt']);
                    }
--- a/application/admin/library/Auth.php
+++ b/application/admin/library/Auth.php
@ -51,7 +51,7 @@ class Auth extends \fast\Auth
            $this->setError('Please try again after 1 day');
            return false;
        }
-        if ($admin->password != md5(md5($password) . $admin->salt)) {
+        if ($admin->password != Admin::encryptPassword($password, $admin->salt)) {
            $admin->loginfailure++;
            $admin->save();
            $this->setError('Password is incorrect');
--- a/application/admin/model/Admin.php
+++ b/application/admin/model/Admin.php
@ -4,6 +4,7 @@ namespace app\admin\model;

 use think\Model;
 use think\Session;
+use fast\Random;

 class Admin extends Model
 {
@ -15,20 +16,25 @@ class Admin extends Model
    protected $updateTime = 'updatetime';

    /**
-     * 重置用户密码
-     * @author baiyouwen
+     * 修改用户密码
+     *
+     * @param int $uid
+     * @param string $NewPassword
+     * @return boolean
     */
-    public function resetPassword($uid, $NewPassword)
+    public static function changePassword($uid, $NewPassword)
    {
-        $passwd = $this->encryptPassword($NewPassword);
-        $ret = $this->where(['id' => $uid])->update(['password' => $passwd]);
-        return $ret;
+        $salt = Random::alnum(6);
+        return self::where('id', $uid)->update([
+            'salt' => $salt, 
+            'password' => self::encryptPassword($NewPassword, $salt)
+        ]);
    }

    // 密码加密
-    protected function encryptPassword($password, $salt = '', $encrypt = 'md5')
+    public static function encryptPassword($password, $salt = '', $encrypt = 'md5')
    {
-        return $encrypt($password . $salt);
+        return $encrypt($encrypt($password) . $salt);
    }

 }