|
- <?php
- /*
- Author:ZSQ
- Compeny:Spiders Travel
- */
- require_once '../Common/Mysql.php';
-
- header("Access-Control-Allow-Origin:*");
-
-
- $agoPwd=isset($_POST['agoPwd'])?$_POST['agoPwd']:'';
- $nowPwd=isset($_POST['nowPwd'])?$_POST['nowPwd']:'';
- if($agoPwd==''||$nowPwd==''){
- echo json_encode(array("errcode"=>4,"errinfo"=>"密码为空"));
- exit;
- }else{
- $md_agoPwd = md5($agoPwd);
- $md_nowPwd = md5($nowPwd);
- }
-
-
- $user_id=getUserId();
- if ($user_id ===false){
- echo json_encode(array("errcode"=>1,"errinfo"=>"用户未登录"));
- exit;
- }
-
- $md5_ago_pwd = md5($agoPwd);
- $md5_new_pwd = md5($nowPwd);
-
- $pdo=conn();
- $sql = " SELECT ID FROM base_user WHERE ID={$user_id} AND USER_PASSWORD='{$md5_ago_pwd}' ";
- writeLog("check old password:".$sql);
- $result=$pdo->query($sql);
- if( $result == false ) { echo json_encode(array("errcode"=>1,"errinfo"=>"旧密码输入有误"));exit; }
- $rowset=$result->fetchAll();
- if( $rowset == false ) { echo json_encode(array("errcode"=>1,"errinfo"=>"旧密码输入有误"));exit; }
- $result->closeCursor();
-
- $sql_update = " UPDATE base_user SET USER_PASSWORD='{$md5_new_pwd}' WHERE ID={$user_id} ";
- $pdo->exec($sql_update);
-
- echo json_encode(array("errcode"=>0,"errinfo"=>"密码修改成功"));
- exit;
|
