我创建了一个脚本来更改用户的密码,但是在检查时它会继续。
class mudar_senha{
protected $page_return = 'mudar_senha';
private function encriptaSenha($senha) {
return base64_encode(pack("H*", sha1(utf8_encode($senha))));
}
private function query_senha(){
global $_LANG;
$user_id = $_POST['id_user'];
$q=new Query;
$q
->select()
->from('`usuarios`')
->where_equal_to(
array(
'id'=>$user_id
)
)
->limit(1)
->run();
if($q){
$user=$q->get_selected();
return $user['senha'];
}
else{
return
alerta($_LANG[165]);
retornar(NULL,$this->page_return);
die;
}
}
private function verify_senha($senha){
global $_LANG;
if($this->encriptaSenha($senha) == $this->query_senha()){
return true;
}else{
return
alerta($_LANG[203]);
retornar(NULL,$this->page_return);
die;
}
}
private function verify_senhas(){
global $_LANG;
if($_POST['cpass1'] == $_POST['pass1']){
return true;
}else{
return
alerta($_LANG[171]);
retornar(NULL,$this->page_return);
die;
}
}
private function verify_length($senha){
global $_LANG;
switch($senha){
case(strlen($senha) < 6) :
return $_LANG[206];
die;
case(strlen($senha) > 11):
return
alerta($_LANG[205]);
retornar(NULL,$this->page_return);
die;
default:
return true;
}
}
private function verify_caracteres($senha){
global $_LANG;
if(preg_match('/[\'\/~`\!@#\$%\^&\*\(\)_\-\+=\{\}\[\]\|;:"\<\>,\.\?\\\]/', $senha)){
return
alerta($_LANG[204]);
retornar(NULL,$this->page_return);
exit;
}else{
return true;
}
}
final public function _build(){
global $_LANG;
if($this->verify_senha($_POST['req1']) == true);
if($this->verify_senhas() == true);
if($this->verify_length($_POST['pass1']) == true);
if($this->verify_caracteres($_POST['pass1'])== true);
$q=new Query;
$q
->update('usuarios')
->set(
array(
'senha' => $this->encriptaSenha($_POST['pass1']),
'pass_decode' => $_POST['pass1'],
)
)
->where_equal_to(
array(
'id'=>$_POST['id_user']
)
)
->limit(1)
->run();
if($q){
alerta($_LANG[207]);
retornar(NULL,$this->page_return);
}else{
alerta($_LANG[165]);
retornar(NULL,$this->page_return);
exit;
}
}
}
$q = new mudar_senha;
$q->_build();
只有三个检查 - 密码正确?- 正确的密码?- 密码长度 - 特殊字符
如果它拒绝检查,则脚本返回 true,并且它会执行 _build 函数检查更改是否正常继续。