前台模型,只需要三个输入字段,做个简单的验证,也可以复杂些
<?php
namespace app\models;
use yii\base\Model;
use app\models\User;
/**
* 前台模型更简单一些
* */
class SetPswdForm extends Model
{
public $oldpswd;
public $newpswd;
public $repeat;
public function rules(){
return [
[['newpswd', 'oldpswd'], 'required'],
[['newpswd', 'oldpswd'], 'string', 'min' => 4],
['repeat','compare','compareAttribute'=>'newpswd','message'=>'两次输入的密码不一致'],
];
}
public function attributeLabels(){
return [
'oldpswd' => '原密码',
'newpswd' => '新密码',
'repeat'=>'重复密码',
];
}
}视图也就一个简单的ActiveForm
<?php
use yii\helpers\Html;
use yii\bootstrap\ActiveForm;
$this->title = '修改密码';
?>
<div class="row">
<h1><?= Html::encode($this->title) ?></h1>
<div class="col-md-6">
<?php $form = ActiveForm::begin(); ?>
<?= $form->field($model, 'oldpswd')->passwordInput(['maxlength' => true]) ?>
<?= $form->field($model, 'newpswd')->passwordInput(['maxlength' => true]) ?>
<?= $form->field($model, 'repeat')->passwordInput(['maxlength' => true]) ?>
<div class="form-group">
<?= Html::submitButton('确认修改', ['class' =>'btn btn-success']) ?>
</div>
<?php ActiveForm::end(); ?>
</div>
</div>这次把控制器写的有些复杂了,主要是用登录的模型去模拟登录,然后判断旧密码是否正确,如果正确再去修改新的密码
public function actionReset()
{
if(Yii::$app->user->isGuest) {
return $this->goHome();
}
$model= new SetPswdForm();
if( $model->load(Yii::$app->request->post()) ){
$lg = new LoginForm();
$lg->username = Yii::$app->user->identity->username;
$lg->password = $model->oldpswd;
if($lg->login()){
$user= User::findOne(yii::$app->user->identity->id);
if($model->newpswd == $model->repeat){
$user->setPassword($model->newpswd);
$user->removePasswordResetToken();
if( $user->save() ){
Yii::$app->user->logout();
return '密码修改成功,请重新登录';
}
}else{
return '新密码两次输入不相同';
}
}else{
return '原密码错误';
}
}
return $this->render('reset', ['model'=>$model]);
}后面再继续研究下,如果更安全优雅的去修改密码。