fastadmin密码找回功能

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>用户中心_{shop:config name="shop.sitename"/}</title>
<link href="/skin/style.css" rel="stylesheet" type="text/css">
<style type="text/css">.none{display: none;}td{ padding:10px 0; }strong {color: #ff0000};</style>
</head>
<body>
{include file="$toptpl"}
<div class="block block1">
  <div class="block box">
    <div class="blank"></div>
    <div id="ur_here"> 当前位置: <a href="/">首页</a> <code>&gt;</code> 用户中心 </div>
  </div>
  <div class="blank"></div>
  <div class="usBox">
    <div class="usBox_2 clearfix">
      <form action="{:url('index/user/zhpwd')}?step={$step+1}" method="post" onsubmit="return form_submit(this);">
       
        <table width="70%" border="0" align="center">
          <tr {$step==1 ?: 'class="none"'}>
            <td colspan="2" align="left"><strong>请输入您注册的用户名以取得您的密码提示问题。</strong></td>
          </tr>
          <tr {$step==1 ?: 'class="none"'}>
            <td width="29%" align="right">用户名</td>
            <td width="61%"><input name="username" type="text" size="30" class="inputBg" value="{$username}" /></td>
          </tr>


          <tr {$step==2 ?: 'class="none"'}>
            <td colspan="2" align="left"><strong>请输入密码问题答案。</strong></td>
          </tr>
          <tr {$step==2 ?: 'class="none"'}>
            <td width="29%" align="right">密码提示问题：</td>
            <td width="61%">
                <select name='passwd_question'>
                  <option value='0'>请选择密码提示问题</option>
                  {volist name="$site.passwd" id="v"}
                  <option value="{$key}"  {$passwd_question== $key ? "selected" : ''}>{$v}</option>
                  {/volist}
                </select>

            </td>
          </tr>
          <tr {$step==2 ?: 'class="none"'}>
            <td align="right" >密码问题答案</td>
            <td><input name="passwd_answer" type="text" size="25" class="inputBg" maxlengt='20' value="{$passwd_answer}" /></td>
          </tr>



          <tr {$step==3 ?: 'class="none"'}>
            <td colspan="2" align="left"><strong>请输入您的新密码。</strong></td>
          </tr>
           <tr {$step==3 ?: 'class="none"'}>
            <td align="right">密码</td>
            <td><input name="password" type="password" id="password1"  class="inputBg" style="width:179px;" /><span style="color:#FF0000" id="password_notice"> *</span></td>
          </tr>
          <tr {$step==3 ?: 'class="none"'}>
            <td align="right">确认密码</td>
            <td><input name="confirm_password" type="password" id="conform_password"  class="inputBg" style="width:179px;"/><span style="color:#FF0000" id="conform_password_notice"> *</span></td>
          </tr>

          <tr>
            <td></td>
            <td><input type="hidden" name="act" value="get_passwd_question" />
              <input type="submit" name="submit" value="提 交" class="bnt_blue" style="border:none;" />
              <input name="button" type="button" onclick="history.back()" value="返回上一页" style="border:none;" class="bnt_blue_1" /></td>
          </tr>
        </table>
        <br />
      </form>
    </div>
  </div>
</div>
<div class="blank"></div>
<div class="blank"></div>
{include file="$foottpl"}
{include file="$jstpl"}
</body>
</html>

php

/**
     * 密码找回
     */
    public function zhpwd()
    {
        $step=$this->request->param("step/d","1");
        if($step>1){
            $username=$this->request->param("username");
            $userRow = UserModel::get(["username"=>$username]);
            if(empty($userRow) || empty($userRow["passwd_question"]) || empty($userRow["passwd_answer"])){
                $this->error("您没有设置密码提示问题，无法通过这种方式找回密码，请联系客服处理");
            }
            $passwd_question=$userRow->passwd_question;
        }
        if($this->request->isAjax() && $step==2){
            $url=url("index/user/zhpwd",["step"=>2,"username"=>$username]);
            $this->success("查询成功，请输入您的答案",$url,["url"=>$url]);
        }

        if($this->request->isAjax() && $step==3){
            $passwd_question=$this->request->param("passwd_question");
            $passwd_answer=$this->request->param("passwd_answer");
            $userRow = UserModel::where(["username"=>$username,"passwd_question"=>$passwd_question,"passwd_answer"=>$passwd_answer])->find();
            if(empty($userRow)){
                $this->error("问题回答有误，请重试！");
            }else{
                $url=url("index/user/zhpwd",["step"=>3,"username"=>$username]);
                cache($username,["passwd_question"=>$passwd_question,"passwd_answer"=>$passwd_answer]);
                $this->success("验证成功，请设置您的新密码",$url,["url"=>$url]);
            }
            
        }
        if($step==3){
            $cache=cache($username);
            if(empty($cache)){
                $this->error("参数有误，请重试",url("index/user/zhpwd"));
            }
            $passwd_question= $cache["passwd_question"];
            $passwd_answer= $cache["passwd_answer"];
        }


         if($this->request->isAjax() && $step==4){
            $passwd_question=$this->request->param("passwd_question");
            $passwd_answer=$this->request->param("passwd_answer");
            $password=$this->request->param("password");
            $confirm_password=$this->request->param("confirm_password");

            if($password!==$confirm_password){
                $this->error("两次密码输入不一致，请重试");
            }


            //验证Token
            if (!Validate::make()->check(['password' => $password], ['password' => 'require|regex:\S{6,30}'])) {
                $this->error(__('Password must be 6 to 30 characters'));
            }            


            $userRow = UserModel::where(["username"=>$username,"passwd_question"=>$passwd_question,"passwd_answer"=>$passwd_answer])->find();
            if(empty($userRow)){
                $this->error("问题回答有误，请重试！");
            }else{


                $this->auth->direct($userRow->id);
                $ret = $this->auth->changepwd($password, '', true);
                $url=url("index/user/login")."?url=".url("index/user/index");
                if ($ret) {
                   $this->success("重设成功，请登录",$url,["url"=>$url]);
                } else {
                    $this->error($this->auth->getError(), null, ['token' => $this->request->token()]);
                }
            }
            
        }


        $this->view->assign('step', $step);
        $this->view->assign('passwd_question', $passwd_question ?? '');
        $this->view->assign('passwd_answer', $passwd_answer ?? '');
        $this->view->assign('username', $username ?? '');
        $this->view->assign('title', "找回密码");
        return $this->view->fetch();
    }