пре 3 година · fbd0349927
--- a/backendApi/modules/v1/models/Admin.php
+++ b/backendApi/modules/v1/models/Admin.php
@@ -106,7 +106,8 @@ class Admin extends ActiveRecord
 
				      * @param string $password password to validate
			
 
				      * @return bool if password provided is valid for current user
			
 
				      */
			
 
				-    public function verificationPassword($password,$scenario,$model) {
			
 
				+    public function verificationPassword($password,$scenario,$model)
			
 
				+    {
			
 
				         // 判断密码长度不能少于8位
			
 
				         if (strlen($password) < 8){
			
 
				             return [ 'code' => 1000, 'type' => $scenario , 'message' => '登录密码不能小于8位' ];
			
@@ -128,7 +129,7 @@ class Admin extends ActiveRecord
 
				 
			
 
				         // 判断密码中不能出现登录账号
			
 
				         if (strpos($password, $model->ADMIN_NAME) !== false){
			
 
				-            return [ 'code' => 1000, 'type' => $scenario , 'message' => '登录密码中不允许出现登录账号' ];
			
 
				+            return [ 'code' => 1000, 'type' => $scenario , 'message' => '登录密码中不允许出现管理员的登录账号信息' ];
			
 
				         }
			
 
				 
			
 
				         return [ 'code' => 200, 'type' => $scenario , 'message' => '验证通过了' ];
			
--- a/common/models/User.php
+++ b/common/models/User.php
@@ -311,6 +311,56 @@ class User extends \common\components\ActiveRecord
 
				         return password_verify($password, $this->PASSWORD_HASH);
			
 
				     }
			
 
				 
			
 
				+    /**
			
 
				+     * verificationPassword
			
 
				+     *
			
 
				+     * @param string $password password to validate
			
 
				+     * @return bool if password provided is valid for current user
			
 
				+     */
			
 
				+    public function verificationPassword($password,$scenario,$model)
			
 
				+    {
			
 
				+        // 判断密码长度不能少于8位
			
 
				+        if (strlen($password) < 8){
			
 
				+            return [ 'code' => 1000, 'type' => $scenario , 'message' => '登录密码不能小于8位' ];
			
 
				+        }
			
 
				+
			
 
				+        // 判断密码中数字、大写字母、小写字母、特殊字符至少三种
			
 
				+        $symbol = '`~!@#$^&*()=|{}\'\":;\',\\[\\].<>\/?~！@#￥……&*（）——|{}【】‘；：”。，、？';
			
 
				+        // $requiredRules = '/^(?![\d]+$)(?![a-z]+$)(?![A-Z]+$)(?!['.$symbol.']+$)[\da-zA-z'.$symbol.']{8,}$/';   // 这是两种的正则
			
 
				+        $requiredRules = '/^(?![\da-z]+$)(?![\dA-Z]+$)(?![\d'.$symbol.']+$)(?![a-zA-Z]+$)(?![a-z'.$symbol.']+$)(?![A-Z'.$symbol.']+$)[\da-zA-z'.$symbol.']{8,}$/';
			
 
				+        $requiredHandleResults = preg_match($requiredRules,$password);
			
 
				+        if (!$requiredHandleResults){
			
 
				+            return [ 'code' => 1000, 'type' => $scenario , 'message' => '登录密码中需要包含数字、大写字母、小写字母、特殊字符至少三种' ];
			
 
				+        }
			
 
				+
			
 
				+        // 判断有三位或以上重复性
			
 
				+        if(preg_match('/(\w)*(\w)\2{2}(\w)*/',$password)) {
			
 
				+            return [ 'code' => 1000, 'type' => $scenario , 'message' => '登录密码中数字、大写字母、小写字母不能连续重复三个或以上' ];
			
 
				+        }
			
 
				+
			
 
				+        // 判断密码中不能出现登录账号
			
 
				+        if (strpos($password, $model->USER_NAME) !== false){
			
 
				+            return [ 'code' => 1000, 'type' => $scenario , 'message' => '登录密码中不允许出现会员登录账号的信息' ];
			
 
				+        }
			
 
				+
			
 
				+        // 判断密码中不能出现会员的手机号
			
 
				+        if ($model->MOBILE){
			
 
				+            if (strpos($password, $model->MOBILE) !== false){
			
 
				+                return [ 'code' => 1000, 'type' => $scenario , 'message' => '登录密码中不允许出现会员的联系方式' ];
			
 
				+            }
			
 
				+        }
			
 
				+
			
 
				+        // 判断密码中不能出现会员的生日
			
 
				+        if ($model->ID_CARD && strlen($model->ID_CARD) == 18){
			
 
				+            $idCard = substr($model->ID_CARD,6,8);
			
 
				+            if (strpos($password, $idCard) !== false){
			
 
				+                return [ 'code' => 1000, 'type' => $scenario , 'message' => '登录密码中不允许出现会员的生日' ];
			
 
				+            }
			
 
				+        }
			
 
				+
			
 
				+        return [ 'code' => 200, 'type' => $scenario , 'message' => '验证通过了' ];
			
 
				+    }
			
 
				+
			
 
				     /**
			
 
				      * 验证支付密码
			
 
				      * @param $payPassword
			
--- a/common/models/forms/UserForm.php
+++ b/common/models/forms/UserForm.php
@@ -575,6 +575,14 @@ class UserForm extends Model
 
				             $this->addError('modifyPassword', '原登录密码错误');
			
 
				             return false;
			
 
				         }
			
 
				+
			
 
				+        // 进行规则的判断
			
 
				+        $message = $model->verificationPassword($this->password,$this->scenario,$model);
			
 
				+        if ( $message['code'] != 200 ){
			
 
				+            $this->addError($message['type'], $message['message']);
			
 
				+            return null;
			
 
				+        }
			
 
				+
			
 
				         $model->PASSWORD_HASH = \Yii::$app->security->generatePasswordHash($this->password);
			
 
				         if(!$model->save()){
			
 
				             $this->addErrors($model->getErrors());
			
@@ -620,6 +628,14 @@ class UserForm extends Model
 
				             $this->addError('noLoginModifyPassword', '原登录密码错误');
			
 
				             return false;
			
 
				         }
			
 
				+
			
 
				+        // 进行规则的判断
			
 
				+        $message = $model->verificationPassword($this->password,$this->scenario,$model);
			
 
				+        if ( $message['code'] != 200 ){
			
 
				+            $this->addError($message['type'], $message['message']);
			
 
				+            return null;
			
 
				+        }
			
 
				+
			
 
				         $model->PASSWORD_HASH = \Yii::$app->security->generatePasswordHash($this->password);
			
 
				         $model->IS_MODIFY_PASSWORD = 0;
			
 
				         if(!$model->save()){