<?php
namespace web\admin\rigger;

class chgpass {
    public static function json_update() {
        global $db;
        $rsuser = verifyfast();
        $post = new \ciy\post();
        if($rsuser['id'] == 10)
            return errjson('演示账号不能操作');
        $oldpass = $post->get('oldpass');
        if (empty($oldpass))
            return errjson('请输入原密码.');
        $newpass = $post->get('newpass');
        if (empty($newpass))
            return errjson('请输入新密码.');
        $csql = new \ciy\sql('zc_admin');
        $csql->where('id', $rsuser['id']);
        $userrow = $db->getone($csql);
        if (!is_array($userrow))
            return errjson('用户不存在');
        if ($userrow['password'] != $oldpass)
            return errjson('原密码错误.');
        try {
            $db->begin();
            $updata = array();
            $updata['password'] = $newpass;
            $csql = new \ciy\sql('zc_admin');
            $csql->where('id', $rsuser['id']);
            if ($db->update($csql, $updata) === false)
                throw new \Exception('更新失败:' . $db->error);
            savelog($db, $rsuser['id'], 'PASSWORD', '已修改密码');
            $db->commit();
        } catch (\Exception $ex) {
            $db->rollback();
            savelogfile('err_db', $ex->getMessage());
            return errjson($ex->getMessage());
        }
        return succjson();
    }
}