From 260f62967bd997b61fd4389252c552614a1c369d Mon Sep 17 00:00:00 2001 From: miaochenshuo Date: Sun, 5 Jun 2022 23:36:55 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E5=A4=8D=20Bug394?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/Login.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/app/Login.py b/app/Login.py index 65047f7..f1317b2 100644 --- a/app/Login.py +++ b/app/Login.py @@ -5,6 +5,10 @@ from UseSqlite import InsertQuery, RecordQuery path_prefix = '/var/www/wordfreq/wordfreq/' path_prefix = './' # comment this line in deployment +def verify_pass(newpass,oldpass): + if(newpass==oldpass): + return True + def verify_user(username, password): rq = RecordQuery(path_prefix + 'static/wordfreqapp.db') @@ -47,6 +51,8 @@ def change_password(username, old_password, new_password): if not verify_user(username, old_password): # 旧密码错误 return False # 将用户名和密码一起加密,以免暴露不同用户的相同密码 + if verify_pass(new_password,old_password): #新旧密码一致 + return False password = md5(username + new_password) rq = InsertQuery(path_prefix + 'static/wordfreqapp.db') rq.instructions_with_parameters("UPDATE user SET password=:password WHERE name=:username", dict(