1

app/data/controller/api/business/User.php

@@ -262,6 +262,7 @@ class User extends Auth
      * @Method ("post")
      * @Param ("old_password",desc="原始密码")
      * @Param ("new_password",desc="新密码")
+     * @Param ("again_new_password",desc="确认新密码")
      * @return void
      */
     public function user_password(){
@@ -269,12 +270,16 @@ class User extends Auth
         $data = $this->_vali(
             [
                 'old_password.require'=>'原始密码不能为空',
-                'new_password.require'=>'新密码不能为空'
+                'new_password.require'=>'新密码不能为空',
+                'again_new_password.require'=>'新密码不能为空'
             ]
         );
         if($this->user->password!=md5($data['old_password'])){
             $this->error('原始密码不正确');
         }
+        if($data['new_password'] != $data['again_new_password']){
+            $this->error('新密码不一致');
+        }
         $token=rand('00000','99999');
         SystemUser::mk()->where('id',$admin_id)->save(['password'=>md5($data['new_password']),'token'=>$token]);
         $this->success('密码重置成功请重新登录!');