恢复用户信息编辑功能

2014-07-15 08:04:23 +00:00 · 2014-07-15 08:04:23 +00:00 · 64222944d0
parent b5b672588c
commit 64222944d0
2 changed files with 551 additions and 357 deletions
--- a/application/default/controllers/AccountController.php
+++ b/application/default/controllers/AccountController.php
@ -1,275 +1,469 @@
-<?php
-use Helpers\View as view;
-use Users\Account;
-use Users\Gravatar;
-
-class AccountController extends Zend_Controller_Action 
-{
-	private $memberTable = "tbl_member";
-	private $FieldUsername = "username";
-	private $FieldPasword = "password";
-	private $FieldLastlogin = "ts_last_login";
-	private $FieldEmail = "email";
-	private $FieldLastloginIp = "last_login_ip";
-	
-	function preDispatch()
-    {
-    	$this->view->config = Zend_Registry::get('config');
-		$this->_request->setParam('return', $this->_request->getServer('REQUEST_URI'));
-		$this->db=Zend_Registry::get('db');
-		$this->view->Theme = new Theme();
-    } 
-	
-    function indexAction()
-    {
-		$submit = $this->_getParam('submit');
-		
-		$account = new Account();
-		
-		if(!empty($submit))
-		{
-			$data = $account->getEditParam($this->_request);
-			$Listener = new EditListener();
-			@$account->events()->attachAggregate($Listener);
-			$this->view->section = $type = $this->_getParam('type');
-			$status = $account->edit($data,$type);
-			if($status !== true)
-			{
-				$this->view->error = view::Error($status);
-			}else{
-				$this->view->error = view::Error("修改成功","alert-success");
-			}
-		}
-		
-		$user = $account->getAccountInfo();
-		$av = new Gravatar();
-		$this->view->avatar = $av->Get($user['email'],100);
-		$this->view->user = $user;
-    }
-	
-	function loginAction()
-    {
-		$request = new \Zend_Controller_Request_Http();
-		if($request->isXmlHttpRequest())
-		{
-			$this->_helper->layout->disableLayout();
-			$this->_helper->viewRenderer->setNoRender();
-			
-			$data = $this->_getParam('data');
-			if(empty($data))
-			{
-				$this->jsonexit(array('error'=>'服务器掉链子了，请重试'));
-			}
-			
-			$data = \Helpers\MCrypt::decrypt($data,"DY7567");
-			$data = json_decode($data,true);
-			
-			$account = new Account();
-			$result = $account->login($data,true);
-			
-			if(!empty($result))
-			{
-				$content = json_encode($result,JSON_NUMERIC_CHECK);
-				echo \Helpers\MCrypt::encrypt($content,"CH6668");
-				return true;
-			}
-			
-			$this->jsonexit(array('error'=>'服务器掉链子了，请重试'));
-			
-			return true;
-		}
-				
-        $success=false;
-		
-		$options = array(
-			'module' 	 => $this->_request->getModuleName(),
-			'controller' => $this->_request->getControllerName(),
-			'action' 	 => $this->_request->getActionName(),
-		);
-			
-        $auth = Zend_Auth::getInstance();
-        if ($auth->hasIdentity())
-		{
-			if($options['module']=="default" && $options['controller'] == "account" && $options['action'] == "login")
-			{
-				$this->_redirect("/");
-			}else{
-				$this->_redirect($_SERVER['REQUEST_URI']);
-			}
-		}
-		
-		$tohref = $this->_request->getParam('href');
-		
-		if($_SERVER['REQUEST_URI'] !== "/account/login")
-		{
-			$this->view->href = $_SERVER['REQUEST_URI'];
-		}else{
-			$this->view->href = "/";
-		}
-		
-		if(!empty($tohref))
-		{
-			$this->view->href = $tohref;
-		}
-		
-		$submit = $this->_getParam("submit");
-		
-		if(!empty($submit))
-		{
-			$data = array(
-				'username' => $this->_getParam('username'),
-				'password' => $this->_getParam('password')
-			);
-			
-			$account = new Account();
-			$result = $account->login($data);
-			
-			if(!empty($result))
-			{
-				if(isset($result['error']))
-				{
-					$this->view->error = $result['error'];
-					return true;
-				}
-				if(isset($result['success']))
-				{
-					$this->_redirect($this->view->href);
-					return true;
-				}
-			}else{
-				$this->view->error = "处理中出现问题";
-				return true;
-			}
-		}
-    }//登陆
-	
-	public function jsonexit($data){
-		$this->getResponse()->setHeader('Content-Type', 'application/json')->appendBody(Zend_Json::encode($data));
-		return true;  
-	}
-    
-    function registerAction()
-    {
-		$request = new \Zend_Controller_Request_Http();
-		if($request->isXmlHttpRequest())
-		{
-			$this->_helper->layout->disableLayout();
-			$this->_helper->viewRenderer->setNoRender();
-			
-			$account = new Account();
-			$data = $account->getParam($this->_request);
-			
-			$result = $account->register($data);
-			
-			if(!empty($result))
-			{
-				$this->jsonexit($result);
-				return true;
-			}
-			
-			$this->jsonexit(array('error'=>'|o| 服务器掉链子了，请重试'));
-			
-			return true;
-		}else{
-			//$this->_helper->layout->disableLayout();
-		}
-		
-
-        $success=false;
-
-        $auth = Zend_Auth::getInstance();
-        if ($auth->hasIdentity())
-		$this->_redirect('/');
-		
-		$submit = $this->_getParam('submit');
-		if(!empty($submit))
-		{
-			$account = new Account();
-			$this->view->data = $data = $account->getParam($this->_request);
-			$result = $account->register($data);
-			
-			if(!empty($result))
-			{
-				if(isset($result['error']))
-				{
-					$this->view->place = $result['place'];
-					$this->view->error = $result['error'];
-					return true;
-				}
-				if(isset($result['success']))
-				{
-					$this->_redirect('/');
-					return true;
-				}
-			}else{
-				$this->view->error = "处理中出现问题";
-				return true;
-			}
-		}
-	}//用户注册
-    
-	//退出登录
-    function logoutAction()
-    {
-		$this->_helper->layout->disableLayout();
-		$this->_helper->viewRenderer->setNoRender();
-		
-		$auth = Zend_Auth::getInstance();
-		
-        if ($auth->hasIdentity())
-    	{
-			$auth->clearIdentity();
-			Users\Member::flushcookie();
-			$this->_redirect('/');
-		}
-    }
-	
-	//找回密码
-	function forgotpasswordAction()
-	{
-		$this->_helper->layout->disableLayout();
-		
-		$submit = $this->_getParam('submit');
-		
-		if(!empty($submit))
-		{
-			$email = $this->_getParam('email');
-			$account = new Account();
-			$status = $account->getMyPassword($email);
-			if(isset($status['error']) && !empty($status['error']))
-			{
-				$this->view->error = $status['error'];
-			}else{
-				$this->view->msg = "申请成功！请在您的邮箱中查看密码重置邮件";
-			}
-		}
-	}
-	
-	//重置密码
-	function getpasswordAction()
-	{
-		$this->_helper->layout->disableLayout();
-		
-		$submit = $this->_getParam('submit');
-		
-		if(!empty($submit))
-		{
-			$data = array(
-				'username' => $this->_getParam('username'),
-				'password' => $this->_getParam('password'),
-				'confirm_password' => $this->_getParam('confirm_password'),
-				'salt' => $this->_getParam('salt')
-			);			
-			$account = new Account();
-			$status = $account->resetPassword($data);
-			if(isset($status['error']) && !empty($status['error']))
-			{
-				$this->view->error = $status['error'];
-			}else{
-				$this->view->msg = "您的密码已经成功更改,<a href='/account/login'>请点击这里登陆</a>";
-			}
-		}
-	}//getpasswordAction()
-
-}
-
+<?php
+use Helpers\View as view;
+use Users\Account;
+use Users\Gravatar;
+
+class AccountController extends Zend_Controller_Action 
+{
+	private $memberTable = "tbl_member";
+	private $FieldUsername = "username";
+	private $FieldPasword = "password";
+	private $FieldLastlogin = "ts_last_login";
+	private $FieldEmail = "email";
+	private $FieldLastloginIp = "last_login_ip";
+	
+	function preDispatch()
+    {
+    	$this->view->config = Zend_Registry::get('config');
+		$this->_request->setParam('return', $this->_request->getServer('REQUEST_URI'));
+		$this->db=Zend_Registry::get('db');
+		$this->view->Theme = new Theme();
+    } 
+	
+    function indexAction()
+    {
+		$this->view->pageID = "account-index";
+		
+		include_once("Users.php");
+		$usr = new Users($this->db);
+		
+    	$auth = Zend_Auth::getInstance();
+		if($auth->hasIdentity())
+		{
+			$user = $auth->getIdentity();
+			$uid = $user->id;
+		}
+		
+		include_once("Avatar.php");
+		$avatar = new Avatar();
+		$this->view->avatar = $avatar->Get($user->email,140);
+		
+		$this->view->info = $usr->getUserInfo($uid);
+    }
+	
+	function loginAction()
+    {
+		$request = new \Zend_Controller_Request_Http();
+		if($request->isXmlHttpRequest())
+		{
+			$this->_helper->layout->disableLayout();
+			$this->_helper->viewRenderer->setNoRender();
+			
+			$data = $this->_getParam('data');
+			if(empty($data))
+			{
+				$this->jsonexit(array('error'=>'服务器掉链子了，请重试'));
+			}
+			
+			$data = \Helpers\MCrypt::decrypt($data,"DY7567");
+			$data = json_decode($data,true);
+			
+			$account = new Account();
+			$result = $account->login($data,true);
+			
+			if(!empty($result))
+			{
+				$content = json_encode($result,JSON_NUMERIC_CHECK);
+				echo \Helpers\MCrypt::encrypt($content,"CH6668");
+				return true;
+			}
+			
+			$this->jsonexit(array('error'=>'服务器掉链子了，请重试'));
+			
+			return true;
+		}
+				
+        $success=false;
+		
+		$options = array(
+			'module' 	 => $this->_request->getModuleName(),
+			'controller' => $this->_request->getControllerName(),
+			'action' 	 => $this->_request->getActionName(),
+		);
+			
+        $auth = Zend_Auth::getInstance();
+        if ($auth->hasIdentity())
+		{
+			if($options['module']=="default" && $options['controller'] == "account" && $options['action'] == "login")
+			{
+				$this->_redirect("/");
+			}else{
+				$this->_redirect($_SERVER['REQUEST_URI']);
+			}
+		}
+		
+		$tohref = $this->_request->getParam('href');
+		
+		if($_SERVER['REQUEST_URI'] !== "/account/login")
+		{
+			$this->view->href = $_SERVER['REQUEST_URI'];
+		}else{
+			$this->view->href = "/";
+		}
+		
+		if(!empty($tohref))
+		{
+			$this->view->href = $tohref;
+		}
+		
+		$submit = $this->_getParam("submit");
+		
+		if(!empty($submit))
+		{
+			$data = array(
+				'username' => $this->_getParam('username'),
+				'password' => $this->_getParam('password')
+			);
+			
+			$account = new Account();
+			$result = $account->login($data);
+			
+			if(!empty($result))
+			{
+				if(isset($result['error']))
+				{
+					$this->view->error = $result['error'];
+					return true;
+				}
+				if(isset($result['success']))
+				{
+					$this->_redirect($this->view->href);
+					return true;
+				}
+			}else{
+				$this->view->error = "处理中出现问题";
+				return true;
+			}
+		}
+    }//登陆
+	
+	public function jsonexit($data){
+		$this->getResponse()->setHeader('Content-Type', 'application/json')->appendBody(Zend_Json::encode($data));
+		return true;  
+	}
+    
+    function registerAction()
+    {
+		$request = new \Zend_Controller_Request_Http();
+		if($request->isXmlHttpRequest())
+		{
+			$this->_helper->layout->disableLayout();
+			$this->_helper->viewRenderer->setNoRender();
+			
+			$account = new Account();
+			$data = $account->getParam($this->_request);
+			
+			$result = $account->register($data);
+			
+			if(!empty($result))
+			{
+				$this->jsonexit($result);
+				return true;
+			}
+			
+			$this->jsonexit(array('error'=>'|o| 服务器掉链子了，请重试'));
+			
+			return true;
+		}else{
+			//$this->_helper->layout->disableLayout();
+		}
+		
+
+        $success=false;
+
+        $auth = Zend_Auth::getInstance();
+        if ($auth->hasIdentity())
+		$this->_redirect('/');
+		
+		$submit = $this->_getParam('submit');
+		if(!empty($submit))
+		{
+			$account = new Account();
+			$this->view->data = $data = $account->getParam($this->_request);
+			$result = $account->register($data);
+			
+			if(!empty($result))
+			{
+				if(isset($result['error']))
+				{
+					$this->view->place = $result['place'];
+					$this->view->error = $result['error'];
+					return true;
+				}
+				if(isset($result['success']))
+				{
+					$this->_redirect('/');
+					return true;
+				}
+			}else{
+				$this->view->error = "处理中出现问题";
+				return true;
+			}
+		}
+	}//用户注册
+    
+	//退出登录
+    function logoutAction()
+    {
+		$this->_helper->layout->disableLayout();
+		$this->_helper->viewRenderer->setNoRender();
+		
+		$auth = Zend_Auth::getInstance();
+		
+        if ($auth->hasIdentity())
+    	{
+			$auth->clearIdentity();
+			Users\Member::flushcookie();
+			$this->_redirect('/');
+		}
+    }
+	
+	//找回密码
+	function forgotpasswordAction()
+	{
+		$this->_helper->layout->disableLayout();
+		
+		$submit = $this->_getParam('submit');
+		
+		if(!empty($submit))
+		{
+			$email = $this->_getParam('email');
+			$account = new Account();
+			$status = $account->getMyPassword($email);
+			if(isset($status['error']) && !empty($status['error']))
+			{
+				$this->view->error = $status['error'];
+			}else{
+				$this->view->msg = "申请成功！请在您的邮箱中查看密码重置邮件";
+			}
+		}
+	}
+	
+	//重置密码
+	function getpasswordAction()
+	{
+		$this->_helper->layout->disableLayout();
+		
+		$submit = $this->_getParam('submit');
+		
+		if(!empty($submit))
+		{
+			$data = array(
+				'username' => $this->_getParam('username'),
+				'password' => $this->_getParam('password'),
+				'confirm_password' => $this->_getParam('confirm_password'),
+				'salt' => $this->_getParam('salt')
+			);			
+			$account = new Account();
+			$status = $account->resetPassword($data);
+			if(isset($status['error']) && !empty($status['error']))
+			{
+				$this->view->error = $status['error'];
+			}else{
+				$this->view->msg = "您的密码已经成功更改,<a href='/account/login'>请点击这里登陆</a>";
+			}
+		}
+	}//getpasswordAction()
+	
+	function editAction()
+    {
+		$this->view->pageID = "account-edit";
+		
+		include_once("Users.php");
+		$usr = new Users($this->db);
+		
+		$auth = Zend_Auth::getInstance();
+		if($auth->hasIdentity())
+		{
+			$user = $auth->getIdentity();
+			$uid = $user->id;
+		}
+		
+		include_once("Avatar.php");
+		$avatar = new Avatar();
+		$this->view->avatar = $avatar->Get($user->email,140);
+		
+		$this->view->projectType = array(
+			"无" => '',
+			"国家973计划项目课题" => "国家973计划项目课题",
+			"国家863计划课题"=>"国家863计划课题",
+			"国家级科技支撑课题" => "国家级科技支撑课题",
+			"国家级科技重大专项" => "国家级科技重大专项",
+			"国家级国家重大工程" => "国家级国家重大工程",
+			"国家级国家自然科学基金" => "国家级国家自然科学基金",
+			"国际合作项目"=>"国际合作项目",
+			"省部级项目" => "省部级项目",
+			"其他项目工程" => "其他项目工程",
+		);
+		
+		$submit = $this->_getParam('submit');
+		
+		if(!empty($submit))
+		{
+			$data = $this->AccountEditParamFilter();
+			
+			if($this->db->update("users",$data,"id=$uid"))
+			{
+				$this->view->AlertType = "alert-success";
+				$this->view->msg = "修改成功！";
+				$this->view->jump_url = "/account/edit";
+				return true;
+			}else{
+				$this->view->AlertType = "alert-error";
+				$this->view->error = "修改失败，请重试";
+				$this->view->info = $data;
+				return true;
+			}
+		}else{
+			$this->view->info = $usr->getUserInfo($uid);
+		}
+    }
+	
+	function AccountEditParamFilter(){
+		$data = array();
+		$data['realname'] = substr(trim($this->_getParam('realname')),0,40);
+		$data['unit'] = substr(trim($this->_getParam('unit')),0,100);
+		$data['address'] = substr(trim($this->_getParam('address')),0,100);
+		$data['phone'] = substr(trim($this->_getParam('phone')),0,15);
+		$data['postcode'] = substr(trim($this->_getParam('postcode')),0,15);
+		$data['project_type'] = substr(trim($this->_getParam('project_type')),0,100);
+		$data['project_id'] = substr(trim($this->_getParam('project_id')),0,40);
+		$data['project_title'] = substr(trim($this->_getParam('project_title')),0,100);
+		$data['project'] = substr(trim($this->_getParam('project')),0,600);
+		
+		foreach($data as $k=>$v)
+		{
+			$data[$k] = $this->StringFilter($v);
+		}
+		
+		return $data;
+	}
+	
+	function StringFilter($string){
+		$string = preg_replace ('/<[^>]*>/', ' ', $string);
+		return $string;
+	}
+	
+	function secureAction()
+	{
+		$this->view->pageID = "account-secure";
+		
+		include_once("Users.php");
+		$usr = new Users($this->db);
+		
+		$auth = Zend_Auth::getInstance();
+		if($auth->hasIdentity())
+		{
+			$user = $auth->getIdentity();
+			$uid = $user->id;
+		}
+		
+		$opt = $this->_getParam('opt');
+		$submit = $this->_getParam('submit');
+		
+		if(empty($opt))
+		{
+			$this->view->section = "password";
+			if(!empty($submit))
+			{
+				$data = $this->AccountSecureParamFilter();
+				
+				$this->view->AlertType = "alert-error";
+				if(strlen($data['password'])>18 || strlen($data['new_password'])>18)
+				{
+					$this->view->error = view::Error("密码过长");
+					return true;
+				}
+				if(strlen($data['new_password'])<=6 || strlen($data['new_password_confrim'])<=6)
+				{
+					$this->view->error = view::Error("密码过短，请输入大于6位的密码");
+					return true;
+				}
+				if(md5($data['new_password']) != md5($data['new_password_confrim']))
+				{
+					$this->view->error = view::Error("两次输入的密码不相同");
+					return true;
+				}
+				
+				$sql = "SELECT password FROM users WHERE id=$uid";
+				$rs = $this->db->query($sql);
+				$row = $rs->fetch();
+				
+				if(md5($data['password']) != $row['password'])
+				{
+					$this->view->error = view::Error("原密码不正确");
+					return true;
+				}
+	
+				$data['password'] = md5($data['new_password']);
+				
+				unset($data['new_password']);
+				unset($data['new_password_confrim']);
+				
+				if($this->db->update("users",$data,"id=$uid"))
+				{
+					view::Post($this,array("content"=>'修改成功！','url'=>'/account/secure'));
+					return true;
+				}else{
+					$this->view->error = view::Error("修改失败");
+					return true;
+				}
+			}else{
+				$this->view->info = $usr->getUserInfo($uid);
+			}
+		}//password
+		
+		if($opt == "email")
+		{
+			$this->view->section = "email";
+			if(!empty($submit))
+			{
+				$email = $this->_getParam('email');
+				$password = $this->_getParam('password');
+				
+				if(!preg_match("/\w+([-+.]\w+)*@\w+([-.]\w+)*\.\w+([-.]\w+)*/i",$email))
+				{
+					$this->view->error = view::Error("错误的邮箱格式");
+					return true;
+				}
+				
+				$sql = "SELECT password FROM users WHERE id=$uid";
+				$rs = $this->db->query($sql);
+				$row = $rs->fetch();
+				
+				if(md5($password) != $row['password'])
+				{
+					$this->view->error = view::Error("原密码错误");
+					return true;
+				}
+				
+				$data['email'] = $email;
+				
+				if($this->db->update("users",$data,"id=$uid"))
+				{
+					view::Post($this,array("content"=>'修改成功！','url'=>'/account/secure'));
+					return true;
+				}else{
+					$this->view->error = view::Error("修改失败");
+					return true;
+				}
+			}else{
+				$this->view->info = $usr->getUserInfo($uid);
+			}
+		}//email
+	}
+	
+	function AccountSecureParamFilter(){
+		$data = array();
+		$data['password'] = trim($this->_getParam('password'));
+		$data['new_password'] = trim($this->_getParam('new_password'));
+		$data['new_password_confrim'] = trim($this->_getParam('new_password_confrim'));
+		foreach($data as $k=>$v)
+		{
+			$data[$k] = $this->StringFilter($v);
+		}
+		return $data;
+	}
+
+}
+
--- a/application/default/views/scripts/account/secure.phtml
+++ b/application/default/views/scripts/account/secure.phtml
@ -1,82 +1,82 @@
-<?php
-	$this->headTitle($this->config->title->site);
-	$this->headTitle('我的账户');
-	$this->headTitle()->setSeparator(' - ');
-	$this->theme->AppendPlus($this,'colorbox');
-?>
-  <div class="row">
-    <div class="span3">
-      <div class="well sidebar-nav">
-        <?= $this->partial('account/left.phtml'); ?>
-      </div><!--/.well -->
-    </div><!--/span-->
-    <div class="span9">
-    	<h3>修改安全性设置</h3>
-        <hr />
-        <div class="tabbable">
-        <ul class="nav nav-tabs">
-            <li <?php if($this->section == "email" || empty($this->section)) echo 'class="active"'?>><a href="#tab2" data-toggle="tab">电子邮箱</a></li>
-            <li <?php if($this->section == "password") echo 'class="active"'?>><a href="#tab3" data-toggle="tab">修改密码</a></li>
-        </ul>
-		<?php if(!empty($this->error)) { ?>
-        <?= $this->error ?>
-        <?php } ?>
-        <div class="tab-content">
-        <div class="tab-pane  <?php if($this->section == "email" || empty($this->section)) echo 'active'?>" id="tab2">
-            <div id="email">
-                <form id="opt_email" action="/account/secure/opt/email" method="post" class="form-horizontal">
-                    <div class="control-group">
-                    	<label class="control-label">Email:</label>
-                        <div class="controls">
-                    		<input type="text" value="" name="email" />
-                    	</div>
-                    </div>
-                    <div class="control-group">
-                    	<label class="control-label">密码:</label>
-                        <div class="controls">
-                    		<input type="password" name="password" />
-                            <span class="help-inline">如果要修改邮箱，请输入原密码</span>
-                        </div>
-                    </div>
-                    <div class="form-actions">
-                    	<input type="hidden" name="submit" value="submit" />
-                    	<button type="submit" class="btn btn-green" class="btn btn-primary">保存</button>
-                    	<button type="reset" id="reset" class="btn">取消</button>
-                    </div>
-                </form>
-            </div>
-        </div><!-- tab2 -->
-        <div class="tab-pane  <?php if($this->section == "password") echo 'active'?>" id="tab3">
-            <div id="password">
-                <form action="/account/secure" method="post" class="form-horizontal">
-                    <div class="control-group ">
-                        <label class="control-label">当前密码</label>
-                        <div class="controls">
-                        <input name="password" type="password" value="" />
-                        <span class="help-inline">如果要修改密码，请输入原密码</span>
-                        </div>
-                    </div>
-                    <div class="control-group ">
-                        <label class="control-label">新密码</label>
-                        <div class="controls">
-                        <input type="password" name="new_password" value="" />
-                        </div>
-                    </div>
-                    <div class="control-group ">
-                        <label class="control-label">确认新密码</label>
-                        <div class="controls">
-                        <input type="password" name="new_password_confrim" value="" />
-                        </div>
-                    </div>
-                    <div class="form-actions">
-                        <input type="hidden" name="submit" value="submit" />
-                        <button type="submit" class="btn btn-primary">确定</button>
-                        <button type="button" class="btn">取消</button>
-                    </div>
-                </form>
-            </div>
-        </div>
-    </div><!--/span-->
-    </div>
-    </div>
-</div><!--/row-->
+<?php
+	$this->headTitle($this->config->title->site);
+	$this->headTitle('我的账户');
+	$this->headTitle()->setSeparator(' - ');
+	//$this->theme->AppendPlus($this,'colorbox');
+?>
+  <div class="row">
+    <div class="span3">
+      <div class="well sidebar-nav">
+        <?= $this->partial('account/left.phtml'); ?>
+      </div><!--/.well -->
+    </div><!--/span-->
+    <div class="span9">
+    	<h3>修改安全性设置</h3>
+        <hr />
+        <div class="tabbable">
+        <ul class="nav nav-tabs">
+            <li <?php if($this->section == "email" || empty($this->section)) echo 'class="active"'?>><a href="#tab2" data-toggle="tab">电子邮箱</a></li>
+            <li <?php if($this->section == "password") echo 'class="active"'?>><a href="#tab3" data-toggle="tab">修改密码</a></li>
+        </ul>
+		<?php if(!empty($this->error)) { ?>
+        <?= $this->error ?>
+        <?php } ?>
+        <div class="tab-content">
+        <div class="tab-pane  <?php if($this->section == "email" || empty($this->section)) echo 'active'?>" id="tab2">
+            <div id="email">
+                <form id="opt_email" action="/account/secure/opt/email" method="post" class="form-horizontal">
+                    <div class="control-group">
+                    	<label class="control-label">Email:</label>
+                        <div class="controls">
+                    		<input type="text" value="" name="email" />
+                    	</div>
+                    </div>
+                    <div class="control-group">
+                    	<label class="control-label">密码:</label>
+                        <div class="controls">
+                    		<input type="password" name="password" />
+                            <span class="help-inline">如果要修改邮箱，请输入原密码</span>
+                        </div>
+                    </div>
+                    <div class="form-actions">
+                    	<input type="hidden" name="submit" value="submit" />
+                    	<button type="submit" class="btn btn-green" class="btn btn-primary">保存</button>
+                    	<button type="reset" id="reset" class="btn">取消</button>
+                    </div>
+                </form>
+            </div>
+        </div><!-- tab2 -->
+        <div class="tab-pane  <?php if($this->section == "password") echo 'active'?>" id="tab3">
+            <div id="password">
+                <form action="/account/secure" method="post" class="form-horizontal">
+                    <div class="control-group ">
+                        <label class="control-label">当前密码</label>
+                        <div class="controls">
+                        <input name="password" type="password" value="" />
+                        <span class="help-inline">如果要修改密码，请输入原密码</span>
+                        </div>
+                    </div>
+                    <div class="control-group ">
+                        <label class="control-label">新密码</label>
+                        <div class="controls">
+                        <input type="password" name="new_password" value="" />
+                        </div>
+                    </div>
+                    <div class="control-group ">
+                        <label class="control-label">确认新密码</label>
+                        <div class="controls">
+                        <input type="password" name="new_password_confrim" value="" />
+                        </div>
+                    </div>
+                    <div class="form-actions">
+                        <input type="hidden" name="submit" value="submit" />
+                        <button type="submit" class="btn btn-primary">确定</button>
+                        <button type="button" class="btn">取消</button>
+                    </div>
+                </form>
+            </div>
+        </div>
+    </div><!--/span-->
+    </div>
+    </div>
+</div><!--/row-->