fix bug

29ed3fd5 · 冷斌 · 9d2cccfa · 29ed3fd5
Commit 29ed3fd5 authored Mar 02, 2020 by 冷斌
Hide whitespace changes
Inline Side-by-side

Showing with 142 additions and 0 deletions

api/Appapi/Api/User.php
+142 -0

No files found.
--- a/api/Appapi/Api/User.php
+++ b/api/Appapi/Api/User.php
@@ -283,6 +283,20 @@ class Api_User extends PhalApi_Api
                'token'      => ['name' => 'token', 'type' => 'string', 'require' => true, 'desc' => '用户token'],
                'alipay_pay' => ['name' => 'alipay_pay', 'type' => 'string', 'require' => true, 'desc' => '支付宝收款图片'],
                'wx_pay'     => ['name' => 'wx_pay', 'type' => 'string', 'require' => true, 'desc' => '微信收款图片'],
+                'user_pass' => ['name' => 'user_pass2', 'type' => 'string', 'require' => true, 'desc' => '密码'],
+            ],
+
+            'getCode' => [
+                'mobile' => ['name' => 'mobile', 'type' => 'string', 'min' => 1, 'require' => true, 'desc' => '手机号'],
+                'sign'   => ['name' => 'sign', 'type' => 'string', 'default' => '', 'desc' => '签名'],
+            ],
+
+            'setPass' => [
+                'uid'       => ['name' => 'uid', 'type' => 'int', 'min' => 1, 'require' => true, 'desc' => '用户ID'],
+                'token'     => ['name' => 'token', 'type' => 'string', 'require' => true, 'desc' => '用户token'],
+                'code'      => ['name' => 'code', 'type' => 'string', 'min' => 1, 'require' => true, 'desc' => '验证码'],
+                'user_pass' => ['name' => 'user_pass2', 'type' => 'string', 'require' => true, 'desc' => '密码'],
+                'mobile' => ['name' => 'mobile', 'type' => 'string', 'min' => 1, 'require' => true, 'desc' => '手机号'],
            ],

        ];
@@ -2244,6 +2258,7 @@ class Api_User extends PhalApi_Api
        $rs = ['code' => 0, 'info' => [], 'msg' => '提交成功'];
        $uid = checkNull($this->uid);
        $token = checkNull($this->token);
+        $user_pass=checkNull($this->user_pass);

        $checkToken = checkToken($uid, $token);
        if ($checkToken == 700) {
@@ -2251,6 +2266,13 @@ class Api_User extends PhalApi_Api
            $rs['msg'] = '您的登陆状态失效，请重新登陆！';
            return $rs;
        }
+        $user = DI()->notorm->users->where("uid={$uid}")->fetchOne();
+        if ($user['user_pass2'] != setPass($user_pass)) {
+            $rs['code'] = 10001;
+            $rs['msg'] = '密码错误';
+            return $rs;
+        }
+
        $data = $this->_getPayImage($uid);
        if (!$data) {
            DI()->notorm->users_auth_pay->insert([
@@ -2273,4 +2295,124 @@ class Api_User extends PhalApi_Api
        return $rs;
    }

+    public function getCode()
+    {
+        $rs = ['code' => 0, 'msg' => '', 'info' => []];
+
+        $mobile = checkNull($this->mobile);
+        $sign = checkNull($this->sign);
+
+        $ismobile = checkMobile($mobile);
+        if (!$ismobile) {
+            $rs['code'] = 1001;
+            $rs['msg'] = '请输入正确的手机号';
+            return $rs;
+        }
+
+        $checkdata = [
+            'mobile' => $mobile,
+        ];
+
+        $issign = checkSign($checkdata, $sign);
+        if (!$issign) {
+            $rs['code'] = 1001;
+            $rs['msg'] = '签名错误';
+            return $rs;
+        }
+
+        if ($_SESSION['user_pass2_mobile'] == $mobile && $_SESSION['user_pass2_mobile_expiretime'] > time()) {
+            $rs['code'] = 1002;
+            $rs['msg'] = '验证码5分钟有效，请勿多次发送';
+            return $rs;
+        }
+
+        $limit = ip_limit();
+        if ($limit == 1) {
+            $rs['code'] = 1003;
+            $rs['msg'] = '您已当日发送次数过多';
+            return $rs;
+        }
+        $mobile_code = random(6, 1);
+
+        /* 发送验证码 */
+        $result = sendCode($mobile, $mobile_code);
+        if ($result['code'] == 0) {
+            $_SESSION['user_pass2_mobile'] = $mobile;
+            $_SESSION['user_pass2_mobile_code'] = $mobile_code;
+            $_SESSION['user_pass2_mobile_expiretime'] = time() + 60 * 5;
+        } else {
+            if ($result['code'] == 667) {
+                $_SESSION['user_pass2_mobile'] = $mobile;
+                $_SESSION['user_pass2_mobile_code'] = $result['msg'];
+                $_SESSION['user_pass2_mobile_expiretime'] = time() + 60 * 5;
+
+                $rs['code'] = 1002;
+                $rs['msg'] = '验证码为：' . $result['msg'];
+            } else {
+                $rs['code'] = 1002;
+                $rs['msg'] = $result['msg'];
+            }
+        }
+
+        return $rs;
+    }
+
+    public function setPass()
+    {
+        $rs = ['code' => 0, 'info' => [], 'msg' => '提交成功'];
+        $uid = checkNull($this->uid);
+        $token = checkNull($this->token);
+        $user_pass=checkNull($this->user_pass);
+        $mobile = checkNull($this->mobile);
+        $code=checkNull($this->code);
+
+        $checkToken = checkToken($uid, $token);
+        if ($checkToken == 700) {
+            $rs['code'] = $checkToken;
+            $rs['msg'] = '您的登陆状态失效，请重新登陆！';
+            return $rs;
+        }
+
+        if(!$_SESSION['user_pass2_mobile'] || !$_SESSION['user_pass2_mobile_code']){
+            $rs['code'] = 1001;
+            $rs['msg'] = '请先获取验证码';
+            return $rs;
+        }
+
+        if($mobile!=$_SESSION['user_pass2_mobile']){
+            $rs['code'] = 1001;
+            $rs['msg'] = '手机号码不一致';
+            return $rs;
+        }
+
+        if($code!=$_SESSION['user_pass2_mobile_code']){
+            $rs['code'] = 1002;
+            $rs['msg'] = '验证码错误';
+            return $rs;
+        }
+
+        $check = passcheck($user_pass);
+
+        if($check==0){
+            $rs['code'] = 1004;
+            $rs['msg'] = '密码6-12位数字与字母';
+            return $rs;
+        }else if($check==2){
+            $rs['code'] = 1005;
+            $rs['msg'] = '密码不能纯数字或纯字母';
+            return $rs;
+        }
+        DI()->notorm->users->where("uid={$uid}")->update([
+            'user_pass2'     => setPass($user_pass),
+        ]);
+
+        $_SESSION['user_pass2_mobile'] = '';
+        $_SESSION['user_pass2_mobile_code'] = '';
+        $_SESSION['user_pass2_mobile_expiretime'] = '';
+
+        return $rs;
+
+
+    }
+
 }