fix bug

e0db4a78 · 冷斌 · 517d4146 · e0db4a78
Commit e0db4a78 authored Mar 03, 2020 by 冷斌
Hide whitespace changes
Inline Side-by-side

Showing with 28 additions and 12 deletions

api/Appapi/Api/User.php
+28 -12

No files found.
--- a/api/Appapi/Api/User.php
+++ b/api/Appapi/Api/User.php
@@ -283,10 +283,11 @@ class Api_User extends PhalApi_Api
                'token'      => ['name' => 'token', 'type' => 'string', 'require' => true, 'desc' => '用户token'],
                'alipay_pay' => ['name' => 'alipay_pay', 'type' => 'string', 'require' => true, 'desc' => '支付宝收款图片'],
                'wx_pay'     => ['name' => 'wx_pay', 'type' => 'string', 'require' => true, 'desc' => '微信收款图片'],
-                'user_pass' => ['name' => 'user_pass', 'type' => 'string', 'require' => true, 'desc' => '密码'],
+                'user_pass'  => ['name' => 'user_pass', 'type' => 'string', 'require' => true, 'desc' => '密码'],
            ],

            'getCode' => [
+                'uid'    => ['name' => 'uid', 'type' => 'int', 'min' => 1, 'require' => true, 'desc' => '用户ID'],
                'mobile' => ['name' => 'mobile', 'type' => 'string', 'min' => 1, 'require' => true, 'desc' => '手机号'],
                'sign'   => ['name' => 'sign', 'type' => 'string', 'default' => '', 'desc' => '签名'],
            ],
@@ -296,7 +297,7 @@ class Api_User extends PhalApi_Api
                'token'     => ['name' => 'token', 'type' => 'string', 'require' => true, 'desc' => '用户token'],
                'code'      => ['name' => 'code', 'type' => 'string', 'min' => 1, 'require' => true, 'desc' => '验证码'],
                'user_pass' => ['name' => 'user_pass', 'type' => 'string', 'require' => true, 'desc' => '密码'],
-                'mobile' => ['name' => 'mobile', 'type' => 'string', 'min' => 1, 'require' => true, 'desc' => '手机号'],
+                'mobile'    => ['name' => 'mobile', 'type' => 'string', 'min' => 1, 'require' => true, 'desc' => '手机号'],
            ],

        ];
@@ -2258,7 +2259,7 @@ class Api_User extends PhalApi_Api
        $rs = ['code' => 0, 'info' => [], 'msg' => '提交成功'];
        $uid = checkNull($this->uid);
        $token = checkNull($this->token);
-        $user_pass=checkNull($this->user_pass);
+        $user_pass = checkNull($this->user_pass);

        $checkToken = checkToken($uid, $token);
        if ($checkToken == 700) {
@@ -2301,6 +2302,7 @@ class Api_User extends PhalApi_Api

        $mobile = checkNull($this->mobile);
        $sign = checkNull($this->sign);
+        $uid = checkNull($this->uid);

        $ismobile = checkMobile($mobile);
        if (!$ismobile) {
@@ -2332,6 +2334,14 @@ class Api_User extends PhalApi_Api
            $rs['msg'] = '您已当日发送次数过多';
            return $rs;
        }
+
+        $user = DI()->notorm->users->where("id={$uid}")->fetchOne();
+        if (!empty($user['user_pass2']) && $user['user_pass_mobile'] != $mobile) {
+            $rs['code'] = 1004;
+            $rs['msg'] = '输入号码不一致';
+            return $rs;
+        }
+
        $mobile_code = random(6, 1);

        /* 发送验证码 */
@@ -2362,9 +2372,9 @@ class Api_User extends PhalApi_Api
        $rs = ['code' => 0, 'info' => [], 'msg' => '提交成功'];
        $uid = checkNull($this->uid);
        $token = checkNull($this->token);
-        $user_pass=checkNull($this->user_pass);
+        $user_pass = checkNull($this->user_pass);
        $mobile = checkNull($this->mobile);
-        $code=checkNull($this->code);
+        $code = checkNull($this->code);

        $checkToken = checkToken($uid, $token);
        if ($checkToken == 700) {
@@ -2373,19 +2383,19 @@ class Api_User extends PhalApi_Api
            return $rs;
        }

-        if(!$_SESSION['user_pass2_mobile'] || !$_SESSION['user_pass2_mobile_code']){
+        if (!$_SESSION['user_pass2_mobile'] || !$_SESSION['user_pass2_mobile_code']) {
            $rs['code'] = 1001;
            $rs['msg'] = '请先获取验证码';
            return $rs;
        }

-        if($mobile!=$_SESSION['user_pass2_mobile']){
+        if ($mobile != $_SESSION['user_pass2_mobile']) {
            $rs['code'] = 1001;
            $rs['msg'] = '手机号码不一致';
            return $rs;
        }

-        if($code!=$_SESSION['user_pass2_mobile_code']){
+        if ($code != $_SESSION['user_pass2_mobile_code']) {
            $rs['code'] = 1002;
            $rs['msg'] = '验证码错误';
            return $rs;
@@ -2403,9 +2413,16 @@ class Api_User extends PhalApi_Api
 //            return $rs;
 //        }

-        DI()->notorm->users->where("id={$uid}")->update([
-            'user_pass2'     => setPass($user_pass),
-        ]);
+        $user = DI()->notorm->users->where("id={$uid}")->fetchOne();
+        $update = [
+            'user_pass2' => setPass($user_pass),
+        ];
+
+        if (empty($user['user_pass2'])) {
+            $update['user_pass_mobile'] = $mobile;
+        }
+
+        DI()->notorm->users->where("id={$uid}")->update($update);

        $_SESSION['user_pass2_mobile'] = '';
        $_SESSION['user_pass2_mobile_code'] = '';
@@ -2413,7 +2430,6 @@ class Api_User extends PhalApi_Api

        return $rs;

-
    }

 }