You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
486 lines
18 KiB
486 lines
18 KiB
<?php
|
|
namespace app\api\controller;
|
|
use think\Request;
|
|
use think\Controller;
|
|
use think\Db;
|
|
use think\Validate;
|
|
use think\Response;
|
|
use think\exception\HttpResponseException;
|
|
class User extends Controller{
|
|
public function __construct(){
|
|
config('default_return_type','json');
|
|
$request=request();
|
|
$action=$request->action();
|
|
$post = $request->post();
|
|
$appid=input('appid');
|
|
$secret="49ba59abbe56e057";
|
|
$agentid="098f6bcd4621d373cade4e832627b4f6";
|
|
|
|
if(empty($appid)){
|
|
$this->error2('缺少appid参数');
|
|
}
|
|
if($appid!=$agentid){
|
|
$this->error2('appid错误');
|
|
}
|
|
|
|
$timestamp =input('time');
|
|
if (empty($timestamp)) {
|
|
$this->error2('缺少time参数');
|
|
}
|
|
// 判断token
|
|
$token =input('token');
|
|
if(!$token) {
|
|
$this->error2('缺少token参数');
|
|
}
|
|
$curtime = time();
|
|
$expire = 60; // 允许延迟秒数
|
|
if (!$timestamp || $timestamp > $curtime || ($timestamp + $expire) < $curtime) {
|
|
$this->error2('token验证超时');
|
|
}
|
|
$sign=$this->getSign($secret, $post);
|
|
if ($token != $sign) {
|
|
$this->error2('token验证失败');
|
|
}
|
|
}
|
|
|
|
// 获取sign
|
|
protected function getSign($secret, $data){
|
|
if (isset($data['token']))unset($data['token']);
|
|
if (isset($data['appid']))unset($data['appid']);
|
|
// 对数组的值按key排序
|
|
ksort($data);
|
|
// 生成url的形式
|
|
$params = http_build_query($data);
|
|
// 生成sign
|
|
$sign = md5($params.$secret);
|
|
return $sign;
|
|
}
|
|
/**
|
|
* 用户登录
|
|
*/
|
|
public function login(){
|
|
$mobile=input('mobile');
|
|
$verify=input('verify');
|
|
if(empty($mobile)){
|
|
$this->error2("手机号不能为空");
|
|
}
|
|
if(empty($verify)){
|
|
$this->error2("验证码不能为空");
|
|
}
|
|
$where['sms_type']='ulogin';
|
|
$where['sms_tel']=$mobile;
|
|
$where['sms_time']=['>',time()-600];
|
|
$rst=Db::name('smslog')->where($where)->find();
|
|
if(!$rst||$rst['sms_code']!=$verify) $this->error2(lang('verifiy incorrect'));
|
|
|
|
$where=[];
|
|
$where['member_list_tel|member_list_username']=$mobile;
|
|
$where['user_status']=1;
|
|
//$where['member_list_groupid']=8;
|
|
$fields="member_list_id,member_list_username,member_list_nickname,member_list_sex,
|
|
member_list_headpic,member_list_tel,member_list_email,member_list_addtime,
|
|
birthday,signature,user_status";
|
|
$member=Db::name("member_list")->field($fields)->where($where)->find();
|
|
|
|
if (!$member){
|
|
$this->error2(lang('username or pwd incorrect'));
|
|
}else{
|
|
if($member['user_status']==0){
|
|
$this->error2(lang('user disabled'));
|
|
}
|
|
$id=$member["member_list_id"];
|
|
$str = md5(uniqid(md5(microtime(true)), true)); //uniqid — 生成一个唯一ID
|
|
$access_token = sha1($str.$mobile.'||'.$id); //$phone为用户的手机号
|
|
$check=Db::name("member_access")->where(['mid'=>$id])->find();
|
|
if(!$check){
|
|
$row=[];
|
|
$row['mid']=$id;
|
|
$row['create_time']=time();
|
|
$row['token']=$access_token;
|
|
$row['state']=1;
|
|
$res=Db::name("member_access")->insert($row);
|
|
}else{
|
|
$row=[];
|
|
$row['create_time']=time();
|
|
$row['token']=$access_token;
|
|
$row['state']=1;
|
|
$res=Db::name("member_access")->where(array('mid'=>$id))->update($row);
|
|
}
|
|
$member['birthday']=empty($member['birthday'])?$member['birthday']:'';
|
|
$member['access_token']=$access_token;
|
|
$member['member_list_headpic']=$this->_img($member['member_list_headpic']);
|
|
//更新字段
|
|
$data = array('last_login_time' => time());
|
|
Db::name("member_list")->where(array('member_list_id'=>$id))->update($data);
|
|
$this->success2(lang('login success'),$member);
|
|
}
|
|
}
|
|
/**
|
|
* 注册用户
|
|
*/
|
|
public function reg(){
|
|
$tel=input('member_list_tel','');
|
|
$password=input('member_list_pwd');
|
|
$repassword=input('member_list_compwd');
|
|
$nickname=input('member_list_nickname');
|
|
$email=input('member_list_email');
|
|
$verify=input('verify');
|
|
|
|
$headpic=input('member_list_headpic');
|
|
$sex=input('member_list_sex');
|
|
$birthday=input('birthday');
|
|
|
|
//手机注册
|
|
$where['sms_type']='ureg ';
|
|
$where['sms_tel']=$tel;
|
|
$where['sms_time']=['>',time()-600];
|
|
$rst=Db::name('smslog')->where($where)->find();
|
|
|
|
if(!$rst||$rst['sms_code']!=$verify) $this->error2(lang('verifiy incorrect'));
|
|
|
|
$rule = [
|
|
['member_list_pwd','require|length:6,20','密码不能为空|密码长度6-20位'],
|
|
['member_list_tel','require','手机号必须'],
|
|
['member_list_email','require','邮箱必须'],
|
|
['member_list_compwd','require|confirm:member_list_pwd','确认密码不能为空|确认密码不正确']
|
|
];
|
|
$validate = new Validate($rule);
|
|
$rst= $validate->check(array(
|
|
'member_list_pwd'=>$password,
|
|
'member_list_compwd'=>$repassword,
|
|
'member_list_tel'=>$tel,
|
|
'member_list_email'=>$email
|
|
));
|
|
if(true !==$rst){
|
|
$error=is_array($validate->getError())?join('|',$validate->getError()):$validate->getError();
|
|
$this->error2($error);
|
|
}
|
|
//判断是否存在
|
|
$result = Db::name('member_list')->where('member_list_tel',$tel)->count();
|
|
if($result) $this->error2('此手机已注册');
|
|
|
|
$member_list_salt=random(10);
|
|
$sl_data=array(
|
|
'member_list_username'=>$tel,
|
|
'member_list_nickname'=>$nickname,
|
|
'member_list_salt' => $member_list_salt,
|
|
'member_list_tel'=>$tel,
|
|
'member_list_pwd'=>encrypt_password($password,$member_list_salt),
|
|
'member_list_email'=>$email,
|
|
'member_list_headpic'=>$headpic,
|
|
'member_list_sex'=>$sex,
|
|
'birthday'=>$birthday,
|
|
'member_list_groupid'=>8,
|
|
'member_list_open'=>1,
|
|
'member_list_addtime'=>time(),
|
|
'user_status'=>1
|
|
);
|
|
$rst=Db::name('member_list')->insertGetId($sl_data);
|
|
if($rst!==false){
|
|
//更新字段
|
|
$this->success2("注册成功");
|
|
}else{
|
|
$this->error2("注册失败");
|
|
}
|
|
}
|
|
/**
|
|
* 忘记密码
|
|
*/
|
|
public function forget(){
|
|
$tel=input('member_list_tel');
|
|
$verify=input('verify');
|
|
$pwd=input('password');
|
|
$repwd=input('repassword');
|
|
$user=Db::name("member_list")->where('member_list_tel',$tel)->find();
|
|
if($user){
|
|
//手机
|
|
$where['sms_type']='uforget';
|
|
$where['sms_tel']=$tel;
|
|
$where['sms_time']=['>',time()-120];
|
|
$rst=Db::name('smslog')->where($where)->find();
|
|
if(!$rst||$rst['sms_code']!=$verify) $this->error2('验证码不正确');
|
|
|
|
$rule = [
|
|
['password','require|length:5,20','{%pwd empty}|{%pwd length}'],
|
|
['repassword','require|confirm:password','{%repassword empty}|{%repassword incorrect}'],
|
|
];
|
|
$validate = new Validate($rule);
|
|
$rst= $validate->check(array('password'=>$pwd,'repassword'=>$repwd));
|
|
if(true !==$rst){
|
|
$error=is_array($validate->getError())?join('|',$validate->getError()):$validate->getError();
|
|
$this->error2($error);
|
|
}else{
|
|
$mid=$user['member_list_id'];
|
|
$msalt=random(10);
|
|
$mpwd=encrypt_password($pwd,$msalt);
|
|
$update=[];
|
|
$update['member_list_pwd']=$mpwd;
|
|
$update['member_list_salt']=$msalt;
|
|
$update['user_activation_key']='';
|
|
$result=Db::name("member_list")->where('member_list_id',$mid)->update($update);
|
|
if($result){
|
|
$this->success2(lang('密码修改成功'));
|
|
}else {
|
|
$this->error2(lang('密码修改失败'));
|
|
}
|
|
}
|
|
}else {
|
|
$this->error2(lang('member not exist'));
|
|
}
|
|
}
|
|
protected function _check(){
|
|
$token=input('access_token');
|
|
if(empty($token))$this->error2("登录凭证必传");
|
|
$access=Db::name("member_access")->where(['token'=>$token,'state'=>1])->find();
|
|
if(!$access)$this->error2("请重新登录");
|
|
$time=$access['create_time'];
|
|
if($time+3600*24<time()){
|
|
$this->error2("登录凭证过期,请重新登录");
|
|
}
|
|
return $access['mid'];
|
|
}
|
|
protected function _img($path){
|
|
if(!$path)return "";
|
|
|
|
if(strpos($path,SITE_PATH)==false){
|
|
return SITE_PATH.ltrim($path,'/');
|
|
}
|
|
return $path;
|
|
}
|
|
/**
|
|
* 会员详情
|
|
*/
|
|
public function detail(){
|
|
$id=$this->_check();
|
|
$fields="member_list_id,member_list_username,member_list_nickname,member_list_sex,
|
|
member_list_headpic,member_list_tel,member_list_email,member_list_addtime,
|
|
birthday,signature,user_status";
|
|
$user=Db::name("member_list")->field($fields)->where('member_list_id',$id)->find();
|
|
if(!$user)$this->error2("此用户不存在");
|
|
|
|
$user['member_list_headpic']=$this->_img($user['member_list_headpic']);
|
|
Db::name("member_access")->where('mid',$id)->update(['create_time'=>time()]);
|
|
|
|
$user['birthday']=empty($user['birthday'])&&!is_null($user['birthday'])?$user['birthday']:'';
|
|
$this->success2("查询成功",$user);
|
|
}
|
|
/**
|
|
* 会员修改
|
|
*/
|
|
public function edit(){
|
|
$id=$this->_check();
|
|
$type=input('type');
|
|
$user=Db::name("member_list")->where('member_list_id',$id)->find();
|
|
if(!$user)$this->error2("此用户不存在");
|
|
$mid=$user['member_list_id'];
|
|
$update=[];
|
|
switch ($type){
|
|
case 1://基本信息
|
|
$nickname=input('member_list_nickname');
|
|
$sex=input('member_list_sex');
|
|
$headpic=input('member_list_headpic');
|
|
$rule = [
|
|
['member_list_nickname','require',"用户昵称必填"],
|
|
['member_list_sex','require',"用户性别必选"],
|
|
['member_list_headpic','require',"用户头像必传"],
|
|
];
|
|
$validate = new Validate($rule);
|
|
$rst= $validate->check(array('member_list_nickname'=>$nickname,'member_list_sex'=>$sex,'member_list_headpic'=>$headpic));
|
|
if(true !==$rst){
|
|
$error=is_array($validate->getError())?join('|',$validate->getError()):$validate->getError();
|
|
$this->error2($error);
|
|
}else{
|
|
$update['member_list_nickname']=$nickname;
|
|
$update['member_list_sex']=$sex;
|
|
$update['member_list_headpic']=$headpic;
|
|
}
|
|
break;
|
|
case 2://密码
|
|
$salt=$user['member_list_salt'];
|
|
$opwd=input('old_password');
|
|
$opass=encrypt_password($opwd,$salt);
|
|
if($opass!=$user['member_list_pwd']){
|
|
$this->error2(lang('原始密码不正确'));
|
|
}
|
|
$pwd=input('password');
|
|
$repwd=input('repassword');
|
|
$rule = [
|
|
['password','require|length:5,20','{%pwd empty}|{%pwd length}'],
|
|
['repassword','require|confirm:password','{%repassword empty}|{%repassword incorrect}'],
|
|
];
|
|
$validate = new Validate($rule);
|
|
$rst= $validate->check(array('password'=>$pwd,'repassword'=>$repwd));
|
|
if(true !==$rst){
|
|
$error=is_array($validate->getError())?join('|',$validate->getError()):$validate->getError();
|
|
$this->error2($error);
|
|
}else{
|
|
$msalt=random(10);
|
|
$mpwd=encrypt_password($pwd,$msalt);
|
|
|
|
$update['member_list_pwd']=$mpwd;
|
|
$update['member_list_salt']=$msalt;
|
|
$update['user_activation_key']='';
|
|
}
|
|
break;
|
|
case 3://手机号
|
|
$pwd=input('password');
|
|
$salt=$user['member_list_salt'];
|
|
if(encrypt_password($pwd,$salt)!=$user['member_list_pwd']){
|
|
$this->error2(lang('密码验证不正确'));
|
|
}
|
|
$tel=input('member_list_tel');
|
|
$verify=input('verify');
|
|
|
|
$result = Db::name('member_list')->where('member_list_tel',$tel)->count();
|
|
if($result) $this->error2($tel.'手机已注册');
|
|
|
|
$where['sms_type']='uedit';
|
|
$where['sms_tel']=$tel;
|
|
$where['sms_time']=['>',time()-120];
|
|
$rst=Db::name('smslog')->where($where)->find();
|
|
if(!$rst||$rst['sms_code']!=$verify) $this->error2('验证码不正确');
|
|
|
|
$rule = [
|
|
['member_list_tel','require'],
|
|
['verify','require'],
|
|
];
|
|
$validate = new Validate($rule);
|
|
$rst= $validate->check(array('member_list_tel'=>$tel,'verify'=>$verify));
|
|
if(true !==$rst){
|
|
$error=is_array($validate->getError())?join('|',$validate->getError()):$validate->getError();
|
|
$this->error2($error);
|
|
}else{
|
|
$update['member_list_username']=$tel;
|
|
$update['member_list_tel']=$tel;
|
|
}
|
|
break;
|
|
}
|
|
|
|
$result=Db::name("member_list")->where('member_list_id',$mid)->update($update);
|
|
if($result){
|
|
$this->success2('修改成功');
|
|
}else {
|
|
$this->error2('修改失败');
|
|
}
|
|
}
|
|
/**
|
|
* 登出
|
|
*/
|
|
public function logout(){
|
|
$token=input('access_token');
|
|
if(empty($token))$this->error2("登录凭证必传");
|
|
$res=Db::name("member_access")->where(['token'=>$token,'state'=>1])->update(['state'=>0]);
|
|
|
|
$this->success2('登出成功');
|
|
}
|
|
/**
|
|
* 短信发送
|
|
*/
|
|
public function sms(){
|
|
$phone = input("mobile");
|
|
$smstype= input("type");
|
|
|
|
if(empty($phone)){
|
|
$this->error2('手机号码为空!');
|
|
}
|
|
if(!in_array($smstype,['ulogin','ureg','uedit','uforget'])){
|
|
$this->error2('短信类型不正确');
|
|
}
|
|
$result = Db::name('member_list')->where(['member_list_tel'=>$phone,'user_status'=>1])->count();
|
|
$check=0;
|
|
if(!$result) $this->error2($phone.'手机号未注册');
|
|
|
|
$where['sms_type']=$smstype;
|
|
$where['sms_tel']=$phone;
|
|
$rst=Db::name('smslog')->where($where)->order("sms_time desc")->find();
|
|
if($rst){
|
|
if($rst['sms_time']>(time()-60)){
|
|
$this->error2('已获取过,'.(60-(time()-$rst['sms_time'])).'秒后稍后再试');
|
|
}
|
|
}
|
|
|
|
$rst_sms=false;
|
|
$error='未设置短信平台配置';
|
|
$code=random(6,'number');
|
|
if(config('ymsms.on')){
|
|
$arr=send_sms($phone,'您好,您的验证码为'.$code.',验证码5分钟内有效!');
|
|
if($arr['code']==1){
|
|
$rst_sms=true;
|
|
}else{
|
|
$error=$arr['msg'];
|
|
}
|
|
}
|
|
if($rst_sms){
|
|
if($rst){
|
|
//更新
|
|
$rst['sms_time']=time();
|
|
$rst['sms_code']=$code;
|
|
$rst=Db::name('smslog')->update($rst);
|
|
if($rst==false){
|
|
$this->error2('短信码获取失败,请重试');
|
|
}
|
|
}else{
|
|
//插入数据库
|
|
$data=[
|
|
'sms_type'=>$smstype,
|
|
'sms_tel'=>$phone,
|
|
'sms_time'=>time(),
|
|
'sms_code'=>$code
|
|
];
|
|
$rst=Db::name('smslog')->insert($data);
|
|
if(!$rst){
|
|
$this->error2('短信码获取失败,请重试');
|
|
}
|
|
}
|
|
}else{
|
|
$this->error2($error);
|
|
}
|
|
|
|
$this->success2('短信码已发送至你手机');
|
|
}
|
|
/**
|
|
* 操作成功跳转的快捷方法
|
|
* @access protected
|
|
* @param mixed $msg 提示信息
|
|
* @param string $url 跳转的URL地址
|
|
* @param mixed $data 返回的数据
|
|
* @param integer $wait 跳转等待时间
|
|
* @param array $header 发送的Header信息
|
|
* @return void
|
|
*/
|
|
protected function success2($msg = '', $data = '', $code =200){
|
|
$result = [
|
|
'code' => $code,
|
|
'msg' => $msg,
|
|
'data' => $data
|
|
];
|
|
|
|
$type = $this->getResponseType();
|
|
$response = Response::create($result, $type)->header([]);
|
|
throw new HttpResponseException($response);
|
|
}
|
|
|
|
/**
|
|
* 操作错误跳转的快捷方法
|
|
* @access protected
|
|
* @param mixed $msg 提示信息
|
|
* @param string $url 跳转的URL地址
|
|
* @param mixed $data 返回的数据
|
|
* @param integer $wait 跳转等待时间
|
|
* @param array $header 发送的Header信息
|
|
* @return void
|
|
*/
|
|
protected function error2($msg = '', $data = '',$code=204){
|
|
$result = [
|
|
'code' => $code,
|
|
'msg' => $msg,
|
|
'data' => $data
|
|
];
|
|
|
|
$type = $this->getResponseType();
|
|
|
|
$response = Response::create($result, $type)->header([]);
|
|
throw new HttpResponseException($response);
|
|
}
|
|
}
|
|
?>
|