wanghongjun
/
wenhuayun
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
why.xingtongworld.com项目
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
18 Commits
1 Branch
0 Tags
154 MiB
 
 
 
 
 
Tree: e3665022f4
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'e3665022f4'
${ noResults }
wenhuayun/app/home/controller/Login.php

632 lines
22 KiB
Raw Blame History

<?php
// +----------------------------------------------------------------------
// | YFCMF [ WE CAN DO IT MORE SIMPLE ]
// +----------------------------------------------------------------------
// | Copyright (c) 2015-2016 http://www.rainfer.cn All rights reserved.
// +----------------------------------------------------------------------
// | Author: rainfer <81818832@qq.com>
// +----------------------------------------------------------------------
namespace app\home\controller;
use think\Db;
use think\captcha\Captcha;
use think\Validate;
use Flc\Alidayu\Client;
use Flc\Alidayu\App;
use Flc\Alidayu\Requests\AlibabaAliqinFcSmsNumSend;
use afs\Request\V20180112\AuthenticateSigRequest;
use function EasyWeChat\Payment\get_client_ip;
class Login extends Base
{
public function index()
{
if(session('hid')){
if($this->user['user_status']){
$this->redirect(__ROOT__."/");
}else{
$current_user=$this->user;
$email = $current_user['member_list_email'];
$this->assign("email",$email);
return $this->view->fetch('user:active');
}
}else{
$this->redirect(__ROOT__."/");
}
}
//验证码
public function verify(){
if (session('hid')) {
$this->redirect(__ROOT__."/");
}
return $this->verify_build('hid');
}
/*
* 退出登录
*/
public function logout()
{
session('hid',null);
session('user',null);
session('api_token',null);
cookie('yf_logged_user',null);
$this->redirect(__ROOT__."/");
}
//登录验证
public function runlogin(){
$token=input('token','');
$ticket=input('ticket');
$randstr=input('randstr');
if(empty($ticket)||empty($randstr)){
$this->error('请先通过验证');
}
$secretKey = 'iK5c3HIfAPULVFyEDyXqvn0G8j4B2e0o';
$config=config('tccaptcha');
$config=$config['log'];
$params=[];
$params['Action']='DescribeCaptchaResult';
$params['Version']='2019-07-22';
$params['CaptchaType']=9;
$params['Ticket']=$ticket;
$params['UserIp']=request()->ip();
$params['Randstr']=$randstr;
$params['CaptchaAppId']=isset($config['appid'])?$config['appid']:'';
$params['AppSecretKey']=isset($config['appsecret'])?$config['appsecret']:'';
$params['SecretId']='AKIDA8pGJICmgL0Reg4Np9ETVHh4D6j7hgS0';
$params['Timestamp']=time();
$params['Nonce']=rand();
//$params['NeedGetCaptchaTime']=1;
$path="captcha.tencentcloudapi.com/";
ksort($params);
$signStr = "GET".$path."?";
foreach ($params as $key => $value ) {
$signStr =$signStr.$key."=".$value."&";
}
$signStr = substr($signStr,0,-1);
$signature = base64_encode(hash_hmac("sha1", $signStr, $secretKey, true));
$params['Signature']=$signature;
$url='https://'.$path.'?'.http_build_query($params);
$res=go_curl2($url,'get');
try {
$res=json_decode($res,true);
if($res['Response']['CaptchaCode']!=1){
$this->error('图片验证失败!');
}
} catch (\Exception $e) {
$this->error('图片验证失败!');
}
$member_list_username=input('member_list_username');
$member_list_pwd=input('member_list_pwd');
$logintype=input('logintype');
$remember=input('remember',0,'intval');
$rule = [
['member_list_username','require','{%username empty}'],
['member_list_pwd','require','{%pwd empty}'],
];
$validate = new Validate($rule);
$rst = $validate->check(array('member_list_username'=>$member_list_username,'member_list_pwd'=>$member_list_pwd));
if(true !==$rst){
$this->error(join('|',$validate->getError()));
}
$where=[];
if(strpos($member_list_username,"@")>0){//邮箱登陆
$where['member_list_email']=$member_list_username;
}else{
$where['member_list_username']=$member_list_username;
}
if($logintype==1){
$where['member_list_groupid']=['not in',[7,10]];
}else{
$where['member_list_groupid']=['in',[7,10]];
}
$member=Db::name("member_list")->where($where)->find();
if (!$member||encrypt_password($member_list_pwd,$member['member_list_salt'])!==$member['member_list_pwd']){
$this->error(lang('username or pwd incorrect'),'',['token'=>$token]);
}else{
if($member['member_list_open']==0){
$this->error(lang('user disabled'),'',['token'=>$token]);
}
//更新字段
$data = array(
'last_login_time' => time(),
'last_login_ip' => request()->ip(),
);
Db::name("member_list")->where(array('member_list_id'=>$member["member_list_id"]))->update($data);
session('hid',$member['member_list_id']);
session('user',$member);
if($remember && $member['user_status']){
//更新cookie
cookie('yf_logged_user', jiami("{$member['member_list_id']}.{$data['last_login_time']}"));
}
$this->success(lang('login success'),url('home/Login/check_active'));
}
}
public function runsmslog(){
$logintype=input('logintype');
$remember=input('remember',0,'intval');
$rule = [
'__slogin__' =>'require|token:__slogin__'
];
$message =[
'__slogin__.require'=>'令牌缺失'
];
$validate=new Validate($rule,$message);
$result=$validate->check(input());
$token=request()->token('__slogin__');
if(!$result){
$this->error($validate->getError(),'',['token'=>$token]);
}
$member_list_username=input('member_list_username');
$verify=input('verify','');
$where=[];
//手机
$where['sms_type']='smslog';
$where['sms_tel']=$member_list_username;
$where['sms_time']=['>',time()-300];
$rst=Db::name('smslog')->where($where)->find();
if(!$rst||$rst['sms_code']!=$verify) $this->error('验证码不正确','',['token'=>$token]);
$where=[];
$where['member_list_username']=$member_list_username;
if($logintype==1){
$where['member_list_groupid']=['not in',[7,10]];
}else{
$where['member_list_groupid']=['in',[7,10]];
}
$member=Db::name("member_list")->where($where)->find();
if (!$member){
$this->error(lang('username or pwd incorrect'),'',['token'=>$token]);
}else{
if($member['member_list_open']==0){
$this->error(lang('user disabled'),'',['token'=>$token]);
}
//更新字段
$data = array(
'last_login_time' => time(),
'last_login_ip' => request()->ip(),
);
Db::name("member_list")->where(array('member_list_id'=>$member["member_list_id"]))->update($data);
session('hid',$member['member_list_id']);
session('user',$member);
if($remember && $member['user_status']){
//更新cookie
cookie('yf_logged_user', jiami("{$member['member_list_id']}.{$data['last_login_time']}"));
}
$this->success(lang('login success'),url('home/Index/index'));
}
}
private function reg(){
return $this->view->fetch('public:reg');
}
private function log(){
return $this->view->fetch('public:log');
}
public function forgot_pwd()
{
return $this->view->fetch('user:forgot_pwd');
}
//验证码
public function verify_forgot()
{
if (session('hid')) {
$this->redirect(__ROOT__."/");
}
return $this->verify_build('forgot');
}
public function get_code(){
$verifyCode = input("verify");
$check = input("type");
if(empty($verifyCode)){
$this->error('图形验证码为空!');
}
//调用掌柜文化金服登录接口,不需要官网的验证码
$verify =new Captcha ();
if($check=='smslog'){
if (!$verify->check($verifyCode,'smslogin')) {
$this->error(lang('verifiy incorrect'));
}
}else{
if (!$verify->check($verifyCode, 'forgot')) {
$this->error(lang('verifiy incorrect'));
}
}
$account=input('account','');
$user=Db::name("member_list")->where('member_list_email|member_list_username|member_list_tel',$account)->find();
if($user){
if(stripos($account,'@')){
//邮箱
$code=random(6,'number');
$rst=Db::name("member_list")->where(array("member_list_id"=>$user['member_list_id']))->update(array("user_activation_key"=>$code));
if($rst){
$template = lang('emal text').
<<<hello
#code#
hello;
$content = str_replace(array('#code#','#username#'), array($code,$user['member_list_username']),$template);
$send_result=sendMail($account, $this->site_options['site_name'].' '.lang('pwd reset'), $content);
if($send_result['error']){
return json(['code'=>0,'msg'=>lang('send pwd reset email failed')]);
}else{
return json(['code'=>1]);
}
}else{
return json(['code'=>0,'msg'=>'获取失败,请重试']);
}
}else{
//手机
if($check=='smslog'){
$rst=Db::name('smslog')->where(['sms_type'=>'smslog','sms_tel'=>$account])->find();
}else{
$rst=Db::name('smslog')->where(['sms_type'=>'forgot','sms_tel'=>$account])->find();
}
if($rst){
if($rst['sms_time']>(time()-120)){
return json(['code'=>0,'msg'=>'已获取过,'.(time()-$rst['sms_time']).'后稍后再试']);
}
}
$rst_sms=false;
$error='未设置短信平台配置';
$code=random(6,'number');
$customid=random(16,'number');
$extcode=random(6,'number');
if(config('alisms.on')){
$client = new Client(new App(config('alisms')));
$req = new AlibabaAliqinFcSmsNumSend;
$req->setRecNum($account)
->setSmsParam([
'number' => $code
])
->setSmsFreeSignName(config('alisms.signName'))
->setSmsTemplateCode(config('alisms.TemplateCode'));//忘记密码短信模板
$resp = $client->execute($req);
if($resp->result->success){
$rst_sms=true;
}else{
$error=$resp->sub_msg;
}
}elseif(config('ymsms.on')){
//$arr=send_sms($account,'【'.config('ymsms.signname').'】您好,您的申请密码找回的验证码为'.$code.',验证码2分钟内有效!');
$msg='您好,您的申请密码找回的验证码为'.$code.',验证码5分钟内有效!';
if($check=='smslog'){
$msg='您好,您的短信登录验证码为'.$code.',验证码5分钟内有效!';
}
$arr=send_sms($account,$msg);
if($arr['code']==1){
$rst_sms=true;
}else{
$error=$arr['msg'];
}
}
if($rst_sms){
if($rst){
//更新
$rst['sms_time']=time();
$rst['sms_code']=$code;
$rst=Db::name('smslog')->update($rst);
if($rst!==false){
return json(['code'=>1]);
}else{
return json(['code'=>0,'msg'=>'获取失败,请重试']);
}
}else{
//插入数据库
$data=[
'sms_tel'=>$account,
'sms_time'=>time(),
'sms_code'=>$code,
'sms_customid'=>$customid,
'sms_extend'=>$extcode
];
if($check=='smslog'){
$data['sms_type']='smslog';
}else{
$data['sms_type']='forgot';
}
$rst=Db::name('smslog')->insert($data);
if($rst){
return json(['code'=>1]);
}else{
return json(['code'=>0,'msg'=>'获取失败,请重试']);
}
}
}else{
return json(['code'=>0,'msg'=>$error]);
}
}
}else{
return json(['code'=>0,'msg'=>'该邮箱或手机未注册过']);
}
}
public function runforgot_pwd()
{
if(request()->isPost()){
$logintype=input('logintype');
$rule = [
'__retri__' =>'require|token:__retri__'
];
$message =[
'__retri__.require'=>'令牌缺失'
];
$validate=new Validate($rule,$message);
$result=$validate->check(input());
$token=request()->token('__retri__');
if(!$result){
$this->error($validate->getError(),url('index/index'),['token'=>$token]);
}
$member_list_username=input('member_list_username');
$verify=input('verify','');
$where=[];
$where['member_list_email|member_list_username|member_list_tel']=$member_list_username;
if($logintype==1){
$where['member_list_groupid']=['not in',[7,10]];
}else{
$where['member_list_groupid']=['in',[7,10]];
}
$find_user=Db::name("member_list")->where($where)->find();
if($find_user){
$mid=$find_user['member_list_id'];
if(stripos($member_list_username,'@')){
$code=$find_user['user_activation_key'];
//邮箱
if($code==$verify){
$this->success('验证正确',url('index/index'),['token'=>$token,'member_list_id'=>$mid,'code'=>$code]);
}else{
$this->error('验证码不正确',url('index/index'),['token'=>$token]);
}
}else{
$code=$verify;
$where=[];
//手机
$where['sms_type']='forgot';
$where['sms_tel']=$member_list_username;
$where['sms_time']=['>',time()-300];
$rst=Db::name('smslog')->where($where)->find();
if(!$rst || $rst['sms_code']!=$verify) $this->error('验证码不正确',url('index/index'),['token'=>$token]);
$this->success('验证正确',url('index/index'),['token'=>$token,'member_list_id'=>$mid,'code'=>$code]);
}
}else {
$this->error(lang('member not exist'),url('index/index'),['token'=>$token]);
}
}
}
public function pwd_reset()
{
$type=input("type",1,'intval');
$member_list_id=input("member_list_id",0,'intval');
$code=input("code",'');
$find_user=Db::name('member_list')->find($member_list_id);
if($find_user){
if($type==1){
if(!$code || $find_user['user_activation_key']!=$code){
$this->error('激活验证码不正确',url('home/Index/index'));
}
}else{
$rst=Db::name('smslog')->where(['sms_type'=>'forgot','sms_code'=>$code,'sms_tel'=>$find_user['member_list_tel']])->find();
if(!$rst){
$this->error('激活验证码不正确',url('home/Index/index'));
}
}
$this->assign("code",$code);
$this->assign("member_list_id",$member_list_id);
$this->assign("type",$type);
return $this->view->fetch('user:pwd_reset');
}else{
$this->error('不存在此会员',url('home/Index/index'));
}
}
//验证码
public function verify_reset()
{
if (session('hid')) {
$this->redirect(__ROOT__."/");
}
return $this->verify_build('pwd_reset');
}
public function runpwd_reset()
{
if(request()->isPost()){
$rule = [
'__reset__' =>'require|token:__reset__'
];
$message =[
'__reset__.require'=>'令牌缺失'
];
$validate=new Validate($rule,$message);
$result=$validate->check(input());
$token=request()->token('__reset__');
if(!$result){
$this->error($validate->getError(),url('index/index'),['token'=>$token]);
}
$verify =new Captcha();
if (!$verify->check(input('verify'), 'pwd_reset')) {
$this->error(lang('verifiy incorrect'),url('index/index'),['token'=>$token]);
}
$rule = [
['password','require|length:5,20','{%pwd empty}|{%pwd length}'],
['repassword','require|confirm:password','{%repassword empty}|{%repassword incorrect}'],
];
$validate = new Validate($rule);
$rst= $validate->check(array('password'=>input('password'),'repassword'=>input('repassword')));
if(true !==$rst){
$error=is_array($validate->getError())?join('|',$validate->getError()):$validate->getError();
$this->error($error,url('index/index'),['token'=>$token]);
}else{
$password=input('password');
$code=input('code','');
$type=input('type');
$member_list_id=input('member_list_id');
$find_user=Db::name('member_list')->find($member_list_id);
if($find_user){
if($type==1){
if(!$code || $find_user['user_activation_key']!=$code){
$this->error('激活验证码不正确',url('index/index'),['token'=>$token]);
}
}else{
$rst=Db::name('smslog')->where(['sms_type'=>'forgot','sms_code'=>$code,'sms_tel'=>$find_user['member_list_tel']])->find();
if(!$rst){
$this->error('激活验证码不正确',url('index/index'),['token'=>$token]);
}
}
$member_list_salt=random(10);
$member_list_pwd=encrypt_password($password,$member_list_salt);
$result=Db::name("member_list")->where('member_list_id',$member_list_id)->update(array('first_pwd'=>'','member_list_pwd'=>$member_list_pwd,'user_activation_key'=>'','member_list_salt'=>$member_list_salt));
if($result){
$this->success(lang('pwd reset success'),url('index/index'),['token'=>$token]);
}else {
$this->error(lang('pwd reset failed'),url('index/index'),['token'=>$token]);
}
}else{
$this->error('不存在此会员',url('index/index'),['token'=>$token]);
}
}
}
}
public function check_active()
{
$this->check_login();
if($this->user['user_status']){
$this->redirect(__ROOT__."/");
}else{
$current_user=$this->user;
$email = $current_user['member_list_email'];
$this->assign("email",$email);
$mailurl=null;
if(stripos($email,'@163.com') or stripos($email,'@vip.163.com')) {
$mailurl = 'http://mail.163.com';
}elseif(stripos($email,'@163.net') or stripos($email,'@vip.tom.com')) {
$mailurl = 'http://www.163.net/';
}elseif(stripos($email,'@qq.com') or stripos($email,'@vip.qq.com') or stripos($email,'@foxmail.com')) {
$mailurl = 'http://mail.qq.com';
}elseif(stripos($email,'@126.com')) {
$mailurl = 'http://mail.126.com';
}elseif(stripos($email,'@yeah.net')) {
$mailurl = 'http://mail.yeah.net/';
}elseif(stripos($email,'@msn.com') or stripos($email,'@hotmail.com') or stripos($email,'@live.cn') or stripos($email,'@live.com')) {
$mailurl = 'http://hotmail.msn.com/';
}elseif(stripos($email,'@yahoo.cn') or stripos($email,'@yahoo.com.cn')) {
$mailurl = 'https://login.yahoo.com/config/mail?&.src=ym&.intl=cn';
}elseif(stripos($email,'@yahoo.com.tw')) {
$mailurl = 'https://login.yahoo.com/config/mail?&.src=ym&.intl=tw';
}elseif(stripos($email,'@sohu.com') or stripos($email,'@vip.sohu.com')) {
$mailurl = 'http://mail.sohu.com/';
}elseif(stripos($email,'@sina.com') or stripos($email,'@vip.sina.com') or stripos($email,'@sina.cn') or stripos($email,'@51uc.com') or stripos($email,'@2008.sina.com')) {
$mailurl = 'http://mail.sina.com.cn/';
}elseif(stripos($email,'@gmail.com')) {
$mailurl = 'http://gmail.google.com/';
}elseif(stripos($email,'@gmail.com')) {
$mailurl = 'http://mail.10086.cn/';
}elseif(stripos($email,'@gmail.com')) {
$mailurl = 'http://mail.10086.cn/';
}elseif(stripos($email,'@tom.com')) {
$mailurl = 'http://mail.tom.com/';
}elseif(stripos($email,'@188.com')) {
$mailurl = 'http://vip.188.com/';
}elseif(stripos($email,'@21cn.com') or stripos($email,'@vip.21cn.com') or stripos($email,'@21cn.net')) {
$mailurl = 'http://mail.21cn.com/';
}elseif(stripos($email,'@263.net')) {
$mailurl = 'https://www.263.net/';
}elseif(stripos($email,'@china.com')) {
$mailurl = 'http://mail.china.com/';
}
$this->assign("mailurl",$mailurl);
//判断是否激活
return $this->view->fetch('user:active');
}
}
//重发激活邮件
public function resend()
{
$this->check_login();
$current_user=$this->user;
if($current_user['user_status']==0){
if($current_user['member_list_email']){
$active_options=get_active_options();
$activekey=md5($current_user['member_list_id'].time().uniqid());//激活码
$result=Db::name('member_list')->where(array("member_list_id"=>$current_user['member_list_id']))->update(array("user_activation_key"=>$activekey));
if(!$result){
$this->error(lang('activation code generation failed'));
}
//生成激活链接
$url = url('home/Register/active',array("hash"=>$activekey), "", true);
$template = $active_options['email_tpl'];
$content = str_replace(array('http://#link#','#username#'), array($url,$current_user['member_list_username']),$template);
$send_result=sendMail($current_user['member_list_email'], $active_options['email_title'], $content);
if($send_result['error']){
return json(['code'=>0,'msg'=>lang('send active email failed')]);
}else{
return json(['code'=>1,'msg'=>lang('send active email success'),'url'=>url('home/Login/index')]);
}
}else{
return json(['code'=>0,'msg'=>lang('no registered email'),'url'=>url('home/Login/index')]);
}
}else{
return json(['code'=>0,'msg'=>lang('activated'),'url'=>url('home/Login/index')]);
}
}
protected function systemconfig(){
try{
$result = getSystemConfig();
if($result->result=='000000'){
$zgwhjf_config=[
'login_verity_code_enable'=>$result->data->security->login->verifyCode_enable,//登录是否开启验证码
'login_verity_code_type'=>$result->data->security->login->verifyCode_type,//登录验证类型(SMS:短信 IMAGE:图像验证码)
'code'=>1,'msg'=>'提交成功'
];
return json($zgwhjf_config);
}else{
}
}catch (\Exception $e){
return json(['code'=>'0','msg'=>'获取失败']);
}
return json(['code'=>'0','msg'=>'获取失败']);
}
/**
* 获取短信
*/
public function loginSms(){
try{
$phone = input("member_list_username");
$verify = input("verify");
if(empty($verify)){
$this->error('验证码为空!');
}
if(empty($phone)){
$this->error('手机号码为空!');
}
$apitoken = session("api_token");
sendSms($phone,$verify,$apitoken);
}catch (\Exception $e){
$this->error('获取失败');
}
$this->success('获取失败');
}
/**
* 检查当前是否已登录
*/
public function check_login(){
if(session('hid')){
return json(array('code'=>1));
}else{
return json(array('code'=>0));
}
}
}