/**
* 用户注册
* @param $email string 邮箱
* @param $password string hash密码
* @param $name string 用户名
* @param $captcha string 验证码
* @return int 错误代码或者用户成功注册ID
*/
public function Register($email, $password, $name, $captcha)
{
$email = strtolower(trim($email));
$password = strtolower(trim($password));
$name = strtolower(trim($name));
$captcha = trim($captcha);
if (($code = hook()->apply("UserRegister_Register_before", 0, $email, $password, $name, $captcha)) < 0) {
return $code;
}
if (!$this->Captcha($captcha)) {
return -1;
}
if (!UserCheck::CheckPassword($password)) {
return -2;
}
if (UserCheck::CheckName($name) !== true) {
return -4;
}
if (UserCheck::CheckEmail($email) !== true) {
return -5;
}
$ip = new Ip();
$register_array = ['user_name' => $name, 'user_email' => $email, 'user_aliases' => $name, 'user_password' => '', 'user_salt' => salt(64), 'user_registered_time' => date("Y-m-d H:i:s"), 'user_registered_ip' => $ip->ip2bin($ip->realip()), 'user_cookie_salt' => salt(64), 'user_avatar' => UserCheck::DefaultAvatar(), 'user_status' => 0];
$register_array['user_password'] = UserCheck::CreatePassword($password, $register_array['user_salt']);
$reg_code = db()->insert("users", $register_array);
if ($reg_code <= 0) {
Log::write(_("User register insert sql error."), Log::SQL);
return -3;
}
try {
//关于注册成功的提醒
hook()->apply("UserRegister_Register_success", $reg_code, $register_array);
if (hook()->apply("UserRegister_Register_success_send_mail", true)) {
//判断是否注册过程中需要发送注册邮件
$u = new User($reg_code);
$this->SendActivationMail($u);
}
} catch (\Exception $ex) {
Log::write(_("User register success exception notice"), Log::NOTICE);
}
return $reg_code;
}
public function user_add()
{
$req = req()->_plain();
if ($req->is_post()) {
lib()->load("UserRegister", "UserCheck");
try {
$ur = new UserRegister();
hook()->add('UserRegister_Captcha', function () {
//通过钩子去掉用户注册验证码
return true;
});
$id = $ur->Register($req->post('email'), UserCheck::MakeHashChar($req->post('password')), $req->post('name'), "ADMIN");
if ($id > 0) {
$this->rt_msg['status'] = true;
$this->rt_msg['content'] = $id;
} else {
$this->rt_msg['msg'] = $ur->CodeMsg($id);
}
} catch (\Exception $ex) {
$this->rt_msg['msg'] = $ex->getMessage();
}
} else {
$this->rt_msg['msg'] = "必须以POST方式提交数据";
}
}
/**
* 修改用户邮箱
* @param User $user
* @param string $email
* @param string $password
* @param string $code
* @throws \Exception
*/
public function edit_email($user, $email, $password, $code)
{
lib()->load('UserCheck');
$email = strtolower(trim($email));
$code = strtolower(trim($code));
if ($user->getPassword() !== UserCheck::CreatePassword($password, $user->getSalt())) {
$this->throwMsg(-10);
}
$email_check = UserCheck::CheckEmail($email);
if ($email_check !== true) {
throw new \Exception($email_check);
}
$meta = $user->getMeta()->get(['edit_email_add', 'edit_email_time', 'edit_email_code'], '');
if ($meta['edit_email_add'] !== $email) {
$this->throwMsg(-13);
}
if ($meta['edit_email_code'] !== $code) {
$this->throwMsg(-12);
}
if (time() - strtotime($meta['edit_email_time']) > hook()->apply('UserControl_edit_email_time', 3 * 24 * 60 * 60)) {
$this->throwMsg(-11);
}
$user->getMeta()->delete(['edit_email_add', 'edit_email_time', 'edit_email_code']);
$user->set(['email' => $email]);
}
header("Cache-Control: no-cache, must-revalidate");
header("Pragma: no-cache");
$post = $req->post('s');
foreach (['title', 'desc', 'url', 'email', 'static_url'] as $v) {
if (!isset($post[$v]) || empty($post[$v])) {
die("系统设置有空字段:" . $v);
}
}
$user = $req->post('u');
lib()->load('UserCheck');
if (!\ULib\UserCheck::CheckUsernameChar($user['name'])) {
die("用户名称检测错误");
}
$user['pwd'] = \ULib\UserCheck::MakeHashChar($user['pwd']);
$user['email'] = $post['email'];
if (!\ULib\UserCheck::CheckEmailChar($user['email'])) {
die("管理员邮箱格式不正确");
}
$option_setting = str_replace(['{title}', '{desc}', '{url}', '{email}', '{static_url}'], [$post['title'], $post['desc'], $post['url'], $post['email'], $post['static_url']], $option_setting);
$pdo = $sql->getWriter();
$pdo->exec("delete from `options` where `id` > 0");
$pdo->exec("alter table `options` auto_increment=1;");
$pdo->exec($option_setting);
lib()->load('UserRegister', 'UserCheck', 'User');
hook()->add('UserRegister_Captcha', function () {
//通过钩子去掉用户注册验证码
return true;
});
hook()->add('MailTemplate_mailSend', function () {
//去掉发送邮件发送功能
return false;
/**
* POST登录
* @param string $account
* @param string $password
* @param string $captcha
* @param bool $save_status
*/
public function PostLogin($account, $password, $captcha, $save_status)
{
if (empty($account) || empty($password)) {
$this->throwMsg(-10);
}
$save_status = !empty($save_status);
if (!$this->Captcha($captcha)) {
//验证码检测
$this->throwMsg(-5);
}
$account = strtolower($account);
$password = strtolower($password);
$this->GetAccountUser($account);
lib()->load('UserCheck');
if (!UserCheck::CheckPasswordChar($password)) {
$this->throwMsg(-3);
}
$ip = Ip::getInstance();
$max_error_count = hook()->apply("UserLogin_max_error_count", 6);
$now_ip = $ip->realip();
if ($max_error_count <= $this->user->getErrorLoginCount() && $ip->fill($now_ip) === $ip->fill($this->user->getErrorLoginIp()) && explode(" ", $this->user->getErrorLoginTime())[0] == date("Y-m-d")) {
//登录被限制
$this->throwMsg(-8);
} else {
if (UserCheck::CreatePassword($password, $this->user->getSalt()) !== $this->user->getPassword()) {
//错误登录记录
$this->user->set(array("error_login_count" => 1 + $this->user->getErrorLoginCount(), 'error_login_time' => date("Y-m-d H:i:s"), 'error_login_ip' => $now_ip));
if ($this->user->getErrorLoginCount() >= $max_error_count) {
hook()->apply("UserLogin_PostLogin_restrictions", NULL, $this->user);
}
$this->throwMsg(-4);
} else {
if (in_array($this->user->getStatus(), [0, 1, 2])) {
if ($this->user->getErrorLoginCount() > 0) {
//错误登录清零
$this->user->set(array("error_login_count" => 0));
}
} else {
//登录受限制,无法登录
$this->throwMsg(-9);
}
}
}
try {
//登录成功后的COOKIE设置
if (strlen($this->user->getCookieLogin()) < 10) {
$this->user->set(array("cookie_login" => salt_hash(time() . $this->user->getEmail(), salt(20))));
}
if ($save_status) {
cookie()->set("UserLogin", $this->user->getId() . "\t" . $this->user->getCookieLogin(), hook()->apply("UserLogin_PostLogin_CookieTime", time() + 60 * 60 * 24 * 7));
} else {
cookie()->set("UserLogin", $this->user->getId() . "\t" . $this->user->getCookieLogin());
}
} catch (\Exception $ex) {
$this->throwMsg(-6);
}
try {
//最后登录信息
self::setLastLoginInfo($this->user);
} catch (\Exception $ex) {
$this->code = -7;
}
hook()->apply('UserLogin_PostLogin_Success', NULL, $this->user);
}
/**
* @param $list array
* @throws \Exception
*/
public function set($list)
{
$data = [];
$update = [];
foreach ($list as $name => $value) {
$name = trim($name);
if ($name !== 'id' && in_array($name, self::$column_list)) {
$data[$name] = $value;
$update["user_" . $name] = $value;
if (substr($name, -3) === '_ip') {
$update["user_" . $name] = Ip::getInstance()->ip2bin($value);
}
}
}
lib()->load('UserCheck');
if (isset($update['user_aliases']) && empty($update['user_aliases'])) {
throw new \Exception(_("Aliases can't set empty."));
}
if (isset($update['user_email']) && !UserCheck::CheckEmailChar($update['user_email'])) {
throw new \Exception(_("Email verify check Error"));
}
if (isset($update['user_name']) && !UserCheck::CheckUsernameChar($update['user_name'])) {
throw new \Exception(_("Username verify check Error"));
}
if (isset($update['user_password']) && !UserCheck::CheckPasswordChar($update['user_password'])) {
throw new \Exception(_("Password verify check Error"));
}
if (isset($update['user_url']) && $update['user_url'] != "" && !filter_var($update['user_url'], FILTER_VALIDATE_URL)) {
throw new \Exception(_("Url check error"));
}
if (count($update) > 0) {
if (db()->update("users", $update, ['id' => $this->id]) === false) {
throw new \Exception(_("Can't update User info.") . debug("SQL msg:" . implode(",", db()->error()['write'])));
}
foreach ($data as $n => $v) {
$this->{$n} = $v;
}
}
}
/**
* 根据明文创建一个可供表单提交的HASH密码
* @param $str
*/
public function make_hash_char($str = NULL)
{
lib()->load('UserCheck');
$str = trim($str);
if (empty($str)) {
$this->rt_msg['msg'] = "提交的字符有误";
} else {
$this->rt_msg['status'] = true;
$this->rt_msg['content'] = UserCheck::MakeHashChar($str);
}
}
