/** * 登录检查输入 * * @param string $username * @return array */ public function checkInput($username) { $r = array(); //手机号码登录 if (PwUserValidator::isMobileValid($username) === true && in_array(4, $this->loginConfig['ways'])) { $mobileInfo = Wekit::load('user.PwUserMobile')->getByMobile($username); if (!$mobileInfo) { return array(); } $r = $this->_getWindid()->getUser($mobileInfo['uid'], 1); } //UID登录 if (!$r && is_numeric($username) && in_array(1, $this->loginConfig['ways'])) { $r = $this->_getWindid()->getUser($username, 1); } //email登录 if (!$r && WindValidator::isEmail($username) && in_array(2, $this->loginConfig['ways'])) { $r = $this->_getWindid()->getUser($username, 3); } //用户名登录 if (!$r && in_array(3, $this->loginConfig['ways'])) { $r = $this->_getWindid()->getUser($username, 2); } return $r; }
protected function filterConditionData() { if (!isset($this->_data['conditions'])) { return true; } $condition = $this->_data['conditions']; if (!$condition || !is_array($condition)) { return new PwError('TASK:condition.require'); } if (!$condition['tid']) { return new PwError('TASK:condition.reply.tid.require'); } if (!WindValidator::isNonNegative($condition['tid'])) { return new PwError('TASK:condition.reply.tid.isNonNegative'); } if (!$condition['num']) { return new PwError('TASK:condition.reply.num.require'); } if (!WindValidator::isNonNegative($condition['num'])) { return new PwError('TASK:condition.reply.num.isNonNegative'); } $condition['num'] = ceil($condition['num']); $url = $condition['url']; unset($condition['url']); $this->_data['conditions']['num'] = $condition['num']; $this->_data['conditions']['url'] = $this->getReplace($condition, $url); $this->_data['conditions'] = serialize($this->_data['conditions']); return true; }
/** * 获得登录用户信息 * * @param string $username 登录输入 * @param string $password 密码 * @param string $ip 尝试的IP地址 * @param boolean $checkQ 是否验证安全问题 * @param string $safeQuestion 安全问题 * @param string $safeAnswer 安全问题答案 * @return array */ public function auth($username, $password, $ip = '', $checkQ = false, $safeQuestion = '', $safeAnswer = '') { $r = array(-14, array()); //手机号码登录 if (PwUserValidator::isMobileValid($username) === true && in_array(4, $this->loginConfig['ways'])) { $mobileInfo = Wekit::load('user.PwUserMobile')->getByMobile($username); if (!$mobileInfo) { return $this->checkVerifyResult(-1, array()); } $r = $this->_getWindid()->login($mobileInfo['uid'], $password, 1, $checkQ, $safeQuestion, $safeAnswer); } //UID登录 if ($r[0] == -14 && is_numeric($username) && in_array(1, $this->loginConfig['ways'])) { $r = $this->_getWindid()->login($username, $password, 1, $checkQ, $safeQuestion, $safeAnswer); } //email登录 if ($r[0] == -14 && WindValidator::isEmail($username) && in_array(2, $this->loginConfig['ways'])) { $r = $this->_getWindid()->login($username, $password, 3, $checkQ, $safeQuestion, $safeAnswer); } //用户名登录 if ($r[0] == -14 && in_array(3, $this->loginConfig['ways'])) { $r = $this->_getWindid()->login($username, $password, 2, $checkQ, $safeQuestion, $safeAnswer); } return $this->checkVerifyResult($r[0], $r[1]); }
/** * 显示错误 * * @param string $error 消息信息 * @param string $referer 跳转地址 * @param boolean $referer 是否刷新页面 */ protected function showError($error = '', $referer = '', $refresh = false) { if ($referer && !WindValidator::isUrl($referer)) { $_referer = explode('#', $referer, 2); $referer = WindUrlHelper::createUrl($_referer[0], array(), isset($_referer[1]) ? $_referer[1] : ''); } $this->addMessage($referer, 'referer'); $this->addMessage($refresh, 'refresh'); parent::showMessage($error); }
/** * 添加激活码 * * @param int $uid 用户ID * @param string $email 发送激活码的Email * @param string $code 激活码 * @param int $time 发送激活码时间 * @param int $typeid 激活码类型 * @return mixed */ public function addActiveCode($uid, $email, $code, $time, $typeid = self::REGIST) { if (($uid = intval($uid)) <= 0) { return new PwError('USER:illegal.id'); } if (!WindValidator::isEmail($email)) { return new PwError('USER:user.error.-7'); } $data = array('uid' => $uid, 'email' => $email, 'code' => $code, 'send_time' => $time, 'typeid' => $typeid); return $this->getDao()->insert($data); }
public function checkReward($reward) { if (!$reward['num']) { return new PwError('TASK:reward.credit.num.require'); } if (!WindValidator::isNonNegative($reward['num'])) { return new PwError('TASK:reward.credit.num.isNonNegative'); } $reward['num'] = ceil($reward['num']); return parent::checkReward($reward); }
/** * 显示错误 * * @param string $error 消息信息 * @param string $referer 跳转地址 * @param boolean $referer 是否刷新页面 */ protected function showError($error = '', $referer = '', $refresh = false) { if ($referer && !WindValidator::isUrl($referer)) { $_referer = explode('#', $referer, 2); $referer = WindUrlHelper::createUrl($_referer[0], array(), isset($_referer[1]) ? $_referer[1] : ''); } $this->errorMessage->addError($referer, 'referer'); $this->errorMessage->addError($refresh, 'refresh'); $this->errorMessage->addError($error); //$errorAction && $this->getErrorMessage()->setErrorAction($errorAction); $this->errorMessage->sendError(); }
public function checkReward($reward) { if (!$reward['time']) { return new PwError('TASK:reward.group.num.require'); } if (!WindValidator::isNonNegative($reward['time'])) { return new PwError('TASK:reward.group.num.isNonNegative'); } $reward['time'] = ceil($reward['time']); if ($reward['time'] <= 0) { return new PwError('TASK:reward.group.num.isNonNegative'); } return parent::checkReward($reward); }
/** * 获取注册的信息 * * @return PwUserInfoDm */ private function _getUserDm() { list($username, $password, $repassword, $email, $aliww, $qq, $msn, $mobile, $mobileCode, $hometown, $location, $question, $answer, $regreason, $code) = $this->getInput(array('username', 'password', 'repassword', 'email', 'aliww', 'qq', 'msn', 'mobile', 'mobileCode', 'hometown', 'location', 'question', 'answer', 'regreason', 'code'), 'post'); // 验证输入 Wind::import('Wind:utility.WindValidator'); $config = $this->_getRegistConfig(); if (!$username) { $this->showError('USER:user.error.-1', 'u/register/run'); } if (!$password) { $this->showError('USER:pwd.require', 'u/register/run'); } if (!$email) { $this->showError('USER:user.error.-6', 'u/register/run'); } if (!WindValidator::isEmail($email)) { $this->showError('USER:user.error.-7', 'u/register/run'); } foreach ($config['active.field'] as $field) { if (!$this->getInput($field, 'post')) { $this->showError('USER:register.error.require.needField.' . $field, 'u/register/run'); } } if ($config['active.check'] && !$regreason) { $this->showError('USER:register.error.require.regreason', 'u/register/run'); } if ($config['active.phone']) { !PwUserValidator::isMobileValid($mobile) && $this->showError('USER:error.mobile', 'u/register/run'); if (($mobileCheck = Wekit::load('mobile.srv.PwMobileService')->checkVerify($mobile, $mobileCode)) instanceof PwError) { $this->showError($mobileCheck->getError()); } } if ($repassword != $password) { $this->showError('USER:user.error.-20', 'u/register/run'); } if (in_array('register', (array) Wekit::C('verify', 'showverify'))) { $veryfy = Wekit::load("verify.srv.PwCheckVerifyService"); if (false === $veryfy->checkVerify($code)) { $this->showError('USER:verifycode.error', 'u/register/run'); } } Wind::import('SRC:service.user.dm.PwUserInfoDm'); $userDm = new PwUserInfoDm(); $userDm->setUsername($username); $userDm->setPassword($password); $userDm->setEmail($email); $userDm->setRegdate(Pw::getTime()); $userDm->setLastvisit(Pw::getTime()); $userDm->setRegip(Wind::getComponent('request')->getClientIp()); $userDm->setAliww($aliww); $userDm->setQq($qq); $userDm->setMsn($msn); $userDm->setMobile($mobile); $userDm->setMobileCode($mobileCode); $userDm->setQuestion($question, $answer); $userDm->setRegreason($regreason); $areaids = array($hometown, $location); if ($areaids) { $srv = WindidApi::api('area'); $areas = $srv->fetchAreaInfo($areaids); $userDm->setHometown($hometown, isset($areas[$hometown]) ? $areas[$hometown] : ''); $userDm->setLocation($location, isset($areas[$location]) ? $areas[$location] : ''); } return $userDm; }
/** * 检查用户邮箱 * * @param string $email 待检查的邮箱 * @return boolean|int */ private static function isEmailValid($email) { if (!$email) { return new WindidError(WindidError::EMAIL_EMPTY); } if (false === WindValidator::isEmail($email)) { return new WindidError(WindidError::EMAIL_ILLEGAL); } if (self::getConfig('emailverifytype') == 1 && !self::_inEmailWhiteList($email)) { return new WindidError(WindidError::EMAIL_WHITE_LIST); } if (self::getConfig('emailverifytype') == 2 && self::_inEmailBlackList($email)) { return new WindidError(WindidError::EMAIL_BLACK_LIST); } return true; }
/** * 过滤id列表 * * @param array|int $id id列表 * @return array */ private function _filterIds($id) { !is_array($id) && ($id = array($id)); $clearIds = array(); foreach ($id as $item) { if (WindValidator::isPositive($item)) { $clearIds[] = $item; } } return $clearIds; }
/** * 编辑email * * @param int $uid 用户id * @param int $email email * @return boolean|PwError */ public function updateEmail($uid, $email) { $userBo = new PwUserBo(intval($uid)); if (!$userBo->isExists()) { return $this->buildResponse(USER_NOT_EXISTS); } if (!$email || WindValidator::isEmail($email) !== true) { return $this->buildResponse(USER_INVALID_PARAMS); } Wind::import('SRC:service.user.dm.PwUserInfoDm'); $userDm = new PwUserInfoDm($uid); $userDm->setEmail($email); $result = $this->getUser()->editUser($userDm, PwUser::FETCH_MAIN); if ($result instanceof PwError) { return $this->buildResponse(-1, $result->getError()); } return $this->buildResponse(0, $result); }
/** * 编辑email * * @param int $uid 用户id * @param int $email email * @return boolean|PwError */ public function updateEmail($uid, $email) { $uid = intval($uid); if ($uid < 1) { return $this->buildResponse(USER_INVALID_PARAMS, "参数错误"); } $loginUser = Wekit::getLoginUser(); if ($loginUser['uid'] == 0) { return $this->buildResponse(USER_NOT_LOGIN, "用户未登录"); } if (!$email || WindValidator::isEmail($email) !== true) { return $this->buildResponse(USER_INVALID_PARAMS, "参数错误"); } Wind::import('SRC:service.user.dm.PwUserInfoDm'); $userDm = new PwUserInfoDm($uid); $userDm->setEmail($email); $result = $this->getUser()->editUser($userDm, PwUser::FETCH_MAIN); if ($result instanceof PwError) { return $this->buildResponse(-1, $result->getError()); } return $this->buildResponse(0, array('uid' => $uid)); }
/** * 注册帐号 * @access public * @return void * @example <pre> /index.php?m=native&c=user&a=doRegister&os=android <br> os可以是android或者ios <br> post: username&password&repassword&email&code response: {err:"",data:""} </pre> */ public function doRegisterAction() { list($username, $password, $email, $code) = $this->getInput(array('username', 'password', 'email', 'code')); // 验证输入 Wind::import('Wind:utility.WindValidator'); $config = $this->_getRegistConfig(); if (!$username) { $this->showError('USER:user.error.-1'); } if (!$password) { $this->showError('USER:pwd.require'); } if (!$email) { $this->showError('USER:user.error.-6'); } if (!WindValidator::isEmail($email)) { $this->showError('USER:user.error.-7'); } foreach ($config['active.field'] as $field) { if (!$this->getInput($field, 'post')) { $this->showError('USER:register.error.require.needField.' . $field); } } if ($config['active.check'] && !$regreason) { $this->showError('USER:register.error.require.regreason'); } if ($this->_showVerify()) { $veryfy = $this->_getVerifyService(); if ($veryfy->checkVerify($code) !== true) { $this->showError('USER:verifycode.error'); } } Wind::import('SRC:service.user.dm.PwUserInfoDm'); $userDm = new PwUserInfoDm(); $userDm->setUsername($username); $userDm->setPassword($password); $userDm->setEmail($email); $userDm->setRegdate(Pw::getTime()); $userDm->setLastvisit(Pw::getTime()); $userDm->setRegip(Wind::getComponent('request')->getClientIp()); $userDm->setAliww($aliww); $userDm->setQq($qq); $userDm->setMsn($msn); $userDm->setMobile($mobile); $userDm->setMobileCode($mobileCode); $userDm->setQuestion($question, $answer); $userDm->setRegreason($regreason); $areaids = array($hometown, $location); if ($areaids) { $srv = WindidApi::api('area'); $areas = $srv->fetchAreaInfo($areaids); $userDm->setHometown($hometown, isset($areas[$hometown]) ? $areas[$hometown] : ''); $userDm->setLocation($location, isset($areas[$location]) ? $areas[$location] : ''); } // $registerService = new PwRegisterService(); $registerService->setUserDm($userDm); /*[u_regsiter]:插件扩展*/ $this->runHook('c_register', $registerService); if (($info = $registerService->register()) instanceof PwError) { $this->showError($info->getError()); } else { $laiwangOK = PwLaiWangSerivce::registerUser($info['uid'], $info['password'], $info['username'], '', 1); // if (1 == Wekit::C('register', 'active.mail')) { $this->showMessage('USER:active.sendemail.success'); } else { $this->uid = $info['uid']; $this->setOutput($this->_getUserInfo($laiwangOK), 'data'); $this->showMessage('USER:register.success'); } } }
/** * 获得登录用户信息 * * @param string $username 用户名 * @param string $password 密码 * @param boolean $checkQ 是否验证安全问题 * @param string $safeQuestion 安全问题 * @param string $safeAnswer 安全问题答案 * @return array */ public function auth($username, $password, $checkQ = false, $safeQuestion = '', $safeAnswer = '') { $r = array(-14, array()); //手机号码登录 if (PwUserValidator::isMobileValid($username) === true && in_array(4, $this->loginConfig['ways'])) { $mobileInfo = Wekit::load('user.PwUserMobile')->getByMobile($username); if (!$mobileInfo) { return array(-1, array()); } $r = $this->_getWindid()->login($mobileInfo['uid'], $password, 1, $checkQ, $safeQuestion, $safeAnswer); } //UID登录 if ($r[0] == -14 && is_numeric($username) && in_array(1, $this->loginConfig['ways'])) { $r = $this->_getWindid()->login($username, $password, 1, $checkQ, $safeQuestion, $safeAnswer); } //email登录 if ($r[0] == -14 && WindValidator::isEmail($username) && in_array(2, $this->loginConfig['ways'])) { $r = $this->_getWindid()->login($username, $password, 3, $checkQ, $safeQuestion, $safeAnswer); } //用户名登录 if ($r[0] == -14 && in_array(3, $this->loginConfig['ways'])) { $r = $this->_getWindid()->login($username, $password, 2, $checkQ, $safeQuestion, $safeAnswer); } switch ($r[0]) { case 1: //用户信息正常 return array(1, $r[1]); case -13: //用户密码错误 return array(-2, $r[1]); case -20: //用户安全问题错误 return array(-3, $r[1]); case -14: //用户不存在 //用户不存在 default: return array(-1, array()); } }
/** * 判断用户是否可以购买邀请码 * * @param PwUserBo $user 购买的用户 * @param int $num 购买的数量 * @param int $creditType 用于购买的积分类型 * @return boolean|PwError */ public function allowBuyInviteCode(PwUserBo $user, $num, $creditType) { if (!WindValidator::isPositive($num)) { return new PwError('USER:invite.buy.num.error'); } $num = intval($num); //用户组能购买的邀请码数量限制 $startTime = Pw::str2time(Pw::time2str(Pw::getTime(), 'Y-m-d')); $readyBuy = $this->_getDs()->countByUidAndTime($user->uid, $startTime); $gidLimit = abs(ceil($user->getPermission('invite_limit_24h'))); if ($readyBuy + $num > $gidLimit) { return new PwError('USER:invite.buy.num.24h.limit', array('{num}' => $gidLimit, '{readynum}' => $readyBuy)); } $price = abs(ceil($user->getPermission('invite_buy_credit_num'))); if ($price * $num > $user->getCredit($creditType)) { return new PwError('USER:invite.buy.credit.no.enough', array('{num}' => $user->getCredit($creditType), '{buynum}' => $num)); } return true; }
/** * 检查转换数据 * * @return boolean|PwError */ private function check() { if ($this->_data['groups']) { $this->_data['groups'] = implode(',', $this->_data['groups']); } //【用户资料验证】手机号码格式验证 if (($_tmp = $this->getField('mobile')) && true !== ($r = PwUserValidator::isMobileValid($_tmp))) { return $r; } //【用户资料验证】固定电话号码格式验证 if (($_tmp = $this->getField('telphone')) && true !== ($r = PwUserValidator::isTelPhone($_tmp))) { return $r; } //【用户资料验证】邮编格式验证 if (($_tmp = $this->getField('zipcode')) && false === WindValidator::isZipcode($_tmp)) { return new PwError('USER:error.zipcode'); } //【用户资料验证】个人主页长度限制 if (($_tmp = $this->getField('homepage')) && (false === WindValidator::isUrl($_tmp) || true === WindValidator::isLegalLength($_tmp, 200))) { return new PwError('USER:error.homepage'); } //【用户资料验证】自我简介长度限制 if (($_tmp = $this->getField('profile')) && true === WindValidator::isLegalLength($_tmp, 250)) { return new PwError('USER:error.profile.length', array('{length}' => 250)); } //TODO【用户资料验证】BBS签名验证长度判断----后台权限设置 /* if (($_tmp = $this->getField('bbs_sign')) && (true === WindValidator::isLegalLength($_tmp, 500))) { return new PwError('USER:error.bbs_sign.length', array('{length}' => 500)); } */ return true; }
/** * 检查邮箱地址合法性 */ public function checkMailFormatAction() { if (!WindValidator::isEmail($this->getInput('email', 'post'))) { $this->showError('USER:user.error.-7'); } else { $this->showMessage(); } }
/** * 创建数据库 */ public function databaseAction() { $keys = array('dbhost', 'dbuser', 'dbname', 'dbprefix', 'manager', 'manager_pwd', 'manager_ckpwd', 'manager_email', 'dbpw', 'engine'); $input = $this->getInput($keys, 'post'); $force = $this->getInput('force'); $input = array_combine($keys, $input); foreach ($input as $k => $v) { if (!in_array($k, array('dbpw', 'engine')) && empty($v)) { $this->showError("INSTALL:input_empty_{$k}"); } } if ($input['manager_pwd'] !== $input['manager_ckpwd']) { $this->showError('INSTALL:manager_pwd.eque.ckpwd'); } if (!preg_match('/^[\\x7f-\\xff\\dA-Za-z\\.\\_]+$/', $input['manager'])) { $this->showError('INSTALL:founder.name.error'); } $usernameLen = Pw::strlen($input['manager']); $passwordLen = Pw::strlen($input['manager_pwd']); if ($usernameLen < 1 || $usernameLen > 15 || $passwordLen < 1 || $passwordLen > 25) { $this->showError('INSTALL:founder.init.fail'); } if (false === WindValidator::isEmail($input['manager_email'])) { $this->showError('INSTALL:founder.init.email.error'); } list($input['dbhost'], $input['dbport']) = explode(':', $input['dbhost']); $input['dbport'] = !empty($input['dbport']) ? intval($input['dbport']) : 3306; if (!empty($input['engine'])) { $input['engine'] = strtoupper($input['engine']); !in_array($input['engine'], array('MyISAM', 'InnoDB')) && ($input['engine'] = 'MyISAM'); } else { $input['engine'] = 'MyISAM'; } $charset = Wind::getApp()->getResponse()->getCharset(); $charset = str_replace('-', '', strtolower($charset)); if (!in_array($charset, array('gbk', 'utf8', 'big5'))) { $charset = 'utf8'; } // 检测是否安装过了 Wind::import("WIND:db.WindConnection"); $dsn = 'mysql:host=' . $input['dbhost'] . ';port=' . $input['dbport']; try { $pdo = new WindConnection($dsn, $input['dbuser'], $input['dbpw']); $result = $pdo->query("SHOW DATABASES")->fetchAll(); foreach ($result as $v) { if ($v['Database'] == $input['dbname']) { $dbnameExist = true; break; } } if ($dbnameExist) { $result = $pdo->query("SHOW TABLES FROM `{$input['dbname']}`")->rowCount(); empty($result) && ($dbnameExist = false); } } catch (PDOException $e) { $error = $e->getMessage(); $this->showError($error, false); } if ($dbnameExist && !$force) { $this->showError('INSTALL:have_install', true, 'index/database', true); } if (!$dbnameExist) { try { $pdo = new WindConnection($dsn, $input['dbuser'], $input['dbpw']); $pdo->query("CREATE DATABASE IF NOT EXISTS `{$input['dbname']}` DEFAULT CHARACTER SET {$charset}"); } catch (PDOException $e) { $error = $e->getMessage(); $this->showError($error, false); } } $pdo->close(); if (!$this->_checkWriteAble($this->_getDatabaseFile())) { $this->showError('INSTALL:error_777_database'); } if (!$this->_checkWriteAble($this->_getFounderFile())) { $this->showError('INSTALL:error_777_founder'); } $database = array('dsn' => 'mysql:host=' . $input['dbhost'] . ';dbname=' . $input['dbname'] . ';port=' . $input['dbport'], 'user' => $input['dbuser'], 'pwd' => $input['dbpw'], 'charset' => $charset, 'tableprefix' => $input['dbprefix'], 'engine' => $input['engine'], 'founder' => array('manager' => $input['manager'], 'manager_pwd' => $input['manager_pwd'], 'manager_email' => $input['manager_email'])); WindFile::savePhpData($this->_getTempFile(), $database); $arrSQL = array(); foreach ($this->wind_data as $file) { $file = Wind::getRealPath("APPS:install.lang.{$file}", true); if (!WindFile::isFile($file)) { continue; } $content = WindFile::read($file); if (!empty($content)) { $arrSQL = array_merge_recursive($arrSQL, $this->_sqlParser($content, $charset, $input['dbprefix'], $input['engine'])); } } WindFile::savePhpData($this->_getTableSqlFile(), $arrSQL['SQL']); WindFile::write($this->_getTableLogFile(), implode('<wind>', $arrSQL['LOG']['CREATE'])); $this->showMessage('success', false, 'index/table'); }