public function setMailOfForgot($mail)
{
$verify = XiiToken::get([self::$_forgotMailField => $mail]);
$verify_url = Yii::$app->request->getHostInfo() . Yii::$app->request->getUrl() . '/?' . self::$_forgotMailField . '=' . $mail . '&' . self::$_forgotVerifyField . '=' . $verify;
$verify_url = str_replace('/forgotpwd', '/verifyforgot', $verify_url);
$mail = ['to' => $mail, 'from' => '*****@*****.**', 'subject' => '忘记密码邮件,感谢使用基于XiiBackend开发的网站', 'body' => date('Y-m-d H:i:s', time()) . $verify_url];
return $mail;
}
public function checkToken()
{
/*
API与验证码处于同一YII中,API请求验证码可以这样获取:
XiiToken::accessApi();
Array ( [API_TOKEN] => 7923c897b6fcde20380f3e1439262579 )
如果不是同一YII配置,确保XiiToken设置一致即可
*/
$para = [XIIS_PARAMS_CONF_TOKEN => $this->_requestValidData[XIIS_PARAMS_CONF_TOKEN]];
$valid = XiiToken::verify($para);
if ($valid !== true) {
self::sendError($valid);
}
}
public static function run($para, $usetoken = true)
{
self::init();
$ch = curl_init();
if (isset($para[self::XII_PARAMS_USERAGENT]) && !empty($para[self::XII_PARAMS_USERAGENT])) {
curl_setopt($ch, CURLOPT_USERAGENT, $para[self::XII_PARAMS_USERAGENT]);
} else {
curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/4.0 (compatible; MSIE 5.01; Windows NT 5.0)");
}
if (isset($para[XIIS_PARAMS_URL]) && !empty($para[XIIS_PARAMS_URL])) {
curl_setopt($ch, CURLOPT_URL, $para[XIIS_PARAMS_URL]);
} else {
return [XIIS_FEEDBACK_STATUS => false, XIIS_FEEDBACK_CODE => 0, XIIS_FEEDBACK_MSG => XIIS_PARAMS_URL . ' is null!'];
}
if (isset($para[self::XII_PARAMS_REF_URL]) && !empty($para[self::XII_PARAMS_REF_URL])) {
curl_setopt($ch, CURLOPT_REFERER, $para[self::XII_PARAMS_REF_URL]);
}
if (!isset($para[XIIS_PARAMS_DATA])) {
if (!self::$_allowEmptyData) {
return [XIIS_FEEDBACK_STATUS => false, XIIS_FEEDBACK_CODE => 0, XIIS_FEEDBACK_MSG => XIIS_PARAMS_DATA . ' is not find!'];
}
$para[XIIS_PARAMS_DATA] = [];
} else {
if (!is_array($para[XIIS_PARAMS_DATA])) {
return [XIIS_FEEDBACK_STATUS => false, XIIS_FEEDBACK_CODE => 0, XIIS_FEEDBACK_MSG => XIIS_PARAMS_DATA . ' must be array!'];
}
}
if ($usetoken) {
$token = XiiToken::accessApi();
$para[XIIS_PARAMS_DATA] = array_merge($para[XIIS_PARAMS_DATA], $token);
}
if (count($para[XIIS_PARAMS_DATA]) > 0) {
if (isset($para[XIIS_PARAMS_METHOD]) && !empty($para[XIIS_PARAMS_METHOD]) && in_array(strtoupper($para[XIIS_PARAMS_METHOD]), array('PUT', 'DELETE', 'POST'))) {
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, strtoupper($para[XIIS_PARAMS_METHOD]));
//curl_setopt($ch, CURLOPT_HTTPHEADER, array("X-HTTP-Method-Override: " . strtoupper($para[XIIS_PARAMS_METHOD])));
$para[XIIS_PARAMS_DATA] = http_build_query($para[XIIS_PARAMS_DATA]);
curl_setopt($ch, CURLOPT_POSTFIELDS, $para[XIIS_PARAMS_DATA]);
} else {
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'GET');
//curl_setopt($ch, CURLOPT_HTTPHEADER, array("X-HTTP-Method-Override: POST"));
$para[XIIS_PARAMS_DATA] = http_build_query($para[XIIS_PARAMS_DATA]);
curl_setopt($ch, CURLOPT_URL, $para[XIIS_PARAMS_URL] . '?' . $para[XIIS_PARAMS_DATA]);
}
} else {
if (!self::$_allowEmptyData) {
return [XIIS_FEEDBACK_STATUS => false, XIIS_FEEDBACK_CODE => 0, XIIS_FEEDBACK_MSG => XIIS_PARAMS_DATA . ' is null!'];
}
}
$timeout = isset($para[self::XII_PARAMS_TIMEOUT]) && !empty($para[self::XII_PARAMS_TIMEOUT]) ? intval($para[self::XII_PARAMS_TIMEOUT]) : 10;
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $timeout);
curl_setopt($ch, CURLOPT_TIMEOUT, $timeout);
if (isset($para[self::XII_PARAMS_SET]) && !empty($para[self::XII_PARAMS_SET])) {
foreach ($para[self::XII_PARAMS_SET] as $k => $v) {
curl_setopt($ch, $k, $v);
}
}
if (isset($para[self::XII_PARAMS_INFO])) {
$result = curl_exec($ch);
$info = curl_getinfo($ch);
curl_close($ch);
return [XIIS_FEEDBACK_STATUS => true, XIIS_FEEDBACK_CODE => 1, XIIS_FEEDBACK_DATA => $info];
} else {
$result = curl_exec($ch);
curl_close($ch);
if (XiiUtil::isJson($result)) {
$tmp = Json::decode($result);
if (isset($tmp[XIIS_FEEDBACK_DATA][XiiToken::getIndex()])) {
if (!XiiToken::verify($tmp[XIIS_FEEDBACK_DATA])) {
return [XIIS_FEEDBACK_STATUS => false, XIIS_FEEDBACK_CODE => 0, XIIS_FEEDBACK_MSG => 'Response data be modify!'];
}
}
}
return [XIIS_FEEDBACK_STATUS => true, XIIS_FEEDBACK_CODE => 1, XIIS_FEEDBACK_DATA => $result];
}
}
public function actionVerifyforgot()
{
if (isset($this->_requestData[self::$_forgotMailField]) && !empty($this->_requestData[self::$_forgotMailField])) {
$para[self::$_forgotMailField] = $this->_requestData[self::$_forgotMailField];
} else {
self::sendError(EC_BACKEND_VERIFYFORGOT_NO_MAIL);
}
if (isset($this->_requestData[self::$_forgotVerifyField]) && !empty($this->_requestData[self::$_forgotVerifyField])) {
$para[XIIS_PARAMS_CONF_TOKEN] = $this->_requestData[self::$_forgotVerifyField];
} else {
self::sendError(EC_BACKEND_VERIFYFORGOT_NO_VERIFY);
}
$verify = XiiToken::verify($para, self::$_regMailTimeLimit);
if ($verify === true) {
$para = [self::$_forgotMailField => $para[self::$_forgotMailField]];
$feedback = $this->_authModel->getOne([XIIS_PARAMS_CONDITION => $para]);
$user = reset($feedback[XIIS_FEEDBACK_DATA]);
$jwt_data = self::generateJwt($user);
$jwt = $jwt_data[XIIS_FEEDBACK_DATA][XIIS_PARAMS_CONF_JWT];
$this->redirect(self::$_forgotJumpUrl . '?' . XIIS_PARAMS_CONF_JWT . '=' . $jwt);
} else {
$this->redirect(self::$_forgotJumpUrl . '?' . self::$_forgotCodeField . '=' . $verify);
}
}
private static function doEncrypt()
{
if (Yii::$app->response->format == Response::FORMAT_JSON) {
if (isset(self::$_outputData[XIIS_FEEDBACK_DATA]) && !empty(self::$_outputData[XIIS_FEEDBACK_DATA])) {
if (!is_array(self::$_outputData[XIIS_FEEDBACK_DATA])) {
self::$_outputData[XIIS_FEEDBACK_DATA] = [self::$_outputData[XIIS_FEEDBACK_DATA]];
}
self::$_outputData[XIIS_FEEDBACK_DATA][XiiToken::getIndex()] = XiiToken::get(self::$_outputData[XIIS_FEEDBACK_DATA]);
}
}
}