/** * 淘宝自动发货API * 创建卡号 * * @JSON */ public function createCard() { $CURR_KEY = $_SERVER['HTTP_AUTHORIZATION']; if (!$CURR_KEY) { header("HTTP/1.1 405 Method Not Allowed"); exit; } $KEY = Option::get('SYSTEM_API_KEY'); if ($KEY == null) { $KEY = password_hash(Utils::randomChar(12) . time(), PASSWORD_BCRYPT); Option::set('SYSTEM_API_KEY', $KEY); } $CURR_KEY = str_replace('Basic ', '', $CURR_KEY); $CURR_KEY = md5($CURR_KEY . ENCRYPT_KEY); $KEY = md5($KEY . ENCRYPT_KEY); if (strtoupper($KEY) == strtoupper($CURR_KEY)) { $card = new Card(); $card->card = substr(hash("sha256", time() . Utils::randomChar(10)) . time(), 1, 26); $card->add_time = time(); $card->type = intval(trim($_POST['type'])); $card->info = trim($_POST['info']); $card->status = 1; $card->save(); return array('error' => 0, 'message' => 'success', 'card' => $card); } else { return array('error' => 1, 'message' => 'Bad Request'); } }
/** * 修改 SS连接密码 * @JSON * @throws Error */ public function changeSSPwd() { $user = User::getUserByUserId(User::getCurrent()->uid); if ($_POST['sspwd'] != null) { $ssPwd = trim($_POST['sspwd']); if ($_POST['sspwd'] == '1') { $ssPwd = Utils::randomChar(8); } $user->sspwd = $ssPwd; $user->save(); $_SESSION['currentUser'] = $user; $result = array('error' => 0, 'message' => '修改SS连接密码成功', 'sspwd' => $ssPwd); return $result; } else { Template::putContext('user', $user); Template::setView("panel/changeSSPassword"); } }
/** * 修改 和 新增 卡号 * * @JSON */ public function update() { $result = array('error' => 1, 'message' => '请求错误'); $user = User::getCurrent(); if ($_POST['card_no'] != null && $_POST['card'] != null) { // 修改 $cardId = intval(trim($_POST['card'])); $card = MCard::queryCardById($cardId); if (!$card) { return $result; } $card->type = intval(trim($_POST['card_type'])); $card->info = htmlspecialchars(trim($_POST['card_info'])); $card->status = intval(trim($_POST['card_status'])); $card->expireTime = intval(trim($_POST['card_exp'])); $card->save(); $card->add_time = date("Y-m-d H:i:s", $card->add_time); if ($card->type == 0) { $card->type = "套餐卡"; } elseif ($card->type == 1) { $card->type = "流量卡"; } elseif ($card->type == 2) { $card->type = "试用延期卡"; } elseif ($card->type == 3) { $card->type = "余额卡"; } $card->status = $card->status == 1 ? "未用" : "已用"; $result['error'] = 0; $result['message'] = "修改卡号成功。"; $result['card'] = $card; return $result; } else { // 新增 $number = 1; if ($_POST['card_num'] != null) { $number = intval(trim($_POST['card_num'])); } $cardList = array(); for ($i = 0; $i < $number; ++$i) { $cardStr = substr(hash("sha256", $user->uid . Utils::randomChar(10)) . time(), 1, 26); $card = new MCard(); $card->add_time = time(); $card->card = $cardStr; $card->type = intval(trim($_POST['card_type'])); $card->info = htmlspecialchars(trim($_POST['card_info'])); $card->expireTime = intval(trim($_POST['card_exp'])); $card->status = 1; $card->save(); $card->add_time = date("Y-m-d H:i:s", $card->add_time); if ($card->type == 0) { $card->type = "套餐卡"; } elseif ($card->type == 1) { $card->type = "流量卡"; } elseif ($card->type == 2) { $card->type = "试用延期卡"; } elseif ($card->type == 3) { $card->type = "余额卡"; } $card->status = $card->status == 1 ? "未用" : "已用"; $cardList[] = $card; } $result['error'] = 0; $result['message'] = "新增卡号成功,共 {$number} 个。"; $result['card'] = $cardList; return $result; } }
/** * Add a invite * @param $uid * @param string $plan * @param bool $isTransfer * @return bool */ public static function addInvite($uid, $plan = 'A', $isTransfer = false) { $inviteStr = substr(hash("sha256", $uid . Utils::randomChar(10)), 0, 26) . $uid; $obj = new self(); $obj->inviteIp = Utils::getUserIP(); $obj->invite = $inviteStr; $obj->plan = $plan; $obj->uid = $uid; if ($isTransfer) { $user = User::getUserByUserId($uid); $user->transfer = $user->transfer - Utils::GB * 10; $user->invite_num = $user->invite_num - 1; $user->save(); } $result = $obj->save(); return $obj; }
/** * @JSON * @throws \Core\Error */ public function forgePwd() { $result = array('error' => 1, 'message' => '请求找回密码失败,请刷新页面重试。'); $siteName = SITE_NAME; if (isset($_POST['email']) && $_POST['email'] != '') { $user = User::getUserByEmail(htmlspecialchars(trim($_POST['email']))); if (!$user) { return $result; } if ($user->enable == 0) { $verify_code = json_decode($user->forgePwdCode, true)['verification']; if ($verify_code != null) { $result['message'] = '您的账户还未进行邮箱校验,请校验完毕后再试!'; return $result; } } $user->lastFindPasswdTime = time(); if ($user->lastFindPasswdCount != 0 && $user->lastFindPasswdCount > 2) { $result['message'] = '找回密码重试次数已达上限!'; return $result; } $code = Utils::randomChar(10); $forgePwdCode['code'] = $code; $forgePwdCode['time'] = time(); $user->forgePwdCode = json_encode($forgePwdCode); $content = Option::get('custom_mail_forgePassword_content'); $params = ['code' => $code, 'nickname' => $user->nickname, 'email' => $user->email, 'useTraffic' => Utils::flowAutoShow($user->flow_up + $user->flow_down), 'transfer' => Utils::flowAutoShow($user->transfer), 'expireTime' => date('Y-m-d H:i:s', $user->expireTime)]; $content = Utils::placeholderReplace($content, $params); $mailer = Mailer::getInstance(); $mail = new \Model\Mail(); $mail->to = $user->email; $mail->subject = "[" . SITE_NAME . "] Password Recovery"; $mail->content = $content; $mailer->toQueue(true); // 添加到邮件列队 $isOk = $mailer->send($mail); $user->save(); $result['uid'] = $user->uid; if ($isOk) { $result['message'] = '验证代码已经发送到该注册邮件地址,请注意查收!<br/>请勿关闭本页面,您还需要验证码来验证您的账户所有权才可重置密码!!'; $result['error'] = 0; } else { $result['message'] = '邮件发送失败, 请联系管理员检查邮件系统设置!'; $result['error'] = 1; } return $result; } else { if ($_POST['code'] != '' && $_POST['uid'] != '') { $uid = $_POST['uid']; $code = trim($_POST['code']); $user = User::GetUserByUserId(trim($uid)); $forgePwdCode = json_decode($user->forgePwdCode, true); // forgePwdCode.length > 1 且 验证码一样 且 时间不超过600秒(10分钟) if (count($forgePwdCode) > 1 && $forgePwdCode['code'] == $code && time() - intval($forgePwdCode['time']) < 600) { $newPassword = Utils::randomChar(10); $user->setPassword($newPassword); $user->lastFindPasswdCount = 0; $user->lastFindPasswdTime = 0; $user->save(); $content = Option::get('custom_mail_forgePassword_content_2'); $params = ['code' => $code, 'newPassword' => $newPassword, 'nickname' => $user->nickname, 'email' => $user->email, 'useTraffic' => Utils::flowAutoShow($user->flow_up + $user->flow_down), 'transfer' => Utils::flowAutoShow($user->transfer), 'expireTime' => date('Y-m-d H:i:s', $user->expireTime)]; $content = Utils::placeholderReplace($content, $params); $mailer = Mailer::getInstance(); $mail = new \Model\Mail(); $mail->to = $user->email; $mail->subject = "[" . SITE_NAME . "] Your new Password"; $mail->content = $content; $mailer->toQueue(true); // 添加到邮件列队 $isOk = $mailer->send($mail); if ($isOk) { $result['message'] = '新密码已经发送到该账户邮件地址,请注意查收!<br/> 并且请在登录后修改密码!'; $result['error'] = 0; } else { $result['message'] = '邮件发送失败, 请联系管理员检查邮件系统设置!'; $result['error'] = 1; } } else { $result['message'] = '验证码已经超时或者 验证码填写不正确。请再次确认'; $result['error'] = -1; } return $result; } else { Template::putContext('user', User::getCurrent()); Template::setView('panel/forgePwd'); } } return $result; }