/** * * 重置密码发送验证码接口 ... */ public function rePasswordSendSms() { $memberId = 0; if ($memberName = trimall($this->input['member_name'])) { if (hg_check_email_format($memberName)) { $this->errorOutput('请填写正确的用户名'); } if (hg_verify_mobile($memberName)) { $memberId = $this->Members->get_member_id($memberName, false, false, 'shouji'); if ($memberId) { $isMobile = 1; $platform_id = $memberName; } } if (!$memberId) { $memberId = $this->Members->get_member_id($memberName, false, false, 'm2o'); } if (!$memberId) { $memberId = $this->Members->get_member_id($memberName, false, false, 'uc'); } if (!$memberId) { $this->errorOutput(NO_MEMBER); } if (!$isMobile) { if ($mobile = trimall($this->input['mobile'])) { $checkBind = new check_Bind(); $platform_id = $checkBind->check_Bind($memberId, 'shouji'); if ($platform_id && $platform_id != $mobile) { $this->errorOutput('对不起,您填写的手机号不正确,请重新输入!'); } elseif (empty($platform_id)) { $this->errorOutput('对不起,您需找回的帐号未绑定手机号!'); } } else { $this->errorOutput('请输入正确的手机号,并获取验证码!'); } } $this->send_sms(); } else { $this->errorOutput(NO_MEMBER_NAME); } }
/** * member_id 会员id platform_id 第三方平台会员id char nick_name 昵称 type 会员类型 type_name 会员类型名称 avatar_url 头像地址 bind_time 绑定时间 bind_ip 绑定ip * Enter description here ... */ public function bind() { $memberUpdataField = array(); //主表修改字段 $member_id = intval($this->user['user_id']); if (!$member_id) { $this->errorOutput(USER_NO_LOGIN); } $platform_id = trim($this->input['platform_id']); $password = $this->input['password'] ? trim($this->input['password']) : ''; $type = trim($this->input['type']); $platformInfo = $this->Members->get_platform_name($type); $identifierUserSystem = new identifierUserSystem(); $identifier = $identifierUserSystem->setIdentifier((int) $this->input['identifier'])->checkIdentifier(); //多用户系统 if (in_array($type, array('m2o', 'uc')) || empty($platformInfo)) { $this->errorOutput(BIND_MEMBER_TYPE_ERROR); } else { if (!$platformInfo['status']) { $this->errorOutput(BIND_MEMBER_TYPE_CLOSE); } } $type_name = $platformInfo['name']; $device_token = $this->Members->check_device_token(trim($this->input['device_token'])); $udid = $this->Members->check_udid(trim($this->input['uuid'])); //唯一设备号 if ($device_token === 0) { $this->errorOutput(ERROR_DEVICE_TOKEN); } if ($udid === 0) { $this->errorOutput(ERROR_UDID); } $avatar_url = trim($this->input['avatar_url']); $ip = hg_getip(); //验证会员是否存在 $condition = " AND m.member_id=" . $member_id; $left_join = 'LEFT JOIN ' . DB_PREFIX . 'member_bind as mb ON m.member_id=mb.member_id AND m.type=mb.type'; $ret_member = $this->mMember->get_member_info($condition, 'm.*,mb.nick_name', $left_join, 0); $ret_member = $ret_member[0]; if (empty($ret_member)) { $this->errorOutput(NO_MEMBER); } $callback_sql = ''; if (!empty($ret_member['nick_name'])) { $nick_name = $ret_member['nick_name']; } else { $nick_name = $platform_id; } if (empty($avatar_url)) { $avatar = array('host' => '', 'dir' => '', 'filepath' => '', 'filename' => ''); if (is_serialized_string($ret_member['avatar'])) { $avatar = unserialize($ret_member['avatar']); } $avatar_url = $avatar['host'] . $avatar['dir'] . $avatar['filepath'] . $avatar['filename']; } else { $avatar_url = trim($this->input['avatar_url']); } if (hg_check_email_format($platform_id)) { $sql = 'SELECT platform_id FROM ' . DB_PREFIX . 'member_bind WHERE platform_id="' . $platform_id . '" AND identifier=' . $identifier; $result = $this->db->query_first($sql); if ($result) { $this->errorOutput(EMAIL_HAS_BINDED); } if (defined(BIND_EMAIL_NEED_VERIFYCODE)) { $email_verifycode = trim($this->input['email_verifycode']); if (!$email_verifycode) { $this->errorOutput(VERIFY_NULL); } if ($this->memberverifycode->get_verifycode_info($platform_id, $email_verifycode, 1, $action = 1)) { //验证成功之后删除 $this->memberverifycode->verifycode_delete($platform_id, $email_verifycode, 1, $action = 1); } else { $this->errorOutput(VERIFY_FAILED); } } $type = 'email'; $type_name = '邮箱'; } elseif (hg_verify_mobile($platform_id)) { $type = 'shouji'; $type_name = '手机'; } $need_password_type = array('shouji', 'm2o', 'email'); if (in_array($type, $need_password_type) && $password) { //随机串 $salt = hg_generate_salt(); //密码md5 $md5_password = md5(md5($password) . $salt); $memberUpdataField['password'] = $md5_password; $memberUpdataField['salt'] = $salt; } elseif (in_array($type, $need_password_type) && empty($ret_member['password'])) { $this->errorOutput(NO_PASSWORD); //如果绑定类型为手机,M2O,email,但是主表未设置密码,则需要设置密码 } if (!$member_id) { $this->errorOutput(NO_MEMBER_ID); } if (!$platform_id) { $this->errorOutput(NO_EXTERNAL_MEMBER_ID); } if (!$nick_name) { $this->errorOutput(NO_NICKNAME); } if (!$type) { $this->errorOutput(NO_EXTERNAL_TYPE); } //验证手机验证码 if ($type == 'shouji') { $mobile_verifycode = trim($this->input['mobile_verifycode']); if (!$mobile_verifycode) { $this->errorOutput(MOBILE_NOT_VERIFY); } $mobile = $platform_id; //简单验证手机号格式 if (!hg_verify_mobile($mobile)) { $this->errorOutput(MOBILE_NUMBER_FORMAT_ERROR); } //验证码 $verifycode = $this->mSmsServer->get_verifycode_info($mobile, $mobile_verifycode); if (empty($verifycode)) { $this->errorOutput(VERIFY_FAILED); } //删除验证码 $this->mSmsServer->mobile_verifycode_delete($mobile, $mobile_verifycode); if (TIMENOW > $verifycode['create_time'] + VERIFYCODE_EXPIRED_TIME) { $this->errorOutput(VERIFY_EXPIRED); } } $condition = " AND mb.platform_id = '" . $platform_id . "' AND mb.type = '" . $type . "' AND mb.identifier=" . $identifier; $_bind = $this->mMember->get_bind_info($condition); if ($_bind[0] && $member_id != $_bind[0]['member_id']) { $this->errorOutput(ACCOUNT_BIND); //验证此账户类型是否已被其他用户绑定 } $condition = " AND mb.member_id = '" . $member_id . "' AND mb.type = '" . $type . "' AND mb.identifier=" . $identifier; $bind = $this->mMember->get_bind_info($condition); $bind = $bind[0]; if ($bind) { $this->errorOutput(BIND_TYPE_EXISTS); //强制用户解除已有该类型绑定,防止原先绑定信息未经验证被串改! } $avatar_array = $this->mMember->update_avatar($avatar_url, $bind, $member_id); if ($avatar_array && is_array($avatar_array)) { $sql = 'UPDATE ' . DB_PREFIX . 'member SET avatar =\'' . daddslashes(serialize($avatar_array)) . '\' WHERE member_id=' . intval($member_id); $this->db->query($sql); } $bind_data = array('member_id' => $member_id, 'platform_id' => $platform_id, 'nick_name' => $nick_name, 'type' => $type, 'type_name' => $type_name, 'avatar_url' => $avatar_url, 'identifier' => $identifier, 'reg_device_token' => $device_token, 'reg_udid' => $udid); if (empty($bind)) { $checkBind = new check_Bind(); $isUc = 0; $isUc = $checkBind->check_Bind($member_id, 'uc'); if (empty($isUc)) { $isUc = $checkBind->check_uc($member_id); if ($isUc) { $bind_data['inuc'] = $isUc; } } //新增绑定表 $bind_data['bind_time'] = TIMENOW; $bind_data['bind_ip'] = $ip; $ret_bind = $this->mMember->bind_create($bind_data); if (empty($ret_bind)) { $this->errorOutput(BIND_DATA_ADD_FAILED); } } else { //更新绑定表 $ret_bind = $this->mMember->bind_update($bind_data); if (empty($ret_bind)) { $this->errorOutput(BIND_DATA_UPDATE_FAILED); } } if ($type == 'shouji') { $memberUpdataField['mobile'] = $platform_id; } elseif ($type == 'email') { $memberUpdataField['email'] = $platform_id; } if ($ret_member['type'] == 'email' || $ret_member['type'] == 'shouji') { $memberUpdataField['member_name'] = $platform_id; } $return = array('member_id' => $member_id, 'member_name' => in_array($ret_member['member_name'], array('m2o', 'uc')) ? $ret_member['member_name'] : $platform_id, 'type' => $type, 'nick_name' => $nick_name, 'is_exist_password' => $ret_member['password'] ? 1 : 0); if ($memberUpdataField && $this->mMember->update($memberUpdataField, array('member_id' => $member_id))) { if ($this->settings['ucenter']['open']) { if ($ret_member['type'] == 'm2o' && $type == 'email') { $this->mMember->uc_user_edit($ret_member['member_name'], '', $password, $platform_id, 1); } } } $this->addItem($return); $this->output(); }
/** * * 找回密码验证方法(支持验证输入的手机号是否已经绑定) ... */ public function reSetPasswordUser() { $type = isset($this->input['type']) ? intval($this->input['type']) : -1; //找回类型 $identifierUserSystem = new identifierUserSystem(); $identifier = $identifierUserSystem->setIdentifier((int) $this->input['identifier'])->checkIdentifier(); //多用户系统 $memberId = 0; $isEmail = 0; $isMobile = 0; if ($memberName = trimall($this->input['member_name'])) { if (hg_check_email_format($memberName)) { $memberId = $this->Members->get_member_id($memberName, false, false, 'email', $identifier); if ($memberId) { $isEmail = 1; $platform_id = $memberName; } } elseif (hg_verify_mobile($memberName)) { $memberId = $this->Members->get_member_id($memberName, false, false, 'shouji', $identifier); if ($memberId) { $isMobile = 1; $platform_id = $memberName; } } if (!$memberId) { $memberId = $this->Members->get_member_id($memberName, false, false, 'm2o', $identifier); } if (!$memberId) { $memberId = $this->Members->get_member_id($memberName, false, false, 'uc', $identifier); } if (!$memberId) { $this->errorOutput(NO_MEMBER); } if ($type == 1) { if (!$isEmail) { if ($email = trimall($this->input['email'])) { $checkBind = new check_Bind(); $platform_id = $checkBind->check_Bind($memberId, 'email'); if ($platform_id && $platform_id != $email) { $this->errorOutput(EMAIL_BIND_ACCOUNT_ERROR); } else { if (!$platform_id) { $this->errorOutput(EMAIL_NO_BIND_ACCOUNT); } } } else { $this->errorOutput(EMAIL_INPUT_BIND_ACCOUNT); } } } elseif ($type == 0) { if (!$isMobile) { if ($mobile = trimall($this->input['mobile'])) { $checkBind = new check_Bind(); $platform_id = $checkBind->check_Bind($memberId, 'shouji'); if ($platform_id && $platform_id != $mobile) { $this->errorOutput(MOBILE_BIND_ACCOUNT_ERROR); } elseif (empty($platform_id)) { $this->errorOutput(MOBILE_NO_BIND_ACCOUNT); } } else { $this->errorOutput(MOBILE_INPUT_BIND_ACCOUNT); } } } else { $this->errorOutput(REPASSWORD_TYPE_ERROR); } $this->input['member_name'] = $platform_id; $this->reset_password(); } else { $this->errorOutput(NO_MEMBER_NAME); } }
/** * 检查绑定 */ private function checkMemberName($memberName) { if (hg_verify_mobile($memberName)) { $this->errorOutput('请填写正确的用户名'); } if (hg_check_email_format($memberName)) { $memberId = $this->Members->get_member_id($memberName, false, false, 'email'); if ($memberId) { $isEmail = 1; $platform_id = $memberName; $this->email = $memberName; } } if (!$memberId) { $memberId = $this->Members->get_member_id($memberName, false, false, 'm2o'); } if (!$memberId) { $memberId = $this->Members->get_member_id($memberName, false, false, 'uc'); } if (!$memberId) { $this->errorOutput(NO_MEMBER); } if (!$isEmail) { $this->email = trimall($this->input['email']); if ($this->email && hg_check_email_format($this->email)) { $checkBind = new check_Bind(); $platform_id = $checkBind->check_Bind($memberId, 'email'); if ($platform_id && $platform_id != $this->email) { $this->errorOutput(EMAIL_BIND_ACCOUNT_ERROR); } elseif (empty($platform_id)) { $this->errorOutput(EMAIL_NO_BIND_ACCOUNT); } } else { if ($this->email) { $this->errorOutput(EMAIL_FORMAT_ERROR); } else { $this->errorOutput(NO_EMAIL); } } } return $memberId; }