public function user_change_status()
{
$req = req()->_plain();
if ($req->is_post()) {
$id = intval($req->post('id'));
$status = intval($req->post('status'));
try {
$user = new User($id);
$user->set(['status' => $status]);
$this->rt_msg['status'] = true;
} catch (\Exception $ex) {
$this->rt_msg['msg'] = $ex->getMessage();
}
} else {
$this->rt_msg['msg'] = "必须以POST方式提交数据";
}
}
/**
* 修改用户邮箱
* @param User $user
* @param string $email
* @param string $password
* @param string $code
* @throws \Exception
*/
public function edit_email($user, $email, $password, $code)
{
lib()->load('UserCheck');
$email = strtolower(trim($email));
$code = strtolower(trim($code));
if ($user->getPassword() !== UserCheck::CreatePassword($password, $user->getSalt())) {
$this->throwMsg(-10);
}
$email_check = UserCheck::CheckEmail($email);
if ($email_check !== true) {
throw new \Exception($email_check);
}
$meta = $user->getMeta()->get(['edit_email_add', 'edit_email_time', 'edit_email_code'], '');
if ($meta['edit_email_add'] !== $email) {
$this->throwMsg(-13);
}
if ($meta['edit_email_code'] !== $code) {
$this->throwMsg(-12);
}
if (time() - strtotime($meta['edit_email_time']) > hook()->apply('UserControl_edit_email_time', 3 * 24 * 60 * 60)) {
$this->throwMsg(-11);
}
$user->getMeta()->delete(['edit_email_add', 'edit_email_time', 'edit_email_code']);
$user->set(['email' => $email]);
}
/**
* 设置最后登录信息
* @param User $user
* @throws \Exception
*/
public static function setLastLoginInfo($user)
{
cookie()->set("LoginFlag", date("Y-m-d"));
$user->set(array('last_login_ip' => Ip::getInstance()->realip(), 'last_login_time' => date("Y-m-d H:i:s")));
}
/**
* @param User $user
* @param string $code
* @throws \Exception
* @return int 返回用户状态码
*/
public static function UserActivation($user, $code)
{
if ($user->is_active()) {
throw new \Exception(_("User is already activation"));
}
$meta = $user->getMeta()->get(["activation_code", "activation_time"], '');
if (empty($meta['activation_time']) || empty($meta['activation_code'])) {
throw new \Exception(_("Activation code is invalid"));
}
if (time() - strtotime($meta['activation_time']) > hook()->apply('UserRegister_UserActivation_time', 3 * 24 * 60 * 60)) {
throw new \Exception(_("Activation code is time out"));
}
if ($meta['activation_code'] != $code) {
throw new \Exception(_("Activation code is error"));
} else {
$user->set(['status' => 1]);
}
return $user->getStatus();
}
/**
* POST登录
* @param string $account
* @param string $password
* @param string $captcha
* @param bool $save_status
*/
public function PostLogin($account, $password, $captcha, $save_status)
{
if (empty($account) || empty($password)) {
$this->throwMsg(-10);
}
$save_status = !empty($save_status);
if (!$this->Captcha($captcha)) {
//验证码检测
$this->throwMsg(-5);
}
$account = strtolower($account);
$password = strtolower($password);
$this->GetAccountUser($account);
lib()->load('UserCheck');
if (!UserCheck::CheckPasswordChar($password)) {
$this->throwMsg(-3);
}
$ip = Ip::getInstance();
$max_error_count = hook()->apply("UserLogin_max_error_count", 6);
$now_ip = $ip->realip();
if ($max_error_count <= $this->user->getErrorLoginCount() && $ip->fill($now_ip) === $ip->fill($this->user->getErrorLoginIp()) && explode(" ", $this->user->getErrorLoginTime())[0] == date("Y-m-d")) {
//登录被限制
$this->throwMsg(-8);
} else {
if (UserCheck::CreatePassword($password, $this->user->getSalt()) !== $this->user->getPassword()) {
//错误登录记录
$this->user->set(array("error_login_count" => 1 + $this->user->getErrorLoginCount(), 'error_login_time' => date("Y-m-d H:i:s"), 'error_login_ip' => $now_ip));
if ($this->user->getErrorLoginCount() >= $max_error_count) {
hook()->apply("UserLogin_PostLogin_restrictions", NULL, $this->user);
}
$this->throwMsg(-4);
} else {
if (in_array($this->user->getStatus(), [0, 1, 2])) {
if ($this->user->getErrorLoginCount() > 0) {
//错误登录清零
$this->user->set(array("error_login_count" => 0));
}
} else {
//登录受限制,无法登录
$this->throwMsg(-9);
}
}
}
try {
//登录成功后的COOKIE设置
if (strlen($this->user->getCookieLogin()) < 10) {
$this->user->set(array("cookie_login" => salt_hash(time() . $this->user->getEmail(), salt(20))));
}
if ($save_status) {
cookie()->set("UserLogin", $this->user->getId() . "\t" . $this->user->getCookieLogin(), hook()->apply("UserLogin_PostLogin_CookieTime", time() + 60 * 60 * 24 * 7));
} else {
cookie()->set("UserLogin", $this->user->getId() . "\t" . $this->user->getCookieLogin());
}
} catch (\Exception $ex) {
$this->throwMsg(-6);
}
try {
//最后登录信息
self::setLastLoginInfo($this->user);
} catch (\Exception $ex) {
$this->code = -7;
}
hook()->apply('UserLogin_PostLogin_Success', NULL, $this->user);
}
