/** * 基本验证 * * @param string $key * @param string $value * @return int 0-验证信息不存在,1-验证码已过期, 2-验证码错误 */ function validate_code($key, $code) { $record = get_validate_record($key); if ($record == false) { return ERR_VALIDATE_KEY_NOT_EXIST; } else { if ($record['expired_time'] < time()) { return ERR_VALIDATE_EXPIRED_TIME; } else { if ($record['record_code'] != $code) { return ERR_VALIDATE_CODE_NOT_MATCH; } else { return true; } } } }
function action_send_mobile_code() { // 获取全局变量 $user = $GLOBALS['user']; $_CFG = $GLOBALS['_CFG']; $_LANG = $GLOBALS['_LANG']; $smarty = $GLOBALS['smarty']; $db = $GLOBALS['db']; $ecs = $GLOBALS['ecs']; $user_id = $_SESSION['user_id']; /* 载入语言文件 */ require_once ROOT_PATH . 'languages/' . $_CFG['lang'] . '/user.php'; require_once ROOT_PATH . 'includes/lib_validate_record.php'; $mobile_phone = trim($_REQUEST['mobile_phone']); if (empty($mobile_phone)) { exit("手机号不能为空"); return; } else { if (!is_mobile_phone($mobile_phone)) { exit("手机号格式不正确"); return; } else { if (check_validate_record_exist($mobile_phone)) { // 获取数据库中的验证记录 $record = get_validate_record($mobile_phone); /** * 检查是过了限制发送短信的时间 */ $last_send_time = $record['last_send_time']; $expired_time = $record['expired_time']; $create_time = $record['create_time']; $count = $record['count']; // 每天每个手机号最多发送的验证码数量 $max_sms_count = 10; // 发送最多验证码数量的限制时间,默认为24小时 $max_sms_count_time = 60 * 60 * 24; if (time() - $last_send_time < 60) { echo "每60秒内只能发送一次短信验证码,请稍候重试"; return; } else { if (time() - $create_time < $max_sms_count_time && $record['count'] > $max_sms_count) { echo "您发送验证码太过于频繁,请稍后重试!"; return; } else { $count++; } } } } } require_once ROOT_PATH . 'includes/lib_passport.php'; // 设置为空 $_SESSION['mobile_register'] = array(); require_once ROOT_PATH . 'sms/sms.php'; // 生成6位短信验证码 $mobile_code = rand_number(6); // 短信内容 $content = sprintf($_LANG['mobile_code_template'], $GLOBALS['_CFG']['shop_name'], $mobile_code, $GLOBALS['_CFG']['shop_name']); /* 发送激活验证邮件 */ // $result = true; $result = sendSMS($mobile_phone, $content); if ($result) { if (!isset($count)) { $ext_info = array("count" => 1); } else { $ext_info = array("count" => $count); } // 保存手机号码到SESSION中 $_SESSION[VT_MOBILE_REGISTER] = $mobile_phone; // 保存验证信息 save_validate_record($mobile_phone, $mobile_code, VT_MOBILE_REGISTER, time(), time() + 30 * 60, $ext_info); echo 'ok'; } else { echo '短信验证码发送失败'; } }
/** * 检查手机验证码 * * @param $mobile_phone 邮箱地址 * @param $mobile_code 验证码 * * @return 0-验证成功 1-手机为空 * 2-手机格式不正确 * 3-验证码为空 * 4-验证码不正确 * 5-验证码已过期 */ function validate_mobile_code($mobile_phone, $mobile_code) { require_once ROOT_PATH . 'includes/lib_validate_record.php'; if (empty($mobile_phone)) { return 1; } else { if (!is_mobile_phone($mobile_phone)) { return 2; } } $record = get_validate_record($mobile_phone); /* 手机验证码检查 */ if (empty($mobile_code)) { return 3; } else { if ($record['record_code'] != $mobile_code) { return 4; } else { if ($record['expired_time'] < time()) { return 5; } } } /* 删除注册的验证记录 */ remove_validate_record($mobile_phone); return 0; }
/** * 注册会员的处理 */ function action_register() { // 获取全局变量 $_CFG = $GLOBALS['_CFG']; $_LANG = $GLOBALS['_LANG']; $smarty = $GLOBALS['smarty']; $db = $GLOBALS['db']; $ecs = $GLOBALS['ecs']; /* 增加是否关闭注册 */ if ($_CFG['shop_reg_closed']) { $smarty->assign('action', 'register'); $smarty->assign('shop_reg_closed', $_CFG['shop_reg_closed']); $smarty->display('user_passport.dwt'); } else { include_once ROOT_PATH . 'includes/lib_passport.php'; $username = isset($_POST['username']) ? trim($_POST['username']) : ''; $password = isset($_POST['password']) ? trim($_POST['password']) : ''; $email = isset($_POST['email']) ? trim($_POST['email']) : ''; $other['msn'] = isset($_POST['extend_field1']) ? $_POST['extend_field1'] : ''; $other['qq'] = isset($_POST['extend_field2']) ? $_POST['extend_field2'] : ''; $other['office_phone'] = isset($_POST['extend_field3']) ? $_POST['extend_field3'] : ''; $other['home_phone'] = isset($_POST['extend_field4']) ? $_POST['extend_field4'] : ''; //$other['mobile_phone'] = isset($_POST['extend_field5']) ? $_POST['extend_field5'] : ''; $sel_question = empty($_POST['sel_question']) ? '' : compile_str($_POST['sel_question']); $passwd_answer = isset($_POST['passwd_answer']) ? compile_str(trim($_POST['passwd_answer'])) : ''; // 注册类型:email、mobile $register_type = isset($_POST['register_type']) ? trim($_POST['register_type']) : ''; $back_act = isset($_POST['back_act']) ? trim($_POST['back_act']) : ''; // if(empty($_POST['agreement'])) // { // show_message($_LANG['passport_js']['agreement']); // } // 注册类型不能为空 if (empty($register_type)) { show_message($_LANG['passport_js']['msg_register_type_blank']); } // 用户名将自动生成 if (strlen($username) < 3) { // show_message($_LANG['passport_js']['username_shorter']); } if (strlen($password) < 6) { show_message($_LANG['passport_js']['password_shorter']); } if (strpos($password, ' ') > 0) { show_message($_LANG['passwd_balnk']); } /* 验证码检查 */ if (intval($_CFG['captcha']) & CAPTCHA_REGISTER && gd_version() > 0) { if (empty($_POST['captcha'])) { show_message($_LANG['invalid_captcha'], $_LANG['sign_up'], 'register.php', 'error'); } /* 检查验证码 */ include_once 'includes/cls_captcha.php'; $captcha = new captcha(); if (!$captcha->check_word(trim($_POST['captcha']))) { show_message($_LANG['invalid_captcha'], $_LANG['sign_up'], 'register.php', 'error'); } } if ($register_type == "email") { /* 邮箱验证码检查 */ require_once ROOT_PATH . 'includes/lib_validate_record.php'; if (empty($email)) { show_message($_LANG['msg_email_blank'], $_LANG['sign_up'], 'register.php', 'error'); } $record = get_validate_record($email); $session_email = $_SESSION[VT_EMAIL_REGISTER]; $email_code = !empty($_POST['email_code']) ? trim($_POST['email_code']) : ''; if (empty($email_code)) { show_message($_LANG['msg_email_code_blank'], $_LANG['sign_up'], 'register.php', 'error'); } else { if ($session_email != $email) { show_message($_LANG['email_changed'], $_LANG['sign_up'], 'register.php', 'error'); } else { if ($email_code != $record['record_code']) { show_message($_LANG['invalid_email_code'], $_LANG['sign_up'], 'register.php', 'error'); } } } /* 邮箱注册时 */ $username = generate_username(); /* 邮箱注册 */ $result = register_by_email($username, $password, $email, $other); if ($result) { /* 删除注册的验证记录 */ remove_validate_record($email); } } else { if ($register_type == "mobile") { require_once ROOT_PATH . 'includes/lib_validate_record.php'; $mobile_phone = !empty($_POST['mobile_phone']) ? trim($_POST['mobile_phone']) : ''; $mobile_code = !empty($_POST['mobile_code']) ? trim($_POST['mobile_code']) : ''; $record = get_validate_record($mobile_phone); $session_mobile_phone = $_SESSION[VT_MOBILE_REGISTER]; /* 手机验证码检查 */ if (empty($mobile_code)) { show_message($_LANG['msg_mobile_phone_blank'], $_LANG['sign_up'], 'register.php', 'error'); } else { if ($session_mobile_phone != $mobile_phone) { show_message($_LANG['mobile_phone_changed'], $_LANG['sign_up'], 'register.php', 'error'); } else { if ($record['record_code'] != $mobile_code) { show_message($_LANG['invalid_mobile_phone_code'], $_LANG['sign_up'], 'register.php', 'error'); } else { if ($record['expired_time'] < time()) { show_message($_LANG['invalid_mobile_phone_code'], $_LANG['sign_up'], 'register.php', 'error'); } } } } /* 手机注册时,用户名默认为u+手机号 */ $username = generate_username_by_mobile($mobile_phone); /* 手机注册 */ $result = register_by_mobile($username, $password, $mobile_phone, $other); if ($result) { /* 删除注册的验证记录 */ remove_validate_record($mobile_phone); } } else { /* 无效的注册类型 */ show_message($_LANG['register_type_invalid'], $_LANG['sign_up'], 'register.php', 'error'); } } /* 随进生成用户名 */ // $username = generate_username(); if ($result) { /* 把新注册用户的扩展信息插入数据库 */ $sql = 'SELECT id FROM ' . $ecs->table('reg_fields') . ' WHERE type = 0 AND display = 1 ORDER BY dis_order, id'; // 读出所有自定义扩展字段的id $fields_arr = $db->getAll($sql); $extend_field_str = ''; // 生成扩展字段的内容字符串 foreach ($fields_arr as $val) { $extend_field_index = 'extend_field' . $val['id']; if (!empty($_POST[$extend_field_index])) { $temp_field_content = strlen($_POST[$extend_field_index]) > 100 ? mb_substr($_POST[$extend_field_index], 0, 99) : $_POST[$extend_field_index]; $extend_field_str .= " ('" . $_SESSION['user_id'] . "', '" . $val['id'] . "', '" . compile_str($temp_field_content) . "'),"; } } $extend_field_str = substr($extend_field_str, 0, -1); if ($extend_field_str) { $sql = 'INSERT INTO ' . $ecs->table('reg_extend_info') . ' (`user_id`, `reg_field_id`, `content`) VALUES' . $extend_field_str; $db->query($sql); } /* 代码增加2014-12-23 by www.68ecshop.com _star */ // if($_SESSION['tag'] > 0) // { // $sql = "update " . $GLOBALS['ecs']->table('users') . " set // is_validated = 1 where user_id = '" . $_SESSION['user_id'] . "'"; // $GLOBALS['db']->query($sql); // } // if($other['mobile_phone'] != '') // { // if($_CFG['sms_register'] == 1) // { // $sql = "update " . $GLOBALS['ecs']->table('users') . " set // validated = 1 where user_id = '" . $_SESSION['user_id'] . "'"; // $GLOBALS['db']->query($sql); // } // } /* 代码增加2014-12-23 by www.68ecshop.com _end */ /* * 代码增加_start By www.68ecshop.com * include_once(ROOT_PATH . '/includes/cls_image.php'); * $image = new cls_image($_CFG['bgcolor']); * $headimg_original = * $GLOBALS['image']->upload_image($_FILES['headimg'], 'headimg/'. * date('Ym')); * * $thumb_path=DATA_DIR. '/headimg/' . date('Ym').'/' ; * $headimg_thumb = $GLOBALS['image']->make_thumb($headimg_original, * '80', '50', $thumb_path); * $headimg_thumb = $headimg_thumb ? $headimg_thumb : * $headimg_original; * if ($headimg_thumb) * { * $sql = 'UPDATE ' . $ecs->table('users') . " SET * `headimg`='$headimg_thumb' WHERE `user_id`='" . * $_SESSION['user_id'] . "'"; * $db->query($sql); * } * 代码增加_end By www.68ecshop.com */ /* 写入密码提示问题和答案 */ if (!empty($passwd_answer) && !empty($sel_question)) { $sql = 'UPDATE ' . $ecs->table('users') . " SET `passwd_question`='{$sel_question}', `passwd_answer`='{$passwd_answer}' WHERE `user_id`='" . $_SESSION['user_id'] . "'"; $db->query($sql); } /* 代码增加_start By www.68ecshop.com */ $now = gmtime(); if ($_CFG['bonus_reg_rand']) { $sql_bonus_ext = " order by rand() limit 0,1"; } $sql_b = "SELECT type_id FROM " . $ecs->table("bonus_type") . " WHERE send_type='" . SEND_BY_REGISTER . "' AND send_start_date<=" . $now . " AND send_end_date>=" . $now . $sql_bonus_ext; $res_bonus = $db->query($sql_b); $kkk_bonus = 0; while ($row_bonus = $db->fetchRow($res_bonus)) { $sql = "INSERT INTO " . $ecs->table('user_bonus') . "(bonus_type_id, bonus_sn, user_id, used_time, order_id, emailed)" . " VALUES('" . $row_bonus['type_id'] . "', 0, '" . $_SESSION['user_id'] . "', 0, 0, 0)"; $db->query($sql); $kkk_bonus = $kkk_bonus + 1; } if ($kkk_bonus) { $_LANG['register_success'] = '用户名 %s 注册成功,并获得官方赠送的红包礼品'; } /* 代码增加_end By www.68ecshop.com */ /* 判断是否需要自动发送注册邮件 */ if ($GLOBALS['_CFG']['member_email_validate'] && $GLOBALS['_CFG']['send_verify_email']) { send_regiter_hash($_SESSION['user_id']); } $ucdata = empty($user->ucdata) ? "" : $user->ucdata; show_message(sprintf($_LANG['register_success'], $username . $ucdata), array($_LANG['back_up_page'], $_LANG['profile_lnk']), array($back_act, 'user.php'), 'info'); } else { $GLOBALS['err']->show($_LANG['sign_up'], 'register.php'); } } /* 代码增加2014-12-23 by www.68ecshop.com _star */ }
/** * 发送手机验证所需的短信验证码 */ function action_send_mobile_code() { $_LANG = $GLOBALS['_LANG']; $smarty = $GLOBALS['smarty']; $db = $GLOBALS['db']; $ecs = $GLOBALS['ecs']; require_once ROOT_PATH . 'includes/lib_validate_record.php'; $mobile_phone = trim($_SESSION[VT_MOBILE_VALIDATE]); if (empty($mobile_phone)) { make_json_error("手机号不能为空"); } else { if (!is_mobile_phone($mobile_phone)) { make_json_error("手机号格式不正确"); } else { if (check_validate_record_exist($mobile_phone)) { // 获取数据库中的验证记录 $record = get_validate_record($mobile_phone); /** * 检查是过了限制发送短信的时间 */ $last_send_time = $record['last_send_time']; $expired_time = $record['expired_time']; $create_time = $record['create_time']; $count = $record['count']; // 每天每个手机号最多发送的验证码数量 $max_sms_count = 10; // 发送最多验证码数量的限制时间,默认为24小时 $max_sms_count_time = 60 * 60 * 24; if (time() - $last_send_time < 60) { make_json_error("每60秒内只能发送一次短信验证码,请稍候重试"); } else { if (time() - $create_time < $max_sms_count_time && $record['count'] > $max_sms_count) { make_json_error("您发送验证码太过于频繁,请稍后重试!"); } else { $count++; } } } } } require_once ROOT_PATH . 'includes/lib_passport.php'; // 设置为空 $_SESSION[VT_MOBILE_VALIDATE] = array(); require_once ROOT_PATH . 'sms/sms.php'; // 生成6位短信验证码 $mobile_code = rand_number(6); // 短信内容 $content = sprintf($_LANG['mobile_code_template'], $GLOBALS['_CFG']['shop_name'], $mobile_code, $GLOBALS['_CFG']['shop_name']); /* 发送激活验证邮件 */ $result = sendSMS($mobile_phone, $content); // $result = true; if ($result) { if (!isset($count)) { $ext_info = array("count" => 1); } else { $ext_info = array("count" => $count); } // 保存验证的手机号 $_SESSION[VT_MOBILE_VALIDATE] = $mobile_phone; // 保存验证信息 save_validate_record($mobile_phone, $mobile_code, VT_MOBILE_VALIDATE, time(), time() + 30 * 60, $ext_info); make_json_result('发送成功'); } else { make_json_error('短信验证码发送失败'); } }