add api.php
这个提交包含在:
父节点
3ae9370878
当前提交
51c147aed2
|
@ -36,7 +36,8 @@
|
|||
- reg.php - 如果用户没有实名信息,要求其登记实名信息
|
||||
- verify.php - 如果用户有实名信息,并且想要更新实名信息,要求其验证既有实名信息
|
||||
- update.php - 对于想要更新实名信息的用户,要求其提供新的实名信息
|
||||
- smsVerify.php - 短信验证码的发送和验证
|
||||
- api.php - 短信验证码的发送
|
||||
- smsVerify.php - 短信验证码的验证
|
||||
- confirm.php - 将已完成验证的用户信息写入数据库(或更新实名信息)
|
||||
|
||||
## 授权
|
||||
|
|
|
@ -0,0 +1,194 @@
|
|||
<?php
|
||||
error_reporting(1);
|
||||
ini_set('display_errors', 1);
|
||||
|
||||
session_start();
|
||||
|
||||
require_once __DIR__ . \DIRECTORY_SEPARATOR . 'loadRequires.php';
|
||||
require_once __DIR__ . \DIRECTORY_SEPARATOR . 'template.php';
|
||||
|
||||
use AlibabaCloud\SDK\Dysmsapi\V20170525\Dysmsapi;
|
||||
use AlibabaCloud\Tea\Exception\TeaError;
|
||||
use AlibabaCloud\Tea\Utils\Utils;
|
||||
|
||||
use Darabonba\OpenApi\Models\Config;
|
||||
use AlibabaCloud\SDK\Dysmsapi\V20170525\Models\SendSmsRequest;
|
||||
use AlibabaCloud\Tea\Utils\Utils\RuntimeOptions;
|
||||
|
||||
class AliyunSms
|
||||
{
|
||||
/**
|
||||
* 使用AK&SK初始化账号Client
|
||||
* @param string $accessKeyId
|
||||
* @param string $accessKeySecret
|
||||
* @return Dysmsapi Client
|
||||
*/
|
||||
public static function createClient($accessKeyId, $accessKeySecret)
|
||||
{
|
||||
$config = new Config([
|
||||
// 必填,您的 AccessKey ID
|
||||
"accessKeyId" => $accessKeyId,
|
||||
// 必填,您的 AccessKey Secret
|
||||
"accessKeySecret" => $accessKeySecret
|
||||
]);
|
||||
// 访问的域名
|
||||
$config->endpoint = "dysmsapi.aliyuncs.com";
|
||||
return new Dysmsapi($config);
|
||||
}
|
||||
/**
|
||||
* @param string $phoneNumber
|
||||
* @param int $valCode
|
||||
* @return void
|
||||
*/
|
||||
public static function sendValCode($phoneNumber, $valCode, $accessKey, $secretKey, $signName, $templateCode)
|
||||
{
|
||||
$valCodeStr = "{\"code\":\"" . $valCode . "\"}";
|
||||
$client = self::createClient($accessKey, $secretKey);
|
||||
$sendSmsRequest = new SendSmsRequest(["signName" => $signName, "templateCode" => $templateCode, "phoneNumbers" => $phoneNumber, "templateParam" => $valCodeStr]);
|
||||
$runtime = new RuntimeOptions([]);
|
||||
try {
|
||||
// 复制代码运行请自行打印 API 的返回值
|
||||
$client->sendSmsWithOptions($sendSmsRequest, $runtime);
|
||||
} catch (Exception $error) {
|
||||
if (!($error instanceof TeaError)) {
|
||||
$error = new TeaError([], $error->getMessage(), $error->getCode(), $error);
|
||||
}
|
||||
// 如有需要,请打印 error
|
||||
echo Utils::assertAsString($error->message);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (!isset($_POST['act'])) {
|
||||
echo "本页面只应被验证码页面调用。";
|
||||
exit(1);
|
||||
}
|
||||
|
||||
if (!isset($_SESSION['qwUserId'])) {
|
||||
echo "2"; // 拒绝发送
|
||||
exit(1);
|
||||
}
|
||||
|
||||
$act = $_POST['act'];
|
||||
|
||||
## Blacklist
|
||||
include_once __DIR__ . \DIRECTORY_SEPARATOR . 'blacklist-pn.php';
|
||||
if (!isset($blacklist_pn)) {
|
||||
$blacklist_pn = array();
|
||||
}
|
||||
|
||||
switch ($act) {
|
||||
case 'UserLoginCode':
|
||||
if (!isset($_POST['pn']) || !isset($_POST['idd'])) {
|
||||
echo 5; // 缺失参数
|
||||
exit(1);
|
||||
}
|
||||
$pn = $_POST['pn'] ?? '';
|
||||
$idd = $_POST['idd'] ?? '';
|
||||
$update = $_POST['update'] ?? '0';
|
||||
$updateTag = $_SESSION['updateTag'] ?? 0;
|
||||
if (isset($_SESSION['expireTime'])) {
|
||||
if ($update === '1' && $updateTag === 0) {
|
||||
$_SESSION['expireTime'] = time() - 2 * $rnrsSmsExpireTimeout;
|
||||
$_SESSION['updateTag'] = 1;
|
||||
}
|
||||
$originalTime = $_SESSION['expireTime'] - $rnrsSmsExpireTimeout;
|
||||
if (time() - $originalTime < 61) {
|
||||
echo "4"; // 发送过于频繁,拒绝发送
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
if (in_array($idd . $pn, $blacklist_pn)) {
|
||||
echo "10"; // 拒绝发送
|
||||
} else {
|
||||
if (preg_match("/^(13[0-9]|14[01456879]|15[0-35-9]|16[2567]|17[0-8]|18[0-9]|19[0-35-9])\d{8}$/", $pn) && $idd === '86') {
|
||||
$code = sprintf("%06d", mt_rand(000000, 999999));
|
||||
$_SESSION['verificationCode'] = $code;
|
||||
$_SESSION['expireTime'] = time() + $rnrsSmsExpireTimeout;
|
||||
$_SESSION['qwPhoneNumberIdd'] = $idd;
|
||||
$_SESSION['qwPhoneNumber'] = $pn;
|
||||
AliyunSms::sendValCode($pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunSignName, $rnrsAliyunSmsTemplate);
|
||||
echo "1"; // 发送成功
|
||||
} else if (isset($rnrsAliyunIddSignName) && isset($rnrsAliyunIddSmsTemplate)) {
|
||||
if (preg_match("/^(40[46]\d{5}|409[3-9]\d{4}|42[02-9]\d{5}|43[3-9]\d{5}|44[0-9]\d{5}|45[1-9]\d{5}|4[67][0-9]\d{5}|481\d{5}|482[1-9]\d{4}|48[69]\d{5}|492[3-9]\d{4}|495[2-9]\d{4}|498\d{5}|5[1-79]\d{6}|6[0-9]\d{6}|7[0-3]\d{6}|8[1-9]\d{6}|90[1-9]\d{5}|91[02-9]\d{5}|9[2-8][0-9]\d{5})$/", $pn) && $idd === '852') {
|
||||
$code = sprintf("%06d", mt_rand(000000, 999999));
|
||||
$_SESSION['verificationCode'] = $code;
|
||||
$_SESSION['expireTime'] = time() + $rnrsSmsExpireTimeout;
|
||||
$_SESSION['qwPhoneNumberIdd'] = $idd;
|
||||
$_SESSION['qwPhoneNumber'] = $pn;
|
||||
AliyunSms::sendValCode('+' . $idd . $pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunIddSignName, $rnrsAliyunIddSmsTemplate);
|
||||
echo "1"; // 发送成功
|
||||
} else if (preg_match("/^(6\d{7})$/", $pn) && $idd === '853') {
|
||||
$code = sprintf("%06d", mt_rand(000000, 999999));
|
||||
$_SESSION['verificationCode'] = $code;
|
||||
$_SESSION['expireTime'] = time() + $rnrsSmsExpireTimeout;
|
||||
$_SESSION['qwPhoneNumberIdd'] = $idd;
|
||||
$_SESSION['qwPhoneNumber'] = $pn;
|
||||
AliyunSms::sendValCode('+' . $idd . $pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunIddSignName, $rnrsAliyunIddSmsTemplate);
|
||||
echo "1"; // 发送成功
|
||||
} else {
|
||||
echo "2"; // 拒绝发送
|
||||
exit(1);
|
||||
}
|
||||
} else {
|
||||
echo "2"; // 拒绝发送
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
case 'UserVerifyCode':
|
||||
if (!isset($_POST['uid'])) {
|
||||
echo 5; // 缺失参数
|
||||
exit(1);
|
||||
}
|
||||
if (isset($_SESSION['expireTime'])) {
|
||||
$originalTime = $_SESSION['expireTime'] - $rnrsSmsExpireTimeout;
|
||||
if (time() - $originalTime < 61) {
|
||||
echo "4"; // 发送过于频繁,拒绝发送
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
$uid = $_POST['uid'] ?? '';
|
||||
$dsn = "$rnrsDatabaseType:host=$rnrsDatabaseServer;dbname=$rnrsDatabaseName";
|
||||
try {
|
||||
$dbconn = new PDO($dsn, $rnrsDatabaseUser, $rnrsDatabasePass);
|
||||
} catch (PDOException $e) {
|
||||
echo "打开数据库错误:" . $e->getMessage();
|
||||
}
|
||||
$dbconn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||||
try {
|
||||
$sql = "SELECT * FROM `rnrs_users` WHERE `rnrsu_userid` = $uid;";
|
||||
$result = $dbconn->query($sql);
|
||||
$rowall = $result->fetchAll();
|
||||
foreach ($rowall as $row) {
|
||||
$idd = rtrim($row['rnrsu_mobile_idd']);
|
||||
$pn = rtrim($row['rnrsu_mobile']);
|
||||
}
|
||||
} catch (PDOException $e) {
|
||||
$dbconn = null;
|
||||
echo "获取实名信息时错误:" . $e->getMessage();
|
||||
}
|
||||
$dbconn = null;
|
||||
$code = sprintf("%06d", mt_rand(000000, 999999));
|
||||
$_SESSION['verificationCode'] = $code;
|
||||
$_SESSION['expireTime'] = time() + $rnrsSmsExpireTimeout;
|
||||
if (in_array($_POST['idd'] . $_POST['pn'], $blacklist_pn)) {
|
||||
echo "10"; // 拒绝发送
|
||||
} else if ($idd === '86') {
|
||||
AliyunSms::sendValCode($pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunSignName, $rnrsAliyunSmsTemplate);
|
||||
} else {
|
||||
if (isset($rnrsAliyunIddSignName) && isset($rnrsAliyunIddSmsTemplate)) {
|
||||
AliyunSms::sendValCode('+' . $idd . $pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunIddSignName, $rnrsAliyunIddSmsTemplate);
|
||||
} else {
|
||||
echo "2"; // 拒绝发送
|
||||
}
|
||||
}
|
||||
echo "1"; // 发送成功
|
||||
break;
|
||||
|
||||
default:
|
||||
alertAndBack('非法请求!'); // 未定义请求
|
||||
exit(1);
|
||||
break;
|
||||
}
|
6
js.php
6
js.php
|
@ -15,7 +15,7 @@ function regJS()
|
|||
} else {
|
||||
buttonAcquire.attr("disabled", "true");
|
||||
$.post(
|
||||
"./smsVerify.php",
|
||||
"./api.php",
|
||||
{ act: "UserLoginCode", idd: idd, pn: pn },
|
||||
function (data) {
|
||||
if (data === "1") {
|
||||
|
@ -63,7 +63,7 @@ function updateJS()
|
|||
} else {
|
||||
buttonAcquire.attr("disabled", "true");
|
||||
$.post(
|
||||
"./smsVerify.php",
|
||||
"./api.php",
|
||||
{ act: "UserLoginCode", idd: idd, pn: pn, update: "1" },
|
||||
function (data) {
|
||||
if (data === "1") {
|
||||
|
@ -109,7 +109,7 @@ function verifyJS()
|
|||
buttonAcquire.attr("disabled", "true");
|
||||
var uid = $("input[name=userid]").val();
|
||||
$.post(
|
||||
"./smsVerify.php",
|
||||
"./api.php",
|
||||
{ act: "UserVerifyCode", uid: uid },
|
||||
function (data) {
|
||||
if (data === "1") {
|
||||
|
|
正在加载...
在新工单中引用