update
这个提交包含在:
父节点
8b0bc0798c
当前提交
98f0b672f9
|
|
@ -29,18 +29,19 @@ if (isset($_POST['checker'])) {
|
|||
$qwUserName = $_SESSION['qwUserName'];
|
||||
$qwPhoneNumberIdd = $_SESSION['qwPhoneNumberIdd'];
|
||||
$qwPhoneNumber = $_SESSION['qwPhoneNumber'];
|
||||
$stage = $_SESSION['qwVerifyStage'] ?? '';
|
||||
$oldVerified = $_SESSION['oldVerified'] ?? false;
|
||||
$newVerified = $_SESSION['newVerified'] ?? false;
|
||||
|
||||
if ($_POST['stage'] === 'reg' && $oldVerified !== true) {
|
||||
if ($stage === 'reg' && $oldVerified !== true) {
|
||||
alertAndBack('验证码错误。');
|
||||
exit(1);
|
||||
} else if ($_POST['stage'] === 'verify' && $newVerified !== true) {
|
||||
} else if ($stage === 'update' && $newVerified !== true) {
|
||||
alertAndBack('验证码错误。');
|
||||
exit(1);
|
||||
}
|
||||
|
||||
if (($_POST['stage'] === 'reg' && $oldVerified === true) || ($_POST['stage'] === 'verify' && $newVerified === true)) {
|
||||
if (($stage === 'reg' && $oldVerified === true) || ($stage === 'update' && $newVerified === true)) {
|
||||
session_destroy();
|
||||
|
||||
// 连接数据库
|
||||
|
|
|
|||
94
js.php
94
js.php
|
|
@ -43,38 +43,6 @@ function regJS()
|
|||
);
|
||||
}
|
||||
});
|
||||
$("#button_submit").on("click", function () {
|
||||
var idd = $("#input_idd").val();
|
||||
var pn = $("#input_phonenumber").val();
|
||||
var code = $("#input_code").val();
|
||||
if (!document.getElementById("check_ua").checked) {
|
||||
alert("请确认用户协议和其他文件。");
|
||||
} else {
|
||||
if (idd === "" || pn === "" || code === "") {
|
||||
alert("手机号和验证码不能为空!");
|
||||
} else {
|
||||
$.post(
|
||||
"./smsVerify.php",
|
||||
{ act: "UserLogin", idd: idd, pn: pn, code: code },
|
||||
function (data) {
|
||||
if (data === "1") {
|
||||
$("#exportForm").trigger("submit");
|
||||
} else if (data === "2") {
|
||||
alert("验证码错误。");
|
||||
} else if (data === "3") {
|
||||
alert("验证码已失效,请重新获取。");
|
||||
} else if (data === "4") {
|
||||
alert("获取过于频繁,请稍后再试!");
|
||||
} else if (data === "10") {
|
||||
alert("我们无法为您提供服务,请联系运营者!");
|
||||
} else {
|
||||
alert("网络波动,请稍后再试!");
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
}
|
||||
});
|
||||
</script>
|
||||
EOF;
|
||||
}
|
||||
|
|
@ -125,40 +93,6 @@ function updateJS()
|
|||
);
|
||||
}
|
||||
});
|
||||
$("#button_submit").on("click", function () {
|
||||
var idd = $("#input_idd").val();
|
||||
var pn = $("#input_phonenumber").val();
|
||||
var code = $("#input_code").val();
|
||||
if (!document.getElementById("check_ua").checked) {
|
||||
alert("请确认用户协议和其他文件。");
|
||||
} else {
|
||||
if (idd === "" || pn === "" || code === "") {
|
||||
alert("手机号和验证码不能为空!");
|
||||
} else {
|
||||
$.post(
|
||||
"./smsVerify.php",
|
||||
{ act: "UserLogin", idd: idd, pn: pn, code: code },
|
||||
function (data) {
|
||||
if (data === "1") {
|
||||
$("#exportForm").trigger("submit");
|
||||
} else if (data === "2") {
|
||||
alert("验证码错误。");
|
||||
} else if (data === "3") {
|
||||
alert("验证码已失效,请重新获取。");
|
||||
} else if (data === "4") {
|
||||
alert("获取过于频繁,请稍后再试!");
|
||||
} else if (data === "5") {
|
||||
alert("参数错误或缺失,请联系技术维护团队!");
|
||||
} else if (data === "10") {
|
||||
alert("我们无法为您提供服务,请联系运营者!");
|
||||
} else {
|
||||
alert("网络波动,请稍后再试!");
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
}
|
||||
});
|
||||
</script>
|
||||
EOF;
|
||||
}
|
||||
|
|
@ -202,34 +136,6 @@ function verifyJS()
|
|||
}
|
||||
);
|
||||
});
|
||||
$("#button_submit").on("click", function () {
|
||||
var code = $("#input_code").val();
|
||||
if (code === "") {
|
||||
alert("验证码不能为空!");
|
||||
} else {
|
||||
$.post(
|
||||
"./smsVerify.php",
|
||||
{ act: "UserVerify", code: code },
|
||||
function (data) {
|
||||
if (data === "1") {
|
||||
$("#exportForm").trigger("submit");
|
||||
} else if (data === "2") {
|
||||
alert("验证码错误。");
|
||||
} else if (data === "3") {
|
||||
alert("验证码已失效,请重新获取。");
|
||||
} else if (data === "4") {
|
||||
alert("获取过于频繁,请稍后再试!");
|
||||
} else if (data === "5") {
|
||||
alert("参数错误或缺失,请联系技术维护团队!");
|
||||
} else if (data === "10") {
|
||||
alert("我们无法为您提供服务,请联系运营者!");
|
||||
} else {
|
||||
alert("网络波动,请稍后再试!");
|
||||
}
|
||||
}
|
||||
);
|
||||
}
|
||||
});
|
||||
</script>
|
||||
EOF;
|
||||
}
|
||||
|
|
|
|||
4
reg.php
4
reg.php
|
|
@ -18,7 +18,7 @@ if (!isset($_SESSION['qwUserId']) || !isset($_SESSION['qwUserName'])) {
|
|||
exit(1);
|
||||
} else {
|
||||
$pageContent = <<<EOF
|
||||
<form id="exportForm" action="confirm.php" method="post">
|
||||
<form id="exportForm" action="smsVerify.php" method="post">
|
||||
<label for="checker"></label>
|
||||
<input type="text" name="checker" id="checker" title="checker" value="1" />
|
||||
<label for="stage"></label>
|
||||
|
|
@ -49,7 +49,7 @@ if (!isset($_SESSION['qwUserId']) || !isset($_SESSION['qwUserName'])) {
|
|||
<input type="text" name="input_code" id="input_code" />
|
||||
</p>
|
||||
<p>
|
||||
<input type="checkbox" id="check_ua" />
|
||||
<input type="checkbox" name="check_ua" id="check_ua" />
|
||||
<label for="check_ua">我同意求闻百科的<a href="https://www.qiuwenbaike.cn/wiki/QW:TOU" target="_blank">用户协议</a>和<a href="https://www.qiuwenbaike.cn/wiki/QW:PIPP" target="_blank">个人信息保护方针</a>,并确认我输入的实名信息准确无误。</label>
|
||||
</p>
|
||||
<p>
|
||||
|
|
|
|||
350
smsVerify.php
350
smsVerify.php
|
|
@ -58,7 +58,10 @@ class AliyunSms
|
|||
}
|
||||
}
|
||||
|
||||
if (!isset($_POST['act'])) {
|
||||
if (isset($_POST['act']) && isset($_POST['stage'])) {
|
||||
echo "非法请求";
|
||||
exit(1);
|
||||
} else if (!isset($_POST['act']) || !isset($_POST['stage'])) {
|
||||
echo "本页面只应被验证码页面调用。";
|
||||
exit(1);
|
||||
}
|
||||
|
|
@ -69,6 +72,7 @@ if (!isset($_SESSION['qwUserId'])) {
|
|||
}
|
||||
|
||||
$act = $_POST['act'];
|
||||
$stage = $_POST['stage'];
|
||||
|
||||
## Blacklist
|
||||
include_once __DIR__ . \DIRECTORY_SEPARATOR . 'blacklist-pn.php';
|
||||
|
|
@ -76,160 +80,214 @@ if (!isset($blacklist_pn)) {
|
|||
$blacklist_pn = array();
|
||||
}
|
||||
|
||||
if ($act == 'UserLoginCode') {
|
||||
if (!isset($_POST['pn']) || !isset($_POST['idd'])) {
|
||||
echo 5; // 缺失参数
|
||||
exit(1);
|
||||
}
|
||||
$pn = $_POST['pn'] ?? '';
|
||||
$idd = $_POST['idd'] ?? '';
|
||||
$update = $_POST['update'] ?? '0';
|
||||
$updateTag = $_SESSION['updateTag'] ?? 0;
|
||||
if (isset($_SESSION['expireTime'])) {
|
||||
if ($update === '1' && $updateTag === 0) {
|
||||
$_SESSION['expireTime'] = time() - 2 * $rnrsSmsExpireTimeout;
|
||||
$_SESSION['updateTag'] = 1;
|
||||
}
|
||||
$originalTime = $_SESSION['expireTime'] - $rnrsSmsExpireTimeout;
|
||||
if (time() - $originalTime < 61) {
|
||||
echo "4"; // 发送过于频繁,拒绝发送
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
if (in_array($idd . $pn, $blacklist_pn)) {
|
||||
echo "10"; // 拒绝发送
|
||||
} else {
|
||||
if (preg_match("/^(13[0-9]|14[01456879]|15[0-35-9]|16[2567]|17[0-8]|18[0-9]|19[0-35-9])\d{8}$/", $pn) && $idd === '86') {
|
||||
if (isset($_POST['act'])) {
|
||||
switch ($act) {
|
||||
case 'UserLoginCode':
|
||||
if (!isset($_POST['pn']) || !isset($_POST['idd'])) {
|
||||
echo 5; // 缺失参数
|
||||
exit(1);
|
||||
}
|
||||
$pn = $_POST['pn'] ?? '';
|
||||
$idd = $_POST['idd'] ?? '';
|
||||
$update = $_POST['update'] ?? '0';
|
||||
$updateTag = $_SESSION['updateTag'] ?? 0;
|
||||
if (isset($_SESSION['expireTime'])) {
|
||||
if ($update === '1' && $updateTag === 0) {
|
||||
$_SESSION['expireTime'] = time() - 2 * $rnrsSmsExpireTimeout;
|
||||
$_SESSION['updateTag'] = 1;
|
||||
}
|
||||
$originalTime = $_SESSION['expireTime'] - $rnrsSmsExpireTimeout;
|
||||
if (time() - $originalTime < 61) {
|
||||
echo "4"; // 发送过于频繁,拒绝发送
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
if (in_array($idd . $pn, $blacklist_pn)) {
|
||||
echo "10"; // 拒绝发送
|
||||
} else {
|
||||
if (preg_match("/^(13[0-9]|14[01456879]|15[0-35-9]|16[2567]|17[0-8]|18[0-9]|19[0-35-9])\d{8}$/", $pn) && $idd === '86') {
|
||||
$code = sprintf("%06d", mt_rand(000000, 999999));
|
||||
$_SESSION['verificationCode'] = $code;
|
||||
$_SESSION['expireTime'] = time() + $rnrsSmsExpireTimeout;
|
||||
$_SESSION['qwPhoneNumberIdd'] = $idd;
|
||||
$_SESSION['qwPhoneNumber'] = $pn;
|
||||
AliyunSms::sendValCode($pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunSignName, $rnrsAliyunSmsTemplate);
|
||||
echo "1"; // 发送成功
|
||||
} else if (isset($rnrsAliyunIddSignName) && isset($rnrsAliyunIddSmsTemplate)) {
|
||||
if (preg_match("/^(40[46]\d{5}|409[3-9]\d{4}|42[02-9]\d{5}|43[3-9]\d{5}|44[0-9]\d{5}|45[1-9]\d{5}|4[67][0-9]\d{5}|481\d{5}|482[1-9]\d{4}|48[69]\d{5}|492[3-9]\d{4}|495[2-9]\d{4}|498\d{5}|5[1-79]\d{6}|6[0-9]\d{6}|7[0-3]\d{6}|8[1-9]\d{6}|90[1-9]\d{5}|91[02-9]\d{5}|9[2-8][0-9]\d{5})$/", $pn) && $idd === '852') {
|
||||
$code = sprintf("%06d", mt_rand(000000, 999999));
|
||||
$_SESSION['verificationCode'] = $code;
|
||||
$_SESSION['expireTime'] = time() + $rnrsSmsExpireTimeout;
|
||||
$_SESSION['qwPhoneNumberIdd'] = $idd;
|
||||
$_SESSION['qwPhoneNumber'] = $pn;
|
||||
AliyunSms::sendValCode('+' . $idd . $pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunIddSignName, $rnrsAliyunIddSmsTemplate);
|
||||
echo "1"; // 发送成功
|
||||
} else if (preg_match("/^(6\d{7})$/", $pn) && $idd === '853') {
|
||||
$code = sprintf("%06d", mt_rand(000000, 999999));
|
||||
$_SESSION['verificationCode'] = $code;
|
||||
$_SESSION['expireTime'] = time() + $rnrsSmsExpireTimeout;
|
||||
$_SESSION['qwPhoneNumberIdd'] = $idd;
|
||||
$_SESSION['qwPhoneNumber'] = $pn;
|
||||
AliyunSms::sendValCode('+' . $idd . $pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunIddSignName, $rnrsAliyunIddSmsTemplate);
|
||||
echo "1"; // 发送成功
|
||||
} else {
|
||||
echo "2"; // 拒绝发送
|
||||
exit(1);
|
||||
}
|
||||
} else {
|
||||
echo "2"; // 拒绝发送
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
case 'UserVerifyCode':
|
||||
if (!isset($_POST['uid'])) {
|
||||
echo 5; // 缺失参数
|
||||
exit(1);
|
||||
}
|
||||
if (isset($_SESSION['expireTime'])) {
|
||||
$originalTime = $_SESSION['expireTime'] - $rnrsSmsExpireTimeout;
|
||||
if (time() - $originalTime < 61) {
|
||||
echo "4"; // 发送过于频繁,拒绝发送
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
$uid = $_POST['uid'] ?? '';
|
||||
$dsn = "$rnrsDatabaseType:host=$rnrsDatabaseServer;dbname=$rnrsDatabaseName";
|
||||
try {
|
||||
$dbconn = new PDO($dsn, $rnrsDatabaseUser, $rnrsDatabasePass);
|
||||
} catch (PDOException $e) {
|
||||
echo "打开数据库错误:" . $e->getMessage();
|
||||
}
|
||||
$dbconn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||||
try {
|
||||
$sql = "SELECT * FROM `rnrs_users` WHERE `rnrsu_userid` = $uid;";
|
||||
$result = $dbconn->query($sql);
|
||||
$rowall = $result->fetchAll();
|
||||
foreach ($rowall as $row) {
|
||||
$idd = rtrim($row['rnrsu_mobile_idd']);
|
||||
$pn = rtrim($row['rnrsu_mobile']);
|
||||
}
|
||||
} catch (PDOException $e) {
|
||||
$dbconn = null;
|
||||
echo "获取实名信息时错误:" . $e->getMessage();
|
||||
}
|
||||
$dbconn = null;
|
||||
$code = sprintf("%06d", mt_rand(000000, 999999));
|
||||
$_SESSION['verificationCode'] = $code;
|
||||
$_SESSION['expireTime'] = time() + $rnrsSmsExpireTimeout;
|
||||
$_SESSION['qwPhoneNumberIdd'] = $idd;
|
||||
$_SESSION['qwPhoneNumber'] = $pn;
|
||||
AliyunSms::sendValCode($pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunSignName, $rnrsAliyunSmsTemplate);
|
||||
echo "1"; // 发送成功
|
||||
} else if (isset($rnrsAliyunIddSignName) && isset($rnrsAliyunIddSmsTemplate)) {
|
||||
if (preg_match("/^(40[46]\d{5}|409[3-9]\d{4}|42[02-9]\d{5}|43[3-9]\d{5}|44[0-9]\d{5}|45[1-9]\d{5}|4[67][0-9]\d{5}|481\d{5}|482[1-9]\d{4}|48[69]\d{5}|492[3-9]\d{4}|495[2-9]\d{4}|498\d{5}|5[1-79]\d{6}|6[0-9]\d{6}|7[0-3]\d{6}|8[1-9]\d{6}|90[1-9]\d{5}|91[02-9]\d{5}|9[2-8][0-9]\d{5})$/", $pn) && $idd === '852') {
|
||||
$code = sprintf("%06d", mt_rand(000000, 999999));
|
||||
$_SESSION['verificationCode'] = $code;
|
||||
$_SESSION['expireTime'] = time() + $rnrsSmsExpireTimeout;
|
||||
$_SESSION['qwPhoneNumberIdd'] = $idd;
|
||||
$_SESSION['qwPhoneNumber'] = $pn;
|
||||
AliyunSms::sendValCode('+' . $idd . $pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunIddSignName, $rnrsAliyunIddSmsTemplate);
|
||||
echo "1"; // 发送成功
|
||||
} else if (preg_match("/^(6\d{7})$/", $pn) && $idd === '853') {
|
||||
$code = sprintf("%06d", mt_rand(000000, 999999));
|
||||
$_SESSION['verificationCode'] = $code;
|
||||
$_SESSION['expireTime'] = time() + $rnrsSmsExpireTimeout;
|
||||
$_SESSION['qwPhoneNumberIdd'] = $idd;
|
||||
$_SESSION['qwPhoneNumber'] = $pn;
|
||||
AliyunSms::sendValCode('+' . $idd . $pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunIddSignName, $rnrsAliyunIddSmsTemplate);
|
||||
echo "1"; // 发送成功
|
||||
if (in_array($_POST['idd'] . $_POST['pn'], $blacklist_pn)) {
|
||||
echo "10"; // 拒绝发送
|
||||
} else if ($idd === '86') {
|
||||
AliyunSms::sendValCode($pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunSignName, $rnrsAliyunSmsTemplate);
|
||||
} else {
|
||||
echo "2"; // 拒绝发送
|
||||
if (isset($rnrsAliyunIddSignName) && isset($rnrsAliyunIddSmsTemplate)) {
|
||||
AliyunSms::sendValCode('+' . $idd . $pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunIddSignName, $rnrsAliyunIddSmsTemplate);
|
||||
} else {
|
||||
echo "2"; // 拒绝发送
|
||||
}
|
||||
}
|
||||
echo "1"; // 发送成功
|
||||
break;
|
||||
|
||||
default:
|
||||
alertAndBack('非法请求!'); // 未定义请求
|
||||
exit(1);
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($_POST['stage'])) {
|
||||
switch ($stage) {
|
||||
case 'update':
|
||||
if (!isset($_POST['check_ua']) || (isset($_POST['check_ua']) && !$_POST['check_ua'])) {
|
||||
alertAndBack('请您同意求闻百科的用户协议和个人信息保护方针。'); // 缺失参数
|
||||
exit(1);
|
||||
}
|
||||
} else {
|
||||
echo "2"; // 拒绝发送
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
} else if ($act == 'UserLogin') {
|
||||
if (!isset($_POST['pn']) || !isset($_POST['code'])) {
|
||||
echo 5; // 缺失参数
|
||||
exit(1);
|
||||
}
|
||||
if (in_array($_POST['idd'] . $_POST['pn'], $blacklist_pn)) {
|
||||
echo "10"; // 拒绝发送
|
||||
} else {
|
||||
if ($_SESSION['expireTime'] >= time()) {
|
||||
$code = $_POST['code'] ?? '';
|
||||
$idd = $_POST['idd'] ?? '';
|
||||
$pn = $_POST['pn'] ?? '';
|
||||
if (($code == $_SESSION['verificationCode']) && ($idd == $_SESSION['qwPhoneNumberIdd']) && ($pn == $_SESSION['qwPhoneNumber'])) { // 验证码进行比对
|
||||
if (!isset($_POST['input_code']) || !isset($_POST['input_idd']) || !isset($_POST['input_phonenumber'])) {
|
||||
alertAndBack('手机号和验证码不能为空!'); // 缺失参数
|
||||
exit(1);
|
||||
}
|
||||
if (in_array($_POST['input_idd'] . $_POST['input_phonenumber'], $blacklist_pn)) {
|
||||
echo "10"; // 拒绝发送
|
||||
} else {
|
||||
if ($_SESSION['expireTime'] >= time()) {
|
||||
$code = $_POST['input_code'] ?? '';
|
||||
$idd = $_POST['input_idd'] ?? '';
|
||||
$pn = $_POST['input_phonenumber'] ?? '';
|
||||
if (($code == $_SESSION['verificationCode']) && ($idd == $_SESSION['qwPhoneNumberIdd']) && ($pn == $_SESSION['qwPhoneNumber'])) { // 验证码进行比对
|
||||
unset($_SESSION['verificationCode']);
|
||||
unset($_SESSION['oldVerified']);
|
||||
$_SESSION['qwVerifyStage'] === 'update';
|
||||
$_SESSION['newVerified'] === true;
|
||||
refreshPage('/confirm.php'); // 验证成功
|
||||
} else {
|
||||
alertAndBack('验证码错误!'); // 验证码错误
|
||||
}
|
||||
} else { // 验证码的时间大于当前时间,代表失效了
|
||||
unset($_SESSION['verificationCode']);
|
||||
unset($_SESSION['oldVerified']);
|
||||
unset($_SESSION['newVerified']);
|
||||
unset($_SESSION['qwVerifyStage']);
|
||||
alertAndBack('验证码失效,请重试!'); // 验证码失效了
|
||||
}
|
||||
}
|
||||
break;
|
||||
|
||||
case 'reg':
|
||||
if (!isset($_POST['input_code']) || !isset($_POST['input_idd']) || !isset($_POST['input_phonenumber'])) {
|
||||
alertAndBack('手机号和验证码不能为空!'); // 缺失参数
|
||||
exit(1);
|
||||
}
|
||||
if ($_SESSION['expireTime'] >= time()) {
|
||||
$code = $_POST['input_code'] ?? '';
|
||||
if ($code == $_SESSION['verificationCode']) { // 验证码进行比对
|
||||
unset($_SESSION['verificationCode']);
|
||||
unset($_SESSION['newVerified']);
|
||||
unset($_SESSION['qwVerifyStage']);
|
||||
$_SESSION['qwVerifyStage'] === 'reg';
|
||||
$_SESSION['oldVerified'] === true;
|
||||
refreshPage('/confirm.php'); // 验证成功
|
||||
} else {
|
||||
alertAndBack('验证码错误!'); // 验证码错误
|
||||
}
|
||||
} else { // 验证码的时间大于当前时间,代表失效了
|
||||
unset($_SESSION['verificationCode']);
|
||||
unset($_SESSION['oldVerified']);
|
||||
$_SESSION['newVerified'] === true;
|
||||
echo 1; // 验证成功
|
||||
} else {
|
||||
echo 2; // 验证码错误
|
||||
unset($_SESSION['newVerified']);
|
||||
alertAndBack('验证码失效,请重试!'); // 验证码失效了
|
||||
}
|
||||
} else { // 验证码的时间大于当前时间,代表失效了
|
||||
unset($_SESSION['verificationCode']);
|
||||
unset($_SESSION['oldVerified']);
|
||||
unset($_SESSION['newVerified']);
|
||||
echo 3; // 验证码失效了
|
||||
}
|
||||
}
|
||||
} else if ($act == 'UserVerifyCode') {
|
||||
if (!isset($_POST['uid'])) {
|
||||
echo 5; // 缺失参数
|
||||
exit(1);
|
||||
}
|
||||
if (isset($_SESSION['expireTime'])) {
|
||||
$originalTime = $_SESSION['expireTime'] - $rnrsSmsExpireTimeout;
|
||||
if (time() - $originalTime < 61) {
|
||||
echo "4"; // 发送过于频繁,拒绝发送
|
||||
break;
|
||||
|
||||
case 'verify':
|
||||
if (!isset($_POST['input_code']) || !isset($_POST['input_idd']) || !isset($_POST['input_phonenumber'])) {
|
||||
alertAndBack('手机号和验证码不能为空!'); // 缺失参数
|
||||
exit(1);
|
||||
}
|
||||
if ($_SESSION['expireTime'] >= time()) {
|
||||
$code = $_POST['input_code'] ?? '';
|
||||
if ($code == $_SESSION['verificationCode']) { // 验证码进行比对
|
||||
unset($_SESSION['verificationCode']);
|
||||
unset($_SESSION['newVerified']);
|
||||
unset($_SESSION['qwVerifyStage']);
|
||||
$_SESSION['oldVerified'] === true;
|
||||
refreshPage('/update.php');
|
||||
// echo 1; // 验证成功
|
||||
} else {
|
||||
alertAndBack('验证码错误!'); // 验证码错误
|
||||
}
|
||||
} else { // 验证码的时间大于当前时间,代表失效了
|
||||
unset($_SESSION['verificationCode']);
|
||||
unset($_SESSION['oldVerified']);
|
||||
unset($_SESSION['newVerified']);
|
||||
alertAndBack('验证码失效,请重试!'); // 验证码失效了
|
||||
}
|
||||
break;
|
||||
|
||||
default:
|
||||
alertAndBack('非法请求!'); // 未定义请求
|
||||
exit(1);
|
||||
}
|
||||
break;
|
||||
}
|
||||
$uid = $_POST['uid'] ?? '';
|
||||
$dsn = "$rnrsDatabaseType:host=$rnrsDatabaseServer;dbname=$rnrsDatabaseName";
|
||||
try {
|
||||
$dbconn = new PDO($dsn, $rnrsDatabaseUser, $rnrsDatabasePass);
|
||||
} catch (PDOException $e) {
|
||||
echo "打开数据库错误:" . $e->getMessage();
|
||||
}
|
||||
$dbconn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
||||
try {
|
||||
$sql = "SELECT * FROM `rnrs_users` WHERE `rnrsu_userid` = $uid;";
|
||||
$result = $dbconn->query($sql);
|
||||
$rowall = $result->fetchAll();
|
||||
foreach ($rowall as $row) {
|
||||
$idd = rtrim($row['rnrsu_mobile_idd']);
|
||||
$pn = rtrim($row['rnrsu_mobile']);
|
||||
}
|
||||
} catch (PDOException $e) {
|
||||
$dbconn = null;
|
||||
echo "获取实名信息时错误:" . $e->getMessage();
|
||||
}
|
||||
$dbconn = null;
|
||||
$code = sprintf("%06d", mt_rand(000000, 999999));
|
||||
$_SESSION['verificationCode'] = $code;
|
||||
$_SESSION['expireTime'] = time() + $rnrsSmsExpireTimeout;
|
||||
if (in_array($_POST['idd'] . $_POST['pn'], $blacklist_pn)) {
|
||||
echo "10"; // 拒绝发送
|
||||
} else if ($idd === '86') {
|
||||
AliyunSms::sendValCode($pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunSignName, $rnrsAliyunSmsTemplate);
|
||||
} else {
|
||||
if (isset($rnrsAliyunIddSignName) && isset($rnrsAliyunIddSmsTemplate)) {
|
||||
AliyunSms::sendValCode('+' . $idd . $pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunIddSignName, $rnrsAliyunIddSmsTemplate);
|
||||
} else {
|
||||
echo "2"; // 拒绝发送
|
||||
}
|
||||
}
|
||||
echo "1"; // 发送成功
|
||||
} else if ($act == 'UserVerify') {
|
||||
if (!isset($_POST['code'])) {
|
||||
echo 5; // 缺失参数
|
||||
exit(1);
|
||||
}
|
||||
if ($_SESSION['expireTime'] >= time()) {
|
||||
$code = $_POST['code'] ?? '';
|
||||
if ($code == $_SESSION['verificationCode']) { // 验证码进行比对
|
||||
unset($_SESSION['verificationCode']);
|
||||
unset($_SESSION['newVerified']);
|
||||
$_SESSION['oldVerified'] === true;
|
||||
echo 1; // 验证成功
|
||||
} else {
|
||||
echo 2; // 验证码错误
|
||||
}
|
||||
} else { // 验证码的时间大于当前时间,代表失效了
|
||||
unset($_SESSION['verificationCode']);
|
||||
unset($_SESSION['oldVerified']);
|
||||
unset($_SESSION['newVerified']);
|
||||
echo 3; // 验证码失效了
|
||||
}
|
||||
} else {
|
||||
echo 6; // 未定义请求
|
||||
exit(1);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -22,11 +22,13 @@ if (!isset($_SESSION['qwUserName'])) {
|
|||
exit(1);
|
||||
}
|
||||
|
||||
if ($_POST['stage'] === 'verify' && $oldVerified === true) {
|
||||
if ($oldVerified === true) {
|
||||
$pageContent = <<<EOF
|
||||
<form id="exportForm" action="confirm.php" method="post">
|
||||
<form id="exportForm" action="smsVerify.php" method="post">
|
||||
<label for="checker"></label>
|
||||
<input type="text" name="checker" id="checker" title="checker" value="1" />
|
||||
<label for="stage"></label>
|
||||
<input type="text" name="stage" id="stage" title="stage" value="update" />
|
||||
<label for="userid"></label>
|
||||
<input type="text" name="userid" id="userid" title="userid" value="$qwUserId" />
|
||||
<p>
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ if (!isset($_SESSION['qwUserId']) || !isset($_SESSION['qwUserName']) || !isset($
|
|||
}
|
||||
}
|
||||
$pageContent = <<<EOF
|
||||
<form id="exportForm" action="update.php" method="post">
|
||||
<form id="exportForm" action="smsVerify.php" method="post">
|
||||
<label for="checker"></label>
|
||||
<input type="text" name="checker" id="checker" title="checker" value="1" />
|
||||
<label for="stage"></label>
|
||||
|
|
|
|||
正在加载...
在新工单中引用