195 行
6.6 KiB
PHP
195 行
6.6 KiB
PHP
<?php
|
|
error_reporting(1);
|
|
ini_set('display_errors', 1);
|
|
|
|
session_start();
|
|
|
|
require_once __DIR__ . \DIRECTORY_SEPARATOR . 'loadRequires.php';
|
|
require_once __DIR__ . \DIRECTORY_SEPARATOR . 'template.php';
|
|
|
|
use AlibabaCloud\SDK\Dysmsapi\V20170525\Dysmsapi;
|
|
use AlibabaCloud\Tea\Exception\TeaError;
|
|
use AlibabaCloud\Tea\Utils\Utils;
|
|
|
|
use Darabonba\OpenApi\Models\Config;
|
|
use AlibabaCloud\SDK\Dysmsapi\V20170525\Models\SendSmsRequest;
|
|
use AlibabaCloud\Tea\Utils\Utils\RuntimeOptions;
|
|
|
|
class AliyunSms
|
|
{
|
|
/**
|
|
* 使用AK&SK初始化账号Client
|
|
* @param string $accessKeyId
|
|
* @param string $accessKeySecret
|
|
* @return Dysmsapi Client
|
|
*/
|
|
public static function createClient($accessKeyId, $accessKeySecret)
|
|
{
|
|
$config = new Config([
|
|
// 必填,您的 AccessKey ID
|
|
"accessKeyId" => $accessKeyId,
|
|
// 必填,您的 AccessKey Secret
|
|
"accessKeySecret" => $accessKeySecret
|
|
]);
|
|
// 访问的域名
|
|
$config->endpoint = "dysmsapi.aliyuncs.com";
|
|
return new Dysmsapi($config);
|
|
}
|
|
/**
|
|
* @param string $phoneNumber
|
|
* @param int $valCode
|
|
* @return void
|
|
*/
|
|
public static function sendValCode($phoneNumber, $valCode, $accessKey, $secretKey, $signName, $templateCode)
|
|
{
|
|
$valCodeStr = "{\"code\":\"" . $valCode . "\"}";
|
|
$client = self::createClient($accessKey, $secretKey);
|
|
$sendSmsRequest = new SendSmsRequest(["signName" => $signName, "templateCode" => $templateCode, "phoneNumbers" => $phoneNumber, "templateParam" => $valCodeStr]);
|
|
$runtime = new RuntimeOptions([]);
|
|
try {
|
|
// 复制代码运行请自行打印 API 的返回值
|
|
$client->sendSmsWithOptions($sendSmsRequest, $runtime);
|
|
} catch (Exception $error) {
|
|
if (!($error instanceof TeaError)) {
|
|
$error = new TeaError([], $error->getMessage(), $error->getCode(), $error);
|
|
}
|
|
// 如有需要,请打印 error
|
|
echo Utils::assertAsString($error->message);
|
|
}
|
|
}
|
|
}
|
|
|
|
if (!isset($_POST['act'])) {
|
|
echo "本页面只应被验证码页面调用。";
|
|
exit(1);
|
|
}
|
|
|
|
if (!isset($_SESSION['qwUserId'])) {
|
|
echo "2"; // 拒绝发送
|
|
exit(1);
|
|
}
|
|
|
|
$act = $_POST['act'];
|
|
|
|
## Blacklist
|
|
include_once __DIR__ . \DIRECTORY_SEPARATOR . 'blacklist-pn.php';
|
|
if (!isset($blacklist_pn)) {
|
|
$blacklist_pn = array();
|
|
}
|
|
|
|
switch ($act) {
|
|
case 'UserLoginCode':
|
|
if (!isset($_POST['pn']) || !isset($_POST['idd'])) {
|
|
echo 5; // 缺失参数
|
|
exit(1);
|
|
}
|
|
$pn = $_POST['pn'] ?? '';
|
|
$idd = $_POST['idd'] ?? '';
|
|
$update = $_POST['update'] ?? '0';
|
|
$updateTag = $_SESSION['updateTag'] ?? 0;
|
|
if (isset($_SESSION['expireTime'])) {
|
|
if ($update === '1' && $updateTag === 0) {
|
|
$_SESSION['expireTime'] = time() - 2 * $rnrsSmsExpireTimeout;
|
|
$_SESSION['updateTag'] = 1;
|
|
}
|
|
$originalTime = $_SESSION['expireTime'] - $rnrsSmsExpireTimeout;
|
|
if (time() - $originalTime < 61) {
|
|
echo "4"; // 发送过于频繁,拒绝发送
|
|
exit(1);
|
|
}
|
|
}
|
|
if (in_array($idd . $pn, $blacklist_pn)) {
|
|
echo "10"; // 拒绝发送
|
|
} else {
|
|
if (preg_match("/^(13[0-9]|14[01456879]|15[0-35-9]|16[2567]|17[0-8]|18[0-9]|19[0-35-9])\d{8}$/", $pn) && $idd === '86') {
|
|
$code = sprintf("%06d", mt_rand(000000, 999999));
|
|
$_SESSION['verificationCode'] = $code;
|
|
$_SESSION['expireTime'] = time() + $rnrsSmsExpireTimeout;
|
|
$_SESSION['qwPhoneNumberIdd'] = $idd;
|
|
$_SESSION['qwPhoneNumber'] = $pn;
|
|
AliyunSms::sendValCode($pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunSignName, $rnrsAliyunSmsTemplate);
|
|
echo "1"; // 发送成功
|
|
} else if (isset($rnrsAliyunIddSignName) && isset($rnrsAliyunIddSmsTemplate)) {
|
|
if (preg_match("/^(40[46]\d{5}|409[3-9]\d{4}|42[02-9]\d{5}|43[3-9]\d{5}|44[0-9]\d{5}|45[1-9]\d{5}|4[67][0-9]\d{5}|481\d{5}|482[1-9]\d{4}|48[69]\d{5}|492[3-9]\d{4}|495[2-9]\d{4}|498\d{5}|5[1-79]\d{6}|6[0-9]\d{6}|7[0-3]\d{6}|8[1-9]\d{6}|90[1-9]\d{5}|91[02-9]\d{5}|9[2-8][0-9]\d{5})$/", $pn) && $idd === '852') {
|
|
$code = sprintf("%06d", mt_rand(000000, 999999));
|
|
$_SESSION['verificationCode'] = $code;
|
|
$_SESSION['expireTime'] = time() + $rnrsSmsExpireTimeout;
|
|
$_SESSION['qwPhoneNumberIdd'] = $idd;
|
|
$_SESSION['qwPhoneNumber'] = $pn;
|
|
AliyunSms::sendValCode('+' . $idd . $pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunIddSignName, $rnrsAliyunIddSmsTemplate);
|
|
echo "1"; // 发送成功
|
|
} else if (preg_match("/^(6\d{7})$/", $pn) && $idd === '853') {
|
|
$code = sprintf("%06d", mt_rand(000000, 999999));
|
|
$_SESSION['verificationCode'] = $code;
|
|
$_SESSION['expireTime'] = time() + $rnrsSmsExpireTimeout;
|
|
$_SESSION['qwPhoneNumberIdd'] = $idd;
|
|
$_SESSION['qwPhoneNumber'] = $pn;
|
|
AliyunSms::sendValCode('+' . $idd . $pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunIddSignName, $rnrsAliyunIddSmsTemplate);
|
|
echo "1"; // 发送成功
|
|
} else {
|
|
echo "2"; // 拒绝发送
|
|
exit(1);
|
|
}
|
|
} else {
|
|
echo "2"; // 拒绝发送
|
|
exit(1);
|
|
}
|
|
}
|
|
break;
|
|
|
|
case 'UserVerifyCode':
|
|
if (!isset($_POST['uid'])) {
|
|
echo 5; // 缺失参数
|
|
exit(1);
|
|
}
|
|
if (isset($_SESSION['expireTime'])) {
|
|
$originalTime = $_SESSION['expireTime'] - $rnrsSmsExpireTimeout;
|
|
if (time() - $originalTime < 61) {
|
|
echo "4"; // 发送过于频繁,拒绝发送
|
|
exit(1);
|
|
}
|
|
}
|
|
$uid = $_POST['uid'] ?? '';
|
|
$dsn = "$rnrsDatabaseType:host=$rnrsDatabaseServer;dbname=$rnrsDatabaseName";
|
|
try {
|
|
$dbconn = new PDO($dsn, $rnrsDatabaseUser, $rnrsDatabasePass);
|
|
} catch (PDOException $e) {
|
|
echo "打开数据库错误:" . $e->getMessage();
|
|
}
|
|
$dbconn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
|
|
try {
|
|
$sql = "SELECT * FROM `rnrs_users` WHERE `rnrsu_userid` = $uid;";
|
|
$result = $dbconn->query($sql);
|
|
$rowall = $result->fetchAll();
|
|
foreach ($rowall as $row) {
|
|
$idd = rtrim($row['rnrsu_mobile_idd']);
|
|
$pn = rtrim($row['rnrsu_mobile']);
|
|
}
|
|
} catch (PDOException $e) {
|
|
$dbconn = null;
|
|
echo "获取实名信息时错误:" . $e->getMessage();
|
|
}
|
|
$dbconn = null;
|
|
$code = sprintf("%06d", mt_rand(000000, 999999));
|
|
$_SESSION['verificationCode'] = $code;
|
|
$_SESSION['expireTime'] = time() + $rnrsSmsExpireTimeout;
|
|
if (in_array($_POST['idd'] . $_POST['pn'], $blacklist_pn)) {
|
|
echo "10"; // 拒绝发送
|
|
} else if ($idd === '86') {
|
|
AliyunSms::sendValCode($pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunSignName, $rnrsAliyunSmsTemplate);
|
|
} else {
|
|
if (isset($rnrsAliyunIddSignName) && isset($rnrsAliyunIddSmsTemplate)) {
|
|
AliyunSms::sendValCode('+' . $idd . $pn, $code, $rnrsAliyunAccessKey, $rnrsAliyunSecretKey, $rnrsAliyunIddSignName, $rnrsAliyunIddSmsTemplate);
|
|
} else {
|
|
echo "2"; // 拒绝发送
|
|
}
|
|
}
|
|
echo "1"; // 发送成功
|
|
break;
|
|
|
|
default:
|
|
alertAndBack('非法请求!'); // 未定义请求
|
|
exit(1);
|
|
break;
|
|
}
|