Merge branch 'feature/account_safe' into dev

Application/Admin/Controller/MendController.class.php

@@ -123,9 +123,9 @@ class MendController extends ThinkController {
             if(self::checkSettlement(strtotime($_POST['order_time']),$_POST['promote_id'])){
                 $this->error('在订单日期内含有已经结算的订单，无法补链');
             }
-            if(self::checkPromote(strtotime($_POST['order_time']),$_POST['account'])){
+            /* if(self::checkPromote(strtotime($_POST['order_time']),$_POST['account'])){
                 $this->error('在订单日期内含有多个推广员，无法补链');
-            }
+            } */
             
             $create = $_REQUEST;
             $create['order_time'] = date($create['order_time']);

Application/Admin/Controller/PublicController.class.php

@@ -41,10 +41,10 @@ class PublicController extends \Think\Controller
             } else { //登录失败
                 switch ($uid) {
                     case -1:
-                        $error = '用户不存在或被禁用！';
+                        $error = '账户或密码错误！';
                         break; //系统级别禁用
                     case -2:
-                        $error = '密码错误！';
+                        $error = '账户或密码错误！';
                         break;
                     default:
                         $error = '未知错误！';

Application/Admin/Model/PromoteModel.class.php

@@ -159,7 +159,7 @@ class PromoteModel extends Model{
         );
         session('promote_auth', $auth);
         session('promote_auth_sign', data_auth_sign($auth));
-
+        session_regenerate_id();
     }
 
     /**
@@ -170,6 +170,7 @@ class PromoteModel extends Model{
         session('promote_auth', null);
         session('promote_auth_sign', null);
         session('game_divide_second_pwd', null);
+        session_regenerate_id();
     }
     
     /**

Application/Admin/Model/UserModel.class.php

@@ -816,6 +816,7 @@ class UserModel extends Model{
         );
         session($session_name, $auth);
         session($session_name.'_sign', data_auth_sign($auth));
+        session_regenerate_id();
     }
     /**
     *更新玩家信息

Application/Base/Service/PromoteService.class.php

@@ -123,7 +123,7 @@ class PromoteService {
             ];
         }
 
-        $shiftTask = M('shift_task', 'sys_')->field(['id'])->where(['type' => $type, 'status' => 0, 'from_promote_id'])->find();
+        $shiftTask = M('shift_task', 'sys_')->field(['id'])->where(['type' => $type, 'status' => 0, 'from_promote_id' => $fromPromoteId])->find();
         if ($shiftTask) {
             return [
                 'status' => false, 

Application/Commerce/Controller/IndexController.class.php

@@ -27,14 +27,14 @@ class IndexController extends \Think\Controller{
         $map['account']=I('post.account');
         $find=M('BusinessAffairs','tab_')->field('id,password')->where($map)->find();
         if(null==$find){
-             $this->ajaxReturn(array('status'=>-1,'msg'=>'账号不存在或被禁用！'));
+             $this->ajaxReturn(array('status'=>-1,'msg'=>'账号或密码错误！'));
         }else{
              $User = new UserApi;
             if($find['password'] ==$this->think_ucenter_md5(I('post.pwd'), UC_AUTH_KEY)){
                 $this->save_login($find['id'],I('post.account'));
                 $this->ajaxReturn(array('status'=>1,'msg'=>'登录成功'));
             }else{
-                $this->ajaxReturn(array('status'=>-1,'msg'=>'密码错误'));
+                $this->ajaxReturn(array('status'=>-1,'msg'=>'账号或密码错误！'));
             }
         }
     }
@@ -82,6 +82,7 @@ class IndexController extends \Think\Controller{
             'account'        => $account,
         );
         session('user_auth_commerce', $auth);
+        session_regenerate_id();
     }
 
     /**

Application/Commerce/View/Index/login.html

@@ -91,11 +91,6 @@
         		username:{
 	                required:true,
 	                rangelength:[6,15],
-	                remote:{
-						url: "{:U('Index/checkAccount')}",     //后台处理程序 
-						type: "post",               //数据发送方式
-						data: {username:function() {return $("#username").val();}}
-					}
 	            },
 	            password:{
 	                required:true,
@@ -109,7 +104,6 @@
        		 	username:{
 	                required:"请输入管理员账号",
 	                rangelength:"账号必须是6~15位字符串",
-	                remote:"账号不存在或被禁用",
 	            },
 	            password:{
 	                required:"请输入密码",

Application/Home/Controller/IndexController.class.php

@@ -79,10 +79,10 @@ class IndexController extends HomeController
             $msg = "";
             switch ($result) {
                 case -1:
-                    $msg = "账号不存在";
+                    $msg = "账号或密码错误！";
                     break;
                 case -2:
-                    $msg = "密码错误";
+                    $msg = "账号或密码错误！";
                     break;
                 case -3:
                     $msg = "账号被禁用,请联系管理员";

Application/Home/View/default/Index/index.html

@@ -165,11 +165,6 @@
                     required:true,
                     rangelength:[6,100],
                     numOrLetter:true,
-                    remote:{
-                        url: "{:U('Index/isExistcheckAccount')}",     //后台处理程序 
-                        type: "post",               //数据发送方式
-                        data: {account:function() {return $(".account").val();}},
-                    }
                 },
                 password:{
                     required:true,
@@ -185,7 +180,6 @@
                 account:{
                     required:"请输入登录账号",
                     rangelength:"账号必须是6-15位字符串",
-                    remote:"账号不存在或被锁定",
                 },
                 password:{
                     required:"请输入登录密码",