diff --git a/Application/Mobile/Controller/CommonController.class.php b/Application/Mobile/Controller/CommonController.class.php index bbece6e95..2422f594c 100644 --- a/Application/Mobile/Controller/CommonController.class.php +++ b/Application/Mobile/Controller/CommonController.class.php @@ -106,7 +106,9 @@ class CommonController extends BaseController { $gameId = $params['game_id'] ?? 0; #验证短信验证码 - $this->smsVerify($params['account'], $params['verify_code']); + if (!$this->smsVerify($params['account'], $params['verify_code'])) { + $this->respondError('验证失败'); + } $res = $this->doRegister($params['account'], $params['password'], $params['account'], $promoteId, 4, 2, $gameId); if(empty($res)){ @@ -127,7 +129,9 @@ class CommonController extends BaseController { if (empty($params)) { $this->respondError('基础信息不能为空'); } - $this->smsVerify($params['account'], $params['verify_code']); + if (!$this->smsVerify($params['account'], $params['verify_code'])) { + $this->respondError('验证失败'); + } //更新密码 $userApi = new MemberApi(); $userInfo = M("user", "tab_")->where("account = '".$params['account']."'")->find(); @@ -225,22 +229,15 @@ class CommonController extends BaseController { } } - public function smsVerify($phone = '' , $code = '', $type = 2){ + public function smsVerify($phone = '' , $code = '') + { $taskClient = new TaskClient(); $result = $taskClient->checkSms($phone, $code); $data = []; if ($result['code'] == TaskClient::SUCCESS) { - if($type == 1){ - $this->respondSuccess('正确'); - } else { - return true; - } + return true; } else { - if($type == 1){ - $this->respondError($result['message']); - } else { - return false; - } + return false; } } } diff --git a/Application/Mobile/Controller/SsgController.class.php b/Application/Mobile/Controller/SsgController.class.php index d1c80bccb..3f83552de 100644 --- a/Application/Mobile/Controller/SsgController.class.php +++ b/Application/Mobile/Controller/SsgController.class.php @@ -181,7 +181,9 @@ class SsgController extends BaseController { $this -> set_message(1001, "fail", "注册数据不能为空"); } #验证短信验证码 - $this -> sms_verify($user['account'], $user['code']); + if (!$this->sms_verify($user['account'], $user['code'])) { + $this->set_message(1000, "fail", '验证失败'); + } $res = $this -> doRegister($user['account'],$user['password'],$user['account'],$promoteId,4,2, $game_id); if(empty($res)){ @@ -201,7 +203,9 @@ class SsgController extends BaseController { if (empty($user)) { $this -> set_message(1001, "fail", "基础信息不能为空"); } - $this -> sms_verify($user['account'], $user['code']); + if (!$this->sms_verify($user['account'], $user['code'])) { + $this->set_message(1000, "fail", '验证失败'); + } //更新密码 $userApi = new MemberApi(); $userInfo = M("user","tab_")->where("account = '".$user['account']."'")->find(); @@ -441,21 +445,15 @@ class SsgController extends BaseController { return $res; } - public function sms_verify($phone = '' ,$code = '', $type = 2){ - + public function sms_verify($phone , $code) + { $taskClient = new TaskClient(); $result = $taskClient->checkSms($phone, $vcode); $data = []; if ($result['code'] == TaskClient::SUCCESS) { - if ($type == 2) { - return true; - } - $this->set_message(200, "success", "验证成功"); + return true; } else { - if ($type == 2) { - return false; - } - $this->set_message(1000, "fail", $result['message']); + return false; } } diff --git a/Application/Mobile/Controller/UserController.class.php b/Application/Mobile/Controller/UserController.class.php index 4e9498243..2a3a42acf 100644 --- a/Application/Mobile/Controller/UserController.class.php +++ b/Application/Mobile/Controller/UserController.class.php @@ -338,7 +338,9 @@ class UserController extends BaseController $password = $safeinfo['password']; $sex = $safeinfo['sex']; - $this->checksafecode($phone, $safecode, false); + if (!$this->checksafecode($phone, $safecode)) { + return $this->ajaxReturn(array('status' => 0, 'msg' => '验证失败')); + } /**是否开启ucenter**/ @@ -613,22 +615,17 @@ class UserController extends BaseController /** * 手机安全码验证 - * @param bool $flag true 用于直接异步请求 false 用于方法调用 - * @param [type] $vcode [description] */ - public function checksafecode($phone, $vcode, $flag = true) + public function checksafecode($phone, $code) { $taskClient = new TaskClient(); - $result = $taskClient->checkSms($phone, $vcode); + $result = $taskClient->checkSms($phone, $code); $data = []; - if ($result['code'] == TaskClient::SUCCESS) { - $data['status'] = 1; + if ($result && $result['code'] == TaskClient::SUCCESS) { + return true; } else { - $data['status'] = 0; + return false; } - $data['msg'] = $result['message']; - echo json_encode($data); - exit; } /** @@ -641,8 +638,11 @@ class UserController extends BaseController if (IS_POST) { $phone = $_POST['phone']; + $code = $_REQUEST['code']; - $this->checksafecode($phone, $_REQUEST['code'], false); + if (!$this->checksafecode($phone, $code)) { + return $this->ajaxReturn(array('status' => 0, 'msg' => '验证失败')); + } $this->success('验证成功', U('User/forget1', array('phone' => $phone))); @@ -658,8 +658,11 @@ class UserController extends BaseController if (IS_POST) { $new_pwd = $_REQUEST['new_pwd']; $u_uid['phone'] = $_REQUEST['phone']; + $code = $_REQUEST['code']; //验证短信验证码 - $this->checksafecode($u_uid['phone'], $_REQUEST['code'], false); + if (!$this->checksafecode($u_uid['phone'], $code)) { + $this->error("验证失败"); + } $result = M('user', 'tab_')->where($u_uid)->setField('password', think_ucenter_md5($new_pwd, UC_AUTH_KEY)); if ($result != false) { $this->success("修改成功", U('User/login')); @@ -875,7 +878,10 @@ class UserController extends BaseController if (IS_POST) { $code = I("post.scode"); $phone = I("post.phone"); - $this->checksafecode($phone, $code, false); + if (!$this->checksafecode($phone, $code)) { + echo json_encode(array('status' => 0, 'msg' => '验证失败')); + exit(); + } if (!$user['phone']) { $where['account'] = $phone; $where['phone'] = $phone; diff --git a/Application/Mobile/View/User/forget.html b/Application/Mobile/View/User/forget.html index 96be5cbae..401171c11 100644 --- a/Application/Mobile/View/User/forget.html +++ b/Application/Mobile/View/User/forget.html @@ -124,7 +124,7 @@ code:$("#code").val(), new_pwd:new_pwd }, - success:function(result){ + success:function(result) { if(result.status == 1){ pmsg.msg("修改成功"); setTimeout(function () {