-1, 'msg' => ''); $mobile = trim($mobile); $reg = '/^1[0-9]{10}$/'; if (preg_match($reg, $mobile)) { $is_exsit = M("pf_purchaser")->where("tel='" . $mobile . "'")->count(); if (intval($is_exsit) > 0) { $result['msg'] = "该手机号已存在，请重新填写。"; } else { $result['msg'] = "该号码可以注册!"; $result['error'] = 1; } } else { $result['msg'] = "必须为真实的手机号码,否则无法接收手机验证码!"; } return $result; } function checkexit($mobile = '') { $result = array('error' => -1, 'msg' => ''); $mobile = trim($mobile); $reg = '/^1[0-9]{10}$/'; if (preg_match($reg, $mobile)) { $is_exsit = M("pf_purchaser")->where("tel='" . $mobile . "'")->count(); if (intval($is_exsit) > 0) { $result['msg'] = ""; $result['error'] = 1; } else { $result['msg'] = "该手机号还未注册!"; } } else { $result['msg'] = "必须为真实的手机号码,否则无法接收手机验证码!"; } return $result; } function mVerify($mobile,$ticket,$randStr,$type) { $result = array('error' => -1, 'msg' => ''); $mobile = trim($mobile); if ($mobile) { $reg = '/^1[0-9]{10}$/'; if (preg_match($reg, $mobile)) { $is_exsit = M("pf_purchaser")->where("tel='" . $mobile . "'")->count(); if (intval($is_exsit) > 0 && md5(strtolower($_SERVER['REQUEST_URI'])) != $this->getfromid($type)) { $result['msg'] = '该手机号已被注册,发送失败!'; return $result; } //腾讯验证码 $tencentFields = array(); $tencentFields['Randstr'] = trim($randStr); //随票据生成的随机字符串 $tencentFields['Ticket'] = trim($ticket) ;//需要核查的票据 if ($tencentFields){ $TencentRes = $this->captchaResult($tencentFields); }else{ $TencentRes = array(); $TencentRes['Response']['CaptchaCode'] = 1 ; $TencentRes['retcode'] = 0; } //检查腾讯滑动验证码（防水墙） 2019-10-26 若有防水墙参数，必须通过验证，其他无提交参数的直接通过。 //if($TencentRes['Response']['CaptchaCode'] == 1 && $TencentRes['retcode'] == 0) { if(true){//临时 //开始发送短信到手机端 $verifyNum = rand(111111, 999999); $textTpl = '您的验证码是：' . $verifyNum . '。请不要把验证码泄露给其他人。如非本人操作，可不用理会！'; $returnstatus = $this->sms1($mobile, $textTpl); //if ($returnstatus) { if(true){ F('app_' . $mobile, array( 'value' => md5($verifyNum), 'expire' => strtotime("+25minutes") ,'verifyNum'=>$verifyNum //临时 )); $result['error'] = 1; $result['msg'] = '发送成功!'; } else { $result['msg'] = '短信发送失败!'; } } } else { $result['msg'] = '请填写准确的手机号码!'; } } else { $result['msg'] = '手机号不为空,请填写!'; } return $result; } function mVerify2($mobile) { $result = array('error' => -1, 'msg' => ''); $mobile = trim($mobile); if ($mobile) { $reg = '/^1[0-9]{10}$/'; if (preg_match($reg, $mobile)) { //开始发送短信到手机端 $verifyNum = rand(111111, 999999); $textTpl = '您的验证码是：' . $verifyNum . '。请不要把验证码泄露给其他人。如非本人操作，可不用理会！'; $returnstatus = $this->sms1($mobile, $textTpl); if ($returnstatus) { F('app_' . $mobile, array( 'value' => md5($verifyNum), 'expire' => strtotime("+25minutes") )); // S('appcg_' . $mobile, md5($verifyNum), 1500); $result['error'] = 1; $result['msg'] = '发送成功!'; } else { $result['msg'] = '短信发送失败!'; } } else { $result['msg'] = '请填写准确的手机号码!'; } } else { $result['msg'] = '手机号不为空,请填写!'; } return $result; } protected function sms1($mobile, $content) { ////由于www不能远程数据库端口现在通过副服务器mysql发送手机端信 /* $postFields['mobile'] = $mobile; $postFields['content'] = $content; $result = $this->curl('http://mysql.flowerworld.cn/userz/mobile/msend/',$postFields); if($result=='success'){ return true; }else{ return false; }*/ ////2016-11-30 短信通道改为云信www.sms.cn $remoteAddress = $_SERVER['REMOTE_ADDR']; if(!$remoteAddress) { $remoteAddress = '0.0.0.0'; } LOG::write($remoteAddress. ' - '. $mobile.' - '.$content, 'notice'); if(!valideSmsLimit($_SERVER['REMOTE_ADDR'], $mobile)) { LOG::write($remoteAddress. ' - '. $mobile.' 短信发送超出限制', 'error'); return false; } $smsconfig = require(APP_PATH . 'Conf/sms.php'); $url = "http://api.sms.cn/sms/?ac=send"; $postFields = array(); $postFields['uid'] = $smsconfig['uid']; $postFields['pwd'] = md5($smsconfig['pwd'] . $smsconfig['uid']); $postFields['mobile'] = $mobile; $postFields['content'] = urlencode("【花卉世界网】" . $content); $result = $this->curl($url, $postFields); $rs = json_decode($result,true); //$rs = json_decode(iconv('gbk', 'utf-8', $result), true); if ($rs['stat'] == '100') { return true; } else { return false; } } protected function getfromid($type=0) { /*获取检验*/ if ($type !=1){ return md5('/appcg/login/findpwd2/'); }else{ return md5('/appcg/login/sendverifycode/'); } } function checkmVerify($mobile = '', $mverify = '') { $result = array('error' => -1, 'msg' => ''); $mverify = trim($mverify); $mobile = trim($mobile); $cacheData = F('app_' . $mobile); // if (S('appcg_' . $mobile) == md5($mverify) && !empty($mobile) && !empty($mverify)) { if (isset($cacheData['expire']) && time() <= $cacheData['expire'] && $cacheData['value'] == md5($mverify) && !empty($mobile) && !empty($mverify)) { $result['msg'] = 'success'; $result['error'] = 1; } else { $result['msg'] = '手机验证码错误,请重新输入!'; } return $result; } /** * 腾讯防水墙验证码（滑动） */ protected function captchaResult($tencentFields){ $captchaConfig= require(APP_PATH.'Conf/tencentCaptcha.php');//引用配置 $url = "https://captcha.tencentcloudapi.com/?"; $postFields = array(); $postFields['Action'] = "DescribeCaptchaResult"; $postFields['AppSecretKey'] = $captchaConfig['AppSecretKey']; $postFields['CaptchaAppId'] = $captchaConfig['appid']; //APPID $postFields['CaptchaType'] = 9; //验证码类型9：滑动验证码 $postFields['Randstr'] = $tencentFields['Randstr']; //随票据生成的随机字符串 $postFields['Ticket'] = $tencentFields['Ticket'];//需要核查的票据 $postFields['UserIp'] = $this->getIp(); //用户的ip地址 $postFields['Version'] = "2019-07-22"; //版本号 $postFields['Timestamp'] = time();//当前系统时间 $postFields['Nonce'] = mt_rand(); $postFields['SecretId'] = $captchaConfig['SecretId']; //生成签名参数之一 //必须官方参数排序 $param["Nonce"] = $postFields['Nonce']; $param["Timestamp"] = $postFields['Timestamp']; $param["SecretId"] = $postFields['SecretId']; $param["Action"] = $postFields['Action']; $param["Version"] = $postFields['Version']; $param["CaptchaType"] = $postFields['CaptchaType']; $param["Ticket"] = $postFields['Ticket']; $param["UserIp"] = $postFields['UserIp']; $param["Randstr"] = $postFields['Randstr']; $param["CaptchaAppId"] = $postFields['CaptchaAppId']; $param["AppSecretKey"] = $postFields['AppSecretKey']; ###官方增加两个字段（签名使用） $param["Region"] = "ap-guangzhou"; //使用地区 $param["Token"] = ''; //token ksort($param);//根据键名排序 // 生成待签名字符串 $signStr = "POSTcaptcha.tencentcloudapi.com/?"; foreach ( $param as $key => $value ) { $signStr = $signStr . $key . "=" . $value . "&"; } $signStr = substr($signStr, 0, -1); // 生成签名 $signature = base64_encode(hash_hmac("sha1", $signStr, $captchaConfig['SecretKey'], true)); $param['Signature'] = $signature; //添加签名参数 ksort($param);//根据键名排序（再次排序） $res = $this->curl($url,$param); $rs = json_decode($res,true); return $rs; } function curl($url, $postFields = null) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_FAILONERROR, false); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); curl_setopt($ch, CURLOPT_ENCODING, ""); if (is_array($postFields) && 0 < count($postFields)) { $postBodyString = ""; foreach ($postFields as $k => $v) { $postBodyString .= "$k=" . urlencode($v) . "&"; } unset($k, $v); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, substr($postBodyString, 0, -1)); } $reponse = curl_exec($ch); curl_close($ch); return $reponse; } //获取用户IP地址 public function getIp() { if(!empty($_SERVER["HTTP_CLIENT_IP"])) { $cip = $_SERVER["HTTP_CLIENT_IP"]; } else if(!empty($_SERVER["HTTP_X_FORWARDED_FOR"])) { $cip = $_SERVER["HTTP_X_FORWARDED_FOR"]; } else if(!empty($_SERVER["REMOTE_ADDR"])) { $cip = $_SERVER["REMOTE_ADDR"]; } else { $cip = ''; } preg_match("/[\d\.]{7,15}/", $cip, $cips); $cip = isset($cips[0]) ? $cips[0] : 'unknown'; unset($cips); return $cip; } }