where($map)->find(); if (empty($info)) { return ajaxReturn(201, '用户名不存在'); } else { $admin_open_sms_code = $info['open_sms_code']; $surplus_time = time() - $info['update_time']; if($info['error_num'] >= 3 && $surplus_time < 3600){ return ajaxReturn(201, '账号已锁定，一小时内无法登录'); } if (md5($password) != $info['password']) { $update_err = []; $update_err['update_time'] = time(); if($info['error_num'] >= 3) { // return ajaxReturn(201, '账号已锁定，一小时内无法登录'); // $update_err['status'] = 2; } db::name('admin')->where('aid',$info['aid'])->inc('error_num',1)->update($update_err); return ajaxReturn(201, '密码错误'); } $ip_address = request()->ip(); // $ip_address = '211.94.238.248'; $address = ip_to_position($ip_address); $province = $address['province']; $city = $address['city']; //该用户是否已退出 if($info['aid'] != 1 || $admin_open_sms_code == 0) { if(!empty($info['login_token'])){ if($ip_address != $info['ip']){ // return ajaxReturn(201, '该账号已被其他人登录'); } } } //发送短信 if(empty($info['phone'])){ $mobile = db::name('admin')->where('aid', 1)->value('phone'); }else{ $mobile = $info['phone']; } $province_time = $province . $city .', 时间 '.date('Y-m-d H:i:s'); $content = '【语音安全监控】你的账号'.$info['user_name'].'正在被登录，登录IP：'.$ip_address.'，登录位置：'.$province_time; $login_token = generateRandom(32); // if ($info['aid'] == 1) { // $login_token = $info['login_token']; // } $data = []; $data['aid'] = $info['aid']; $data['login_token'] = $login_token; $data['ip'] = $ip_address; $data['province'] = $address['province']; $data['city'] = $city; $data['error_num'] = 0; $data['update_time'] = time(); $data['token_validity_time'] = time() + (60*60*12); $reslut = db::name('admin')->update($data); if (!$reslut) { return ajaxReturn(201, '登录失败', ''); } else { $show_mobile = substr_replace($mobile,'****',3,4); $base64_mobile = $this->base64_encode_mobile($mobile); if($admin_open_sms_code == 1) { $data = ['uid' => $info['aid'], 'login_token' => '', 'is_has_warn' => 2, 'show_mobile' => $show_mobile, 'mobile' => $base64_mobile, 'need_sms_code' => 1]; } else { $data = ['uid' => $info['aid'], 'login_token' => $login_token, 'is_has_warn' => 2, 'need_sms_code' => 0]; } return ajaxReturn(200, '登录成功', $data); } } } public function verify() { $config = [ 'codeSet' => '0123456789', // 验证码字体大小 'fontSize' => 30, // 验证码位数 'length' => 4, // 关闭验证码杂点 'useNoise' => false, ]; $captcha = new Captcha($config); return $captcha->entry(); } public function test() { $file = request()->file('file'); $file_category_name = input('file_category', 'all'); $reslut = model('Upload')->qiniu_upload($file, $file_category_name); return ajaxReturn($reslut['code'], $reslut['msg'], $reslut['data']); } private function send_smsbao_msg($mobile, $content){ $config = get_uncache_system_config(); //短信宝 // $url = "https://dx.ipyy.net/smsJson.aspx?action=send&userid=&account=" . $config['huaxin_account'] . "&password=" . $config['huaxin_password'] . "&mobile=" . $mobile . "&content=" . urlencode($content) . "&sendTime=&extno="; $url = "https://api.smsbao.com/sms?u=".$config['smsbao_account']."&p=".md5($config['smsbao_password'])."&m=".$mobile."&c=".urlencode($content) ."&g="; $result = myCurl($url); $result_arr = json_decode($result, true); if ($result_arr == 0) { return ['code' => 200, 'msg' => '发送成功', 'data' => null]; } else { return ['code' => 201, 'msg' => '发送失败', 'data' => null]; } } public function get_mobile_code() { $mobile = input('mobile', ''); $captcha = input('captcha', ''); if (empty($captcha)) { return ajaxReturn(201, '验证码不能为空'); } if (!captcha_check($captcha)) { // 验证失败 return ajaxReturn(201, '验证码错误'); } $mobile = $this->base64_decode_mobile($mobile); $key_name = "admin:cli:get_mobile_code"; redis_lock_exit($key_name); $result = model('api/sms')->send_sms_admin($mobile); redis_unlock($key_name); return ajaxReturn($result['code'], $result['msg'], $result['data']); } public function sms_login() { $aid = input('uid', ''); $mobile = input('mobile', ''); $sms_code = input('sms_code', ''); if(empty($sms_code)) { return ajaxReturn(201, '短信验证码不能为空'); } if(empty($aid)) { return ajaxReturn(201, '管理员账号不能为空'); } if($aid != 1) { return ajaxReturn(201, '非验证码管理员'); } $mobile = $this->base64_decode_mobile($mobile); $result = model('api/sms')->verification_code_admin($mobile, $sms_code); if($result['code'] == 201) { return ajaxReturn($result['code'], $result['msg'], $result['data']); } $map = []; $map[] = ['aid', '=', $aid]; $map[] = ['is_delete', '=', 1]; $info = db::name('admin')->where($map)->find(); if($info['phone'] !== $mobile) { return ajaxReturn(201, '账号错误'); } $ip_address = request()->ip(); $login_token = generateRandom(32); $data = []; $data['aid'] = $info['aid']; $data['login_token'] = $login_token; $data['update_time'] = time(); $data['ip'] = $ip_address; $data['token_validity_time'] = time()+7200; $reslut = db::name('admin')->update($data); if($reslut) { $data = ['uid' => $info['aid'], 'login_token' => $login_token, 'is_has_warn' => 1]; return ajaxReturn(200, '登录成功', $data); } return ajaxReturn(201, '登录失败', $data); } //手机号 public function base64_decode_mobile($mobile) { $mobile = base64_decode($mobile); $mobile_arr = explode('_', $mobile); return $mobile_arr[1]; } //手机号转换数据流 public function base64_encode_mobile($mobile) { $rand_code = 'scsy'; $rand_mobile = $rand_code . '_' . $mobile; return base64_encode($rand_mobile); } }