Merge branch 'verify'

server/Application/Api/Controller/BaseController.class.php

@@ -44,7 +44,7 @@ class BaseController extends Controller {
 		}
 		
 		if ( ! session("login_user")) {
-			$cookie_token = cookie('cookie_token');
+			$cookie_token = I("user_token") ? I("user_token") : cookie('cookie_token');
 			if ($cookie_token) {
 				$ret = D("UserToken")->getToken($cookie_token);
 				if ($ret && $ret['token_expire'] > time() ) {
@@ -97,6 +97,14 @@ class BaseController extends Controller {
 			header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Connection, User-Agent, Cookie');
 			header('Access-Control-Allow-Credentials: true');//允许跨域请求
 		}
+
+		//来自Html5Plus的应用允许跨域
+		if (strstr($_SERVER['HTTP_USER_AGENT'], "Html5Plus") ) {
+			header('Access-Control-Allow-Origin: *');//允许跨域请求
+			header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Connection, User-Agent, Cookie');
+			header('Access-Control-Allow-Credentials : true');//允许跨域请求
+		}
+
 		echo json_encode($result);
 
 		//如果开启API调试模式，则记录请求参数和返回结果
@@ -117,6 +125,14 @@ class BaseController extends Controller {
 	//返回错误提示
 	protected function sendError($error_code , $error_message = ''){
 		$error_code = $error_code ? $error_code : 10103 ;
+		
+		//来自Html5Plus的应用允许跨域
+		if (strstr($_SERVER['HTTP_USER_AGENT'], "Html5Plus") ) {
+			header('Access-Control-Allow-Origin: *');//允许跨域请求
+			header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Connection, User-Agent, Cookie');
+			header('Access-Control-Allow-Credentials : true');//允许跨域请求
+		}
+
 		if (!$error_message) {
 			$error_codes = C("error_codes");
 			foreach ($error_codes as $key => $value) {

server/Application/Api/Controller/CommonController.class.php

@@ -41,4 +41,41 @@ class CommonController extends BaseController {
       ImageDestroy($im);
     }
 
+    public function createCaptcha(){
+        $captcha = rand(1000, 9999) ;
+        $data = array(
+          "mobile" =>"",
+          "captcha" =>$captcha,
+          "expire_time" =>time()+60*10,
+          );
+        $captcha_id = D("Captcha")->add($data);
+        $this->sendResult(array("captcha_id"=>$captcha_id));
+    }
+
+    public function showCaptcha(){
+      $captcha_id = I("captcha_id/d");
+      $captcha = D("Captcha")->where("captcha_id = '$captcha_id' ")->find();
+
+      $numArray  = array_map('intval', str_split($captcha['captcha']));
+      //生成验证码图片
+      Header("Content-type: image/PNG");
+      $im = imagecreate(44,18); // 画一张指定宽高的图片
+      $back = ImageColorAllocate($im, 245,245,245); // 定义背景颜色
+      imagefill($im,0,0,$back); //把背景颜色填充到刚刚画出来的图片中
+      srand((double)microtime()*1000000);
+      //生成4位数字
+      for($i=0;$i<4;$i++){
+        $font = ImageColorAllocate($im, rand(100,255),rand(0,100),rand(100,255)); // 生成随机颜色
+        imagestring($im, 5, 2+$i*10, 1, $numArray[$i], $font);
+      }
+      for($i=0;$i<200;$i++) //加入干扰象素
+      {
+        $randcolor = ImageColorallocate($im,rand(0,255),rand(0,255),rand(0,255));
+        imagesetpixel($im, rand()%70 , rand()%30 , $randcolor); // 画像素点函数
+      }
+      ImagePNG($im);
+      ImageDestroy($im);
+
+    }
+    
 }

server/Application/Api/Controller/UserController.class.php

@@ -85,6 +85,99 @@ class UserController extends BaseController {
         
     }
     
+    //登录2
+    public function loginByVerify(){
+        $username = I("username");
+        $password = I("password");
+        $captcha_id = I("captcha_id");
+        $captcha = I("captcha");
+        
+        if ( !D("Captcha")->check($captcha_id , $captcha) ) {
+            $this->sendError(10206,L('verification_code_are_incorrect'));
+            return;
+        }
+        $ret = D("User")->checkLogin($username,$password);
+        //如果失败则尝试ldap登录
+        if (!$ret) {
+            $ret = D("User")->checkLdapLogin($username,$password);
+        }
+        
+        if ($ret) {
+          unset($ret['password']);
+          session("login_user" , $ret );
+          D("User")->setLastTime($ret['uid']);
+          $token = D("UserToken")->createToken($ret['uid']);
+          $this->sendResult(array(
+            "uid" => $ret['uid'] ,
+            "username" => $ret['username'] ,
+            "name" => $ret['name'] ,
+            "groupid" => $ret['groupid'] ,
+            "avatar" => $ret['avatar'] ,
+            "avatar_small" => $ret['avatar_small'] ,
+            "email" => $ret['email'] ,
+            "email_verify" => $ret['email_verify'] ,
+            "user_token" => $token ,
+            )); 
+
+        }else{
+            $this->sendError(10204,L('username_or_password_incorrect'));
+            return;
+        }
+        
+    }
+
+    //注册2
+    public function registerByVerify(){
+        $username = trim(I("username"));
+        $password = I("password");
+        $confirm_password = I("confirm_password");
+        $captcha_id = I("captcha_id");
+        $captcha = I("captcha");
+        $register_open = D("Options")->get("register_open" ) ;
+        if ($register_open === '0') {
+           $this->sendError(10101,"管理员已关闭注册");
+           return ;
+        }
+        if ( !D("Captcha")->check($captcha_id , $captcha) ) {
+            $this->sendError(10206,L('verification_code_are_incorrect'));
+            return;
+        }
+        if ( $password != '' && $password == $confirm_password) {
+
+            if ( ! D("User")->isExist($username) ) {
+                $new_uid = D("User")->register($username,$password);
+                if ($new_uid) {
+                    //设置自动登录
+                    $ret = D("User")->where("uid = '$new_uid' ")->find() ;
+                    unset($ret['password']);
+                    session("login_user" , $ret );
+                    $token = D("UserToken")->createToken($ret['uid']);
+                    cookie('cookie_token',$token,array('expire'=>60*60*24*90,'httponly'=>'httponly'));//此处由服务端控制token是否过期，所以cookies过期时间设置多久都无所谓
+                    
+                    $this->sendResult(array(
+                        "uid" => $ret['uid'] ,
+                        "username" => $ret['username'] ,
+                        "name" => $ret['name'] ,
+                        "groupid" => $ret['groupid'] ,
+                        "avatar" => $ret['avatar'] ,
+                        "avatar_small" => $ret['avatar_small'] ,
+                        "email" => $ret['email'] ,
+                        "user_token" => $token ,
+                    ));
+
+                }else{
+                    $this->sendError(10101,'register fail');
+                }
+            }else{
+                $this->sendError(10101,L('username_exists'));
+            }
+
+        }else{
+            $this->sendError(10101,L('code_much_the_same'));
+        }
+
+    }
+
     //获取用户信息
     public function info(){
         $login_user = $this->checkLogin();

server/Application/Api/Model/CaptchaModel.class.php

@@ -0,0 +1,23 @@
+<?php
+namespace Api\Model;
+use Api\Model\BaseModel;
+/**
+ * 
+ * @author star7th      
+ */
+class CaptchaModel extends BaseModel {
+
+	public function check($captcha_id , $captcha){
+		$time = time() ;
+		$captcha_array = $this->where(" captcha_id = '$captcha_id' and expire_time > $time ")->find();
+		if ($captcha_array['captcha'] && $captcha_array['captcha'] == $captcha) {
+			//检查完就设置该验证码过期
+			$this->where(" captcha_id = '$captcha_id'")->save(array("expire_time"=>0));
+			return true ;
+		}else{
+			//删除掉所有过期的二维码
+			//$this->where(" expire_time < '$time' ")->delete();
+		}
+		return false;
+	}
+}

server/Application/Home/Controller/UpdateController.class.php

@@ -215,7 +215,17 @@ class UpdateController extends BaseController {
         `unique_key` CHAR(200) NOT NULL DEFAULT '',
         `page_id` int(11) NOT NULL DEFAULT '0'
         )";
-        D("UserToken")->execute($sql);
+        D("User")->execute($sql);
+
+        //创建captcha表
+        $sql = "CREATE TABLE IF NOT EXISTS `captcha` (
+        `captcha_id`  INTEGER PRIMARY KEY ,
+        `mobile` CHAR(200) NOT NULL DEFAULT '',
+        `captcha` CHAR(200) NOT NULL DEFAULT '',
+        `expire_time` int(11) NOT NULL DEFAULT '0'
+        )";
+        D("User")->execute($sql);
+
 
         echo "OK!\n";
     }