debug

application/index/controller/Email.php

@@ -0,0 +1,47 @@
+<?php
+/**
+ * User: nickbai
+ * Date: 2017/10/24 10:46
+ * Email: 1902822973@qq.com
+ */
+namespace app\index\controller;
+
+use think\Controller;
+use Xmail\PHPMailer;
+
+class Email extends Controller
+{
+    // 发送邮件
+    public function email(){
+        $email=input("post.email");//获取收件人邮箱
+        $mail = new PHPMailer();
+        $mail->IsSMTP();
+        $mail->isHTML(true);
+        $mail->AltBody    = "更好地查看这封邮件,请打开HTML兼容视图"; // optional, comment out and test
+        $mail->CharSet = 'utf-8';   // 编码格式为utf8，不设置编码的话，中文会出现乱码
+        $mail->SMTPDebug  = 0;                     // enables SMTP debug information
+        $mail->SMTPAuth   = true;                  // enable SMTP authentication
+        $mail->Host       = "smtp.163.com"; // 发送方的SMTP服务器地址
+        $mail->Port       = 25;          // 端口
+        $mail->Password   = "jonlin2468";    //客户端授权密码,而不是邮箱的登录密码！
+        $mail->Username   = "jonlinhuang@163.com"; // 发件人邮箱
+        $mail->SetFrom('jonlinhuang@163.com', '安全猫-系统邮件'); // 安全猫科技有限公司co.ltd
+        $code=rand(100000,999999);
+        session('code', $code, 1800);
+        $mail->Subject = '邮箱验证';
+        $mail->AddAddress($email);
+        $mail->MsgHTML('邮件内容是 <b>您的验证码是：'.$code.'，30分钟内有效</b>，如果非本人操作无需理会！');
+
+        $res = $mail->send();
+        if($res == true){
+            return "发送成功";
+        }else{
+            echo "Message could not be sent.";
+            echo "Mailer Error: " . $mail->ErrorInfo;// 输出错误信息
+        }
+    }
+
+
+
+
+}

application/index/controller/Login.php

@@ -13,11 +13,18 @@ class Login extends Controller
     // 登录首页
     public function index()
     {
+        $token = input("param.token/s");
+        $res = \app\index\model\Accounts::checktoken($token);
+        if($res == -1){
+            return $res;
+        }
+
         $this->assign([
             'version' => config('version')
         ]);
 
         return $this->fetch();
+
     }
 
     // 处理登录
@@ -53,24 +60,27 @@ class Login extends Controller
                 return json(['code' => -5, 'data' => '', 'msg' => '您已被禁用']);
             }
 
-            // 记录用户状态
-            cookie('user_name', $userName, config('save_time'));
-            cookie('user_id', $userInfo['id'], config('save_time'));
+            // 登陆成功 生成token
+            $module = mt_rand(100000,999999);
+            $token = base64_encode($module.'#$@%!^*/'.time().'/'.$userInfo['id']);
             // 更新用户状态
             $param = [
+                'token' => $token,
+                'expire_time' => time(),
                 'last_login_time' => time()
             ];
             db('accounts')->where('id', $userInfo['id'])->update($param);
 
+            $this->assign([
+                'token' => $token
+            ]);
+
             return json(['code' => 1, 'data' => url('user/index'), 'msg' => '登陆成功']);
         }
     }
 
     public function loginOut()
     {
-        cookie('user_name', '');
-        cookie('user_id', '');
-
         $this->redirect(url('login/index'));
     }
 

application/index/controller/Register.php

@@ -7,7 +7,6 @@
 namespace app\index\controller;
 
 use think\Controller;
-use Xmail\PHPMailer;
 
 class Register extends Controller
 {
@@ -47,7 +46,7 @@ class Register extends Controller
                 return json(['code' => -4, 'data' => '', 'msg' => '验证码不能为空']);
             }
 
-            if($emailCode != cookie('code')){
+            if($emailCode != session('code')){
                 return json(['code' => -5, 'data' => '', 'msg' => '验证码不正确']);
             }
 
@@ -73,40 +72,18 @@ class Register extends Controller
 
             $user_id = db('accounts')->insertGetId($userInfo);
 
-            // 记录用户状态
-            cookie('user_name', $userName, config('save_time'));
-            cookie('user_id', $user_id, config('save_time'));
+            // 注册成功 生成token
+            $module = mt_rand(100000,999999);
+            $token = base64_encode($module.'#$@%!^*/'.time().'/'.$userInfo['id']);
+            // 更新用户状态
+            $param = [
+                'token' => $token,
+                'expire_time' => time(),
+            ];
+            db('accounts')->where('id', $user_id)->update($param);
 
             return json(['code' => 1, 'data' => url('user/index'), 'msg' => '注册成功']);
         }
     }
-    public function email(){
-        $email=input("post.email");//获取收件人邮箱
-        $mail = new PHPMailer();
-        $mail->IsSMTP();
-        $mail->isHTML(true);
-        $mail->AltBody    = "更好地查看这封邮件,请打开HTML兼容视图"; // optional, comment out and test
-        $mail->CharSet = 'utf-8';   // 编码格式为utf8，不设置编码的话，中文会出现乱码
-        $mail->SMTPDebug  = 0;                     // enables SMTP debug information
-        $mail->SMTPAuth   = true;                  // enable SMTP authentication
-        $mail->Host       = "smtp.163.com"; // 发送方的SMTP服务器地址
-        $mail->Port       = 25;          // 端口
-        $mail->Password   = "jonlin2468";    //客户端授权密码,而不是邮箱的登录密码！
-        $mail->Username   = "jonlinhuang@163.com"; // 发件人邮箱
-        $mail->SetFrom('jonlinhuang@163.com', '安全猫-系统邮件'); // 安全猫科技有限公司co.ltd
-        $code=rand(100000,999999);
-        cookie('code', $code, config('save_time'));
-        $mail->Subject = '邮箱验证';
-        $mail->AddAddress($email);
-        $mail->MsgHTML('邮件内容是 <b>您的验证码是：'.$code.'</b>，如果非本人操作无需理会！');
-
-        $res = $mail->send();
-        if($res == true){
-            return "发送成功";
-        }else{
-            echo "Message could not be sent.";
-            echo "Mailer Error: " . $mail->ErrorInfo;// 输出错误信息
-        }
-    }
 
 }

application/index/controller/User.php

@@ -0,0 +1,110 @@
+<?php
+namespace app\index\controller;
+
+use think\Controller;
+
+class User extends Controller
+{
+    // 用户首页
+    public function index()
+    {
+        $token = input("param.token/s");
+        $res = \app\index\model\Accounts::checktoken($token);
+        if($res == -1){
+            return $res;
+        }
+        $user_id = explode('/',base64_decode($token))['2'];
+        $userInfo = db('accounts')->where('id', $user_id)->find();
+        //print_r($userInfo);exit;
+        $this->assign([
+            'userInfo' => $userInfo
+        ]);
+
+        return $this->fetch();
+    }
+
+    // 修改密码
+    public function uqdatePwd()
+    {
+        $token = input("param.token/s");
+        $res = \app\index\model\Accounts::checktoken($token);
+        if($res == -1){
+            return $res;
+        }
+        $user_id = explode('/',base64_decode($token))['2'];
+        $userInfo = db('accounts')->where('id', $user_id)->find();
+
+        if(request()->isPost()){
+            $password = input("param.password/s");
+            $newPassword = input("param.newPassword/s");
+            $confirmPassword = input("param.confirmPassword/s");
+        }
+
+        if(empty($password)){
+            return json(['code' => -1, 'data' => '', 'msg' => '原密码不能为空']);
+        }
+
+        if(empty($newPassword)){
+            return json(['code' => -2, 'data' => '', 'msg' => '新密码不能为空']);
+        }
+
+        if(empty($confirmPassword)){
+            return json(['code' => -3, 'data' => '', 'msg' => '确认新密码不能为空']);
+        }
+
+        if($newPassword != $confirmPassword){
+            return json(['code' => -3, 'data' => '', 'msg' => '新密码不一致']);
+        }
+
+        $userInfo = db('accounts')->where('id', $user_id)->find();
+
+        if(md5($password . session('salt')) != $userInfo['password']){
+            return json(['code' => -3, 'data' => '', 'msg' => '原密码不正确']);
+        }
+
+        $param = [
+            'password' => md5($newPassword . config('salt'))
+        ];
+
+        db('accounts')->where('id', $user_id)->update($param);
+
+        return json(['code' => 1, 'data' => url('user/index'), 'msg' => '密码修改成功']);
+
+    }
+
+    // 用户留言
+    public function LeavingMessage()
+    {
+        $token = input("param.token/s");
+        $res = \app\index\model\Accounts::checktoken($token);
+        if($res == -1){
+            return $res;
+        }
+
+        if(request()->isPost()){
+            $title = input("param.title/s");
+            $content = input("param.content/s");
+        }
+
+        if(empty($title)){
+            return json(['code' => -1, 'data' => '', 'msg' => '标题不能为空']);
+        }
+
+        if(empty($content)){
+            return json(['code' => -2, 'data' => '', 'msg' => '内容不能为空']);
+        }
+
+        $param = [
+            'user_id' => session('user_id'),
+            'title' => $title,
+            'content' => $content,
+            'add_time' => time()
+        ];
+
+        db('accounts_message')->insertGetId($param);
+
+        return json(['code' => 1, 'data' => url('user/index'), 'msg' => '留言成功']);
+
+    }
+
+}

application/index/model/Accounts.php

@@ -0,0 +1,35 @@
+<?php
+namespace app\index\model;
+
+use think\Model;
+
+
+class Accounts extends Model
+{
+
+    //用户
+    function getOneAccount($userName)
+    {
+        $res=db('accounts')->where('user_name',$userName)->find();
+        if(!$res){
+            return $res;
+        }
+        return $res;
+    }
+
+    //检测token
+    public static function checktoken($token){
+        $user = db('accounts')->where('token', $token)->find();
+        if(!empty($user)){
+            $time = time()-$user['expire_time'];
+            if($time<3600){
+                db('accounts')->where('id', $user['id'])->update(['expire_time' => time()]);
+                return 1;
+            }else{
+                return -1;
+            }
+        }
+        return -1;
+    }
+
+}