isOptions()){ echo ''; die(); } } public function index(){ $post=request()->post(); $username = isset($post['username'])&&$post['username']!="" ? trim($post['username']) :""; if($username==""){ return error_show(1004,"参数username 不能为空"); } $password = isset($post['password'])&&$post['password']!="" ? trim($post['password']):""; if($password==""){ return error_show(1004,"参数username 不能为空"); } $account = Db::name("account")->where(["is_del"=>0,"username"=>$username])->find(); if(empty($account)){ return error_show(1005,"卡号不正确"); } $pass = sha1($password.$account['salt']); if($pass!=$account['password']){ return error_show(1006,"账户密码错误"); } if($account['status']==2){ return error_show(1005,"卡号已过有效期"); } $now =time(); $expire = strtotime($account['expiretime']); $start = strtotime($account['starttime']); if($now<$start){ return error_show(1005,"账户未到生效期"); } if($now>$expire){ return error_show(1005,"账户已过有效期"); } if($account['status']==0){ $account['status']=1; $account['activetime']=date("Y-m-d H:i:s"); $account['updatetime']=date("Y-m-d H:i:s"); Db::name("account")->update($account); } $token = makeToken($account); $userinfo = Db::name("account_info")->alias("a")->join("fc_rela_account b","b.account_info=a.id")->where(["b.accountid"=>$account['id']])->field("a.*")->find(); $userinfo['token'] = $token; write_log("账户{$account['username']}登录系统","","homelogin","",1); return app_show(0,"登录成功",$userinfo); } public function logout(){ $post=request()->post(); $token = isset($post['token'])&&$post['token']!="" ? trim($post['token']) :""; if($token==""){ return error_show(101,"参数token 不能为空"); } $verify = verifyToken($token); if($verify['code']!=0){ return error_show($verify['code'],$verify['msg']); } $info = Db::name("account_token")->where(["token"=>$token])->update(['token'=>""]); if($info){ return app_show(0,"退出成功"); }else{ return error_show(1004,"退出失败"); } } public function passwd(){ $post=request()->post(); $username = isset($post['username']) && $post['username'] !== "" ? $post['username'] : ""; // var_dump($post); if($username==""){ return error_show(1004, "参数username不能为空"); } $info = Db::name("account")->where(["is_del" => 0, "username" =>$username ])->find(); if (empty($info)) { return error_show(1004, "未找到数据"); } $pas = isset($post['pas']) && $post['pas'] !== "" ? trim($post['pas']) : ""; // var_dump($pas); if($pas==""){ return error_show(1002,"参数pas不能为空"); } // var_dump(sha1($pas.$info['salt'])); // var_dump($info['password']); if(sha1($pas.$info['salt'])!==$info['password']){ return error_show(1004, "原密码填写不正确"); } $pasword = isset($post['pasword']) && $post['pasword'] !== "" ? trim($post['pasword']) : ""; // var_dump($pasword); if($pasword===""){ return error_show(1004, "参数password 不能为空"); } if ($pas==$pasword) { return error_show(1004, "新密码不能与原密码相同"); } // if (!checkPasswd($pasword)) { // return error_show(1004, "密码格式不正确"); // } $salt=makeSalt(); $info['salt']=$salt; $info['password']=sha1($pasword . $salt); $info['pwd']=$pasword; $info['updatetime']=date("Y-m-d H:i:s"); $item = Db::name('account')->where(['username'=>$username,'is_del'=>0])->update($info); return $item ?app_show(0,"账户密码修改成功"): error_show(1005, "账户密码修改失败"); } }