合并分支 'wxg' 到 'master'

Wxg 查看合并请求 !79

合并分支 'wxg' 到 'master'
Wxg 查看合并请求 !79
王晓刚
application/admin/controller/Index.php
application/admin/view/index/login.html
application/index/controller/Goods.php
application/index/view/enter/apply_company.html
application/index/view/goods/search.html
--- a/application/admin/controller/Index.php
查看文件 @37dae20
+++ b/application/admin/controller/Index.php
查看文件 @37dae20
@@ -5,6 +5,7 @@ namespace app\admin\controller;
 use app\admin\model\AdminLog;
 use app\common\controller\Backend;
 use think\Config;
+use think\Db;
 use think\Hook;
 use think\Validate;
@@ -15,7 +16,7 @@ use think\Validate;
 class Index extends Backend
 {
-    protected $noNeedLogin = ['login'];
+    protected $noNeedLogin = ['login','forget','send_ems','verify_code','reset_password'];
     protected $noNeedRight = ['index', 'logout'];
     protected $layout = '';
@@ -119,4 +120,208 @@ class Index extends Backend
         $this->success(__('Logout successful'), 'index/login');
     }
+    /**
+     * 忘记密码
+     */
+    public function forget(){
+        $url = $this->request->get('url', 'index/index');
+        if ($this->auth->isLogin()) {
+            $this->success(__("You've logged in, do not login again"), $url);
+        }
+        if ($this->request->isPost()) {
+            $url = $this->request->get('url', 'index/forget');
+            $email = $this->request->post('email');
+            $rule = [
+                'email'  => 'require|email',
+//                '__token__' => 'require|token',
+            ];
+            $data = [
+                'email'  => $email,
+//                '__token__' => $token,
+            ];
+            $validate = new Validate($rule, [], ['email' => __('email')]);
+            $result = $validate->check($data);
+            if (!$result) {
+                $this->error($validate->getError(), $url, ['token' => $this->request->token()]);
+            }
+            //根据email获取商户信息
+            $admin = Db::name('admin')->where(['email'=>$email])->find();
+            if(empty($admin)){
+                $this->error('当前email尚未绑定');
+            }
+            if(empty($admin['user_id'])){
+                $this->error('平台管理员忘记密码请联系总管理员');
+            }
+            if($admin['status'] != 'normal'){
+                $this->error('您已被拉黑，请联系客服');
+            }
+            //生成验证码
+            $code = generateCode(6);
+            //储存验证码
+            $admin_code = Db::name('admin_code')->where(['email'=>$email])->find();
+            $arr['code'] = $code;
+            $arr['pasttime'] = time()+600;
+            $arr['is_use'] = 0;
+            if(empty($admin_code)){
+                $arr['email'] = $email;
+                $arr['createtime'] = time();
+                $result1 = Db::name('admin_code')->insert($arr);
+            }else{
+                $arr['updatetime'] = time();
+                $result1 = Db::name('admin_code')->where(['id'=>$admin_code['id']])->update($arr);
+            }
+            if(empty($result1)){
+                $this->error('sql执行失败');
+            }
+            //发送验证码
+            $this->send_ems($admin['email'],$code);
+            if ($result) {
+                $this->success('发送成功');
+            } else {
+                $this->error('发送失败');
+            }
+            /*AdminLog::setTitle(__('Login'));
+            $result = $this->auth->login($username, $password, $keeplogin ? 86400 : 0);
+            if ($result === true) {
+                Hook::listen("admin_login_after", $this->request);
+                $this->success(__('Login successful'), $url, ['url' => $url, 'id' => $this->auth->id, 'username' => $username, 'avatar' => $this->auth->avatar]);
+            } else {
+                $msg = $this->auth->getError();
+                $msg = $msg ? $msg : __('Username or password is incorrect');
+                $this->error($msg, $url, ['token' => $this->request->token()]);
+            }*/
+        }
+        $background = Config::get('fastadmin.login_background');
+        $background = stripos($background, 'http') === 0 ? $background : config('site.cdnurl') . $background;
+        $this->view->assign('background', $background);
+        $this->view->assign('title', __('忘记密码'));
+        Hook::listen("admin_login_init", $this->request);
+        return $this->view->fetch();
+    }
+
+    public function send_ems($receiver,$code){
+        \think\Config::set('site', \think\Config::get('site'));
+        $email = new Email();
+        $str = "验证码：$code,10分钟内有效。";
+        $result = $email
+            ->to($receiver)
+            ->subject("金点网-找回密码")
+            ->message($str)
+            ->send();
+        return $result;
+    }
+
+    /**
+     * 验证验证码是否正确
+     */
+    public function verify_code(){
+        if ($this->request->isPost()) {
+            $url = $this->request->get('url', 'index/forget');
+            $email = $this->request->post('email');
+            $code = $this->request->post('code');
+            $rule = [
+                'email'  => 'require|email',
+                'code'   => 'require',
+//                '__token__' => 'require|token',
+            ];
+            $data = [
+                'email'  => $email,
+                'code'   => $code,
+//                '__token__' => $token,
+            ];
+            $validate = new Validate($rule, [], ['email' => __('email'), 'code' => '请输入验证码']);
+            $result = $validate->check($data);
+            if (!$result) {
+                $this->error($validate->getError(), $url, ['token' => $this->request->token()]);
+            }
+            $admin_code = Db::name('admin_code')->where(['email'=>$email])->find();
+            if(empty($admin_code)){
+                $this->error('404');
+            }
+            if(!empty($admin_code['is_use'])){
+                $this->error('验证码已被使用');
+            }
+            if($admin_code['pasttime'] < time()){
+                $this->error('验证码已过期');
+            }
+            if($admin_code['code'] != $code){
+                $this->error('验证码错误');
+            }
+            $result = Db::name('admin_code')->where(['id'=>$admin_code['id']])->update(['is_use'=>1]);
+            if(empty($result)){
+                $this->error('sql执行失败');
+            }
+            //生成令牌（为了安全）
+            $str = "Bronet";
+            $auth_code = config('auth_code');
+            $token = rawurlencode(sha1(md5($str.$auth_code).md5($email)));
+            $this->success('验证通过',url('reset_password',['token'=>$token,'email'=>$email],false,true));
+        }
+    }
+
+    /**
+     * 重置密码页面
+     */
+    public function reset_password(){
+        $url = $this->request->get('url', 'index/index');
+        if ($this->auth->isLogin()) {
+            $this->success(__("You've logged in, do not login again"), $url);
+        }
+        if($this->request->isPost()){
+            $password = $this->request->param('password');
+            $affirm_password = $this->request->param('affirm_password');
+            $email = $this->request->param('email');
+            $token = $this->request->param('token');
+            $rule = [
+                'password'  => 'require|length:3,30',
+                'affirm_password'  => 'require|length:3,30',
+                'email' => 'require|email',
+                'token' => 'require',
+            ];
+            $data = [
+                'password'  => $password,
+                'affirm_password'  => $affirm_password,
+                'email' => $email,
+                'token' => $token,
+            ];
+            $validate = new Validate($rule, [], ['password' => __('password'), 'affirm_password' => __('Password'), 'email' => __('email')]);
+            $result = $validate->check($data);
+            if (!$result) {
+                $this->error($validate->getError(), $url, ['token' => $this->request->token()]);
+            }
+            if($password != $affirm_password){
+                $this->error('两次密码不一致');
+            }
+            $str = "Bronet";
+            $auth_code = config('auth_code');
+            $token2 = rawurlencode(sha1(md5($str.$auth_code).md5($email)));
+            if($token != $token2){
+                $this->error('令牌错误','','','');
+            }
+            $admin = Db::name('admin')->where(['email'=>$email])->find();
+            $password = md5(md5($password) . $admin['salt']);
+            $result = Db::name('admin')->where(['id'=>$admin['id']])->update(['password'=>$password]);
+            if(empty($result)){
+                $this->error('sql执行失败');
+            }
+
+            $this->success('重置成功',$url);
+        }else{
+            $token = $this->request->param('token');
+            $email = $this->request->param('email');
+            $str = "Bronet";
+            $auth_code = config('auth_code');
+            $token2 = rawurlencode(sha1(md5($str.$auth_code).md5($email)));
+            if($token != $token2){
+                $this->error('令牌错误','','','');
+            }
+            $background = Config::get('fastadmin.login_background');
+            $background = stripos($background, 'http') === 0 ? $background : config('site.cdnurl') . $background;
+            $this->view->assign('background', $background);
+            $this->view->assign('title', __('重置密码'));
+            Hook::listen("admin_login_init", $this->request);
+            return $this->view->fetch();
+        }
+    }
+
 }
--- a/application/admin/view/index/login.html
查看文件 @37dae20
+++ b/application/admin/view/index/login.html
查看文件 @37dae20
@@ -90,6 +90,9 @@
                                         <input type="checkbox" name="keeplogin" id="keeplogin" value="1" />
                                         {:__('Keep login')}
                                     </label>
+                                    <!--<label class="inline pull-right" style="cursor:pointer" onclick="window.location.href='{:url('forget')}'">
+                                        忘记密码？
+                                    </label>-->
                                 </div>
                                 <div class="form-group">
                                     <button type="submit" class="btn btn-success btn-lg btn-block">{:__('Sign in')}</button>
--- a/application/index/controller/Goods.php
查看文件 @37dae20
+++ b/application/index/controller/Goods.php
查看文件 @37dae20
@@ -19,7 +19,7 @@ use app\index\model\Store;
 class Goods extends Frontend
 {
-    protected $noNeedLogin = ['*'];
+    protected $noNeedLogin = [''];
     protected $noNeedRight = ['*'];
     public function _initialize()
--- a/application/index/view/enter/apply_company.html
查看文件 @37dae20
+++ b/application/index/view/enter/apply_company.html
查看文件 @37dae20
@@ -802,7 +802,7 @@
             error: function (res) {
                 toast('与服务器断开连接');
             }
-        })
+        });
     }
     //入驻协议radio点击
--- a/application/index/view/goods/search.html
查看文件 @37dae20
+++ b/application/index/view/goods/search.html
查看文件 @37dae20
@@ -818,11 +818,11 @@
     //查询数据
     function searchData(val) {
-        var searchKey = $('#searchVal').val();
+        /*var searchKey = $('#searchVal').val();
         if(searchKey == ''){
             toast('请输入要搜索的内容');
             return;
-        }
+        }*/
         initGoodsList();
         //noResultsTips();
     }