From 84a1855004dd106283ad29b0da7735f896c04efe Mon Sep 17 00:00:00 2001
From: Chishin <pro@xxgzs.org>
Date: Mon, 11 Mar 2019 18:17:29 +0800
Subject: [PATCH] =?UTF-8?q?=E5=A2=9E=E5=8A=A0=E6=89=BE=E5=9B=9E=E5=AF=86?=
 =?UTF-8?q?=E7=A0=81=E9=93=BE=E6=8E=A5=E5=B7=B2=E8=BF=87=E6=9C=9F=E5=8A=9F?=
 =?UTF-8?q?=E8=83=BD?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../Home/Controller/LoginController.class.php  | 18 +++++++++++++-----
 1 file changed, 13 insertions(+), 5 deletions(-)

diff --git a/Application/Home/Controller/LoginController.class.php b/Application/Home/Controller/LoginController.class.php
index 1ff1836..279ede4 100644
--- a/Application/Home/Controller/LoginController.class.php
+++ b/Application/Home/Controller/LoginController.class.php
@@ -37,16 +37,17 @@ public function index(){
                 $DbUser = M("user") -> where("email='$email'") -> find();
                 
                 if(is_array($DbUser)){
+                    $endtime = time() + 7200;
                     $username = $DbUser['username'];
                     $user_pass = $DbUser['password'];
                     $from = $DbUser['email'];
-                    $x = md5($username.'+'.$user_pass);
-                    $String = base64_encode($username.".".$x);
+                    $x = md5($username.'+'.$user_pass.'+'.$endtime);
+                    $String = base64_encode($username.".".$x.".".$endtime);
                     $StrHtml = U('Home/Login/forget','p='.$String,'',true);
                     //发送邮件
                     $address = $from;
                     $subject = "找回密码 - 小歆记账APP";
-                    $body    = "<br>".$username."：<br />请点击下面的链接，按流程进行密码重设。<br><a href=\"".$StrHtml."\">确认密码找回</a><p><pre>".$StrHtml."</pre></br>";   
+                    $body    = "<br>".$username."：<br />请点击下面的链接，按流程进行密码重设。（两小时内有效）<br><a href=\"".$StrHtml."\">确认密码找回</a></br><pre>".$StrHtml."</pre></br>";   
                     $file    = null;
                     if (!SendMail($address,$subject,$body,$file)) {
                         if (I('post.forget_submit') == 'xxjzAUI') {
@@ -278,12 +279,19 @@ public function forget(){
         $array = explode('.',base64_decode($_GET['p']));
         // * $array[0] 为用户名
         // * $array[1] 为我们生成的字符串
+        // * $array[2] 为终止时间戳
         $username = trim($array['0']);
+        $endtime = intval(trim($array['2']));
+        $nowtime = time();
+        if ($nowtime > $endtime) {
+            $this -> error('找回密码链接已过期，请重新获取！', U('/Home/Login/index'));
+            return;
+        }
         $StrUser = "username='$username'";
         $DbUser = M("user");  //实例化jizhang_user
         $password = $DbUser -> where($StrUser)->getField('password');
         //产生配置码 
-        $checkCode = md5($array['0'].'+'.$password);
+        $checkCode = md5($username.'+'.$password.'+'.$endtime);
         //进行配置验证
         if( $array['1'] === $checkCode ){
             if($_POST["forget_submit"]){   
@@ -306,7 +314,7 @@ public function forget(){
                 $this -> display();
             }
         }else{
-            $this -> error('非法操作！', U('/Home/Login/index'));
+            $this -> error('找回密码链接错误，请重新获取链接或联系管理员！', U('/Home/Login/index'));
         }
     }