mkm/shop-new
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

添加支付密码校验

Browse Source
This commit is contained in:
luofei 2024-03-20 17:38:27 +08:00
parent d404fc4ed2
commit 00b31013a1
4 changed files with 28 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
app/common/repositories/store/order/StoreOrderRepository.php
View File

@ -99,6 +99,7 @@ class StoreOrderRepository extends BaseRepository
const TYPE_SN_REFUND = 'rwx'; const TYPE_SN_REFUND = 'rwx';
public $saleType; public $saleType;
public $transPwd;
/** /**
* StoreOrderRepository constructor. * StoreOrderRepository constructor.
@ -120,7 +121,15 @@ class StoreOrderRepository extends BaseRepository
*/ */
public function pay(string $type, User $user, StoreGroupOrder $groupOrder, $return_url = '', $isApp = false) public function pay(string $type, User $user, StoreGroupOrder $groupOrder, $return_url = '', $isApp = false)
{ {
if (in_array($type, ['balance', 'merBalance'])) {
if (empty($user['withdrawal_pwd'])) {
throw new ValidateException('请设置支付密码');
} elseif ($this->transPwd) {
throw new ValidateException('请输入支付密码');
} elseif (!password_verify((string)$this->transPwd, $user['withdrawal_pwd'])) {
throw new ValidateException('支付密码错误');
}
}
if ($type === 'balance') { if ($type === 'balance') {
return $this->payBalance($user, $groupOrder); return $this->payBalance($user, $groupOrder);
} }

14
app/controller/api/store/merchant/Merchant.php
View File

@ -175,13 +175,19 @@ class Merchant extends BaseController
public function createApply($merId) public function createApply($merId)
{ {
$data = $this->request->param(['extract_money', 'financial_type', 'financial_bank_name', 'financial_bank_bank', 'financial_bank_code', 'financial_bank_branch,withdrawal_pwd']); $data = $this->request->param(['extract_money', 'financial_type', 'financial_bank_name', 'financial_bank_bank', 'financial_bank_code', 'financial_bank_branch', 'withdrawal_pwd']);
$withdrawal_pwd = $data['withdrawal_pwd']; $withdrawal_pwd = $data['withdrawal_pwd'];
if(empty($withdrawal_pwd)) return \app('json')->fail('请输入提现密码');
//找到商户的密码 //找到商户的密码
$userInfo = \app\common\model\system\merchant\Merchant::getDB()->with('user')->where('mer_id',$merId)->find()->toArray(); $userInfo = \app\common\model\system\merchant\Merchant::getDB()->with('user')->where('mer_id',$merId)->find()->toArray();
if (!password_verify($pwd = (string)$withdrawal_pwd, $userInfo['user']['withdrawal_pwd'])) if (empty($userInfo['user']['withdrawal_pwd'])) {
return app('json')->fail('提现密码错误'); return app('json')->fail('请设置支付密码');
}
if(empty($withdrawal_pwd)) {
return app('json')->fail('请输入支付密码');
}
if (!password_verify((string)$withdrawal_pwd, $userInfo['user']['withdrawal_pwd'])) {
return app('json')->fail('提现支付错误');
}
$merchant = app()->make(MerchantRepository::class)->search(['mer_id' => $merId])->field('reg_admin_id,uid,mer_id,mer_name,mer_money,financial_bank,financial_wechat,financial_alipay,financial_type')->find(); $merchant = app()->make(MerchantRepository::class)->search(['mer_id' => $merId])->field('reg_admin_id,uid,mer_id,mer_name,mer_money,financial_bank,financial_wechat,financial_alipay,financial_type')->find();
if (($msg = $this->checkAuth($merchant)) !== true) { if (($msg = $this->checkAuth($merchant)) !== true) {
return app('json')->fail($msg); return app('json')->fail($msg);

1
app/controller/api/store/order/StoreOrder.php
View File

@ -125,6 +125,7 @@ class StoreOrder extends BaseController
return app('json')->status('public', '下单成功', ['order_id' => $groupOrder->group_order_id]); return app('json')->status('public', '下单成功', ['order_id' => $groupOrder->group_order_id]);
} }
try { try {
$this->repository = $this->request->post('withdrawal_pwd');
return $this->repository->pay($payType, $this->request->userInfo(), $groupOrder, $this->request->param('return_url'), $this->request->isApp()); return $this->repository->pay($payType, $this->request->userInfo(), $groupOrder, $this->request->param('return_url'), $this->request->isApp());
} catch (\Exception $e) { } catch (\Exception $e) {
return app('json')->status('error', $e->getMessage(), ['order_id' => $groupOrder->group_order_id]); return app('json')->status('error', $e->getMessage(), ['order_id' => $groupOrder->group_order_id]);

14
app/controller/api/user/User.php
View File

@ -381,7 +381,10 @@ class User extends BaseController
//设置提现密码 //设置提现密码
public function set_withdrawalPassword() public function set_withdrawalPassword()
{ {
$data = $this->request->params([ 'password','repassword']); $data = $this->request->params([ 'password','repassword', 'sms_code']);
$sms_code = app()->make(SmsService::class)->checkSmsCode($this->user->phone, $data['sms_code'], 'set_pwd');
if (!$data['sms_code'] || !$sms_code)
return app('json')->fail('验证码不正确');
if (empty($data['repassword']) || empty($data['password'])) if (empty($data['repassword']) || empty($data['password']))
return app('json')->fail('请输入提现密码'); return app('json')->fail('请输入提现密码');
if ($data['repassword'] !== $data['password']) if ($data['repassword'] !== $data['password'])
@ -396,19 +399,16 @@ class User extends BaseController
public function withdrawalPassword() public function withdrawalPassword()
{ {
$data = $this->request->params(['repassword', 'password', 'sms_code']); $data = $this->request->params(['repassword', 'password', 'sms_code']);
$sms_code = app()->make(SmsService::class)->checkSmsCode($this->user->phone, $data['sms_code'], 'change_pwd');
if (!$data['sms_code'] || !$sms_code)
return app('json')->fail('验证码不正确');
if (!$this->user->phone) if (!$this->user->phone)
return app('json')->fail('请先绑定手机号'); return app('json')->fail('请先绑定手机号');
if (empty($data['repassword']) || empty($data['password'])) if (empty($data['repassword']) || empty($data['password']))
return app('json')->fail('请输入提现密码'); return app('json')->fail('请输入提现密码');
if ($data['repassword'] !== $data['password']) if ($data['repassword'] !== $data['password'])
return app('json')->fail('两次密码不一致'); return app('json')->fail('两次密码不一致');
$sms_code = app()->make(SmsService::class)->checkSmsCode($this->user->phone, $data['sms_code'], 'change_pwd');
if (!$data['sms_code'] || !$sms_code)
return app('json')->fail('验证码不正确');
$password = $this->repository->encodePassword($data['password']); $password = $this->repository->encodePassword($data['password']);
$this->repository->update($this->request->uid(), ['withdrawal_pwd' => $password]); $this->repository->update($this->request->uid(), ['withdrawal_pwd' => $password]);
return app('json')->success('绑定成功'); return app('json')->success('绑定成功');