Browse Source

短信防刷

lizhen_gitee 3 months ago
parent
commit
7a5fbcbfba
1 changed files with 14 additions and 4 deletions
  1. 14 4
      application/api/controller/Sms.php

+ 14 - 4
application/api/controller/Sms.php

@@ -24,7 +24,7 @@ class Sms extends Api
      */
     public function send()
     {
-        $mobile = $this->request->post("mobile");
+        $mobile = $this->request->post("mobile",'','trim,intval');
         $event = $this->request->post("event");
         $event = 'default';
 
@@ -32,12 +32,15 @@ class Sms extends Api
             $this->error(__('手机号不正确'));
         }
 
+        if(!$this->apiLimit(60,1,'60_'.$mobile)){
+            $this->error('您的手机号发送频繁,请一分钟后再试');
+        };
+        if(!$this->apiLimit(3600,10,'3600_'.$mobile)){
+            $this->error('您的手机号发送频繁,请一小时后再试!');
+        };
         if(!$this->apiLimit(60,10,request()->ip())){
             $this->error('当前发送人数过多,请稍后再试');
         };
-        if(!$this->apiLimit(3600,10,$mobile)){
-            $this->error('您的手机号发送频繁,请稍后再试');
-        };
 
         $last = Smslib::get($mobile, $event);
         if ($last && time() - $last['createtime'] < 60) {
@@ -47,6 +50,12 @@ class Sms extends Api
         if ($ipSendTotal >= 5) {
             $this->error(__('发送频繁,请稍后再试'));
         }
+
+        $userinfo = User::getByMobile($mobile);
+        if (!$userinfo) {
+            $this->error('您的手机号未注册');
+        }
+
         if ($event) {
             $userinfo = User::getByMobile($mobile);
             if ($event == 'register' && $userinfo) {
@@ -81,6 +90,7 @@ class Sms extends Api
      */
     public function check()
     {
+        exit;
         $mobile = $this->request->post("mobile");
         $event = $this->request->post("event");
         $event = $event ? $event : 'register';