fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-04-02 01:52:10 +09:00
Code Issues Projects Releases Packages Wiki Activity

Limit SMS verification attempts to 10 at a time #2480

Browse source
This commit is contained in:
Kijin Sung 2025-02-16 16:00:03 +09:00
parent ae0e13eca9
commit a66b036dd5
3 changed files with 16 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

15
modules/member/member.controller.php
View file

@ -3801,6 +3801,7 @@ class MemberController extends Member
'number' => $phone_number,
'code' => $is_special ? intval($config->special_phone_code) : $code,
'time' => time(),
'count' => 0,
'status' => false,
);
@ -3849,15 +3850,25 @@ class MemberController extends Member
}
$code = intval($code);
if(!isset($_SESSION['verify_by_sms']) || $_SESSION['verify_by_sms']['code'] !== $code)
if(!isset($_SESSION['verify_by_sms']))
{
throw new Rhymix\Framework\Exception('verify_by_sms_code_incorrect');
}
if (isset($_SESSION['verify_by_sms']['count']) && $_SESSION['verify_by_sms']['count'] >= 10)
{
unset($_SESSION['verify_by_sms']);
throw new Rhymix\Framework\Exception('verify_by_sms_code_too_many_tries');
}
if (isset($_SESSION['verify_by_sms']['time']) && $_SESSION['verify_by_sms']['time'] < time() - 600)
{
unset($_SESSION['verify_by_sms']);
throw new Rhymix\Framework\Exception('verify_by_sms_code_expired');
}
if ($_SESSION['verify_by_sms']['code'] !== $code)
{
$_SESSION['verify_by_sms']['count']++;
throw new Rhymix\Framework\Exception('verify_by_sms_code_incorrect');
}
$_SESSION['verify_by_sms']['status'] = true;
return new BaseObject(0, 'verify_by_sms_code_confirmed');