refactor: reg invite check

src/Controllers/Admin/IpController.php

@@ -17,36 +17,37 @@ use Slim\Http\ServerRequest;
 use function array_map;
 use function array_slice;
 use function count;
+use function str_replace;
 
 final class IpController extends BaseController
 {
     public static array $login_details =
-    [
-        'field' => [
-            'id' => '事件ID',
-            'userid' => '用户ID',
-            'user_name' => '用户名',
-            'ip' => 'IP',
-            'location' => 'IP归属地',
-            'datetime' => '时间',
-            'type' => '类型',
-        ],
-    ];
+        [
+            'field' => [
+                'id' => '事件ID',
+                'userid' => '用户ID',
+                'user_name' => '用户名',
+                'ip' => 'IP',
+                'location' => 'IP归属地',
+                'datetime' => '时间',
+                'type' => '类型',
+            ],
+        ];
 
     public static array $ip_details =
-    [
-        'field' => [
-            'id' => '事件ID',
-            'user_id' => '用户ID',
-            'user_name' => '用户名',
-            'node_id' => '节点ID',
-            'node_name' => '节点名',
-            'ip' => 'IP',
-            'location' => 'IP归属地',
-            'first_time' => '首次连接',
-            'last_time' => '最后连接',
-        ],
-    ];
+        [
+            'field' => [
+                'id' => '事件ID',
+                'user_id' => '用户ID',
+                'user_name' => '用户名',
+                'node_id' => '节点ID',
+                'node_name' => '节点名',
+                'ip' => 'IP',
+                'location' => 'IP归属地',
+                'first_time' => '首次连接',
+                'last_time' => '最后连接',
+            ],
+        ];
 
     /**
      * 后台登录记录页面

src/Controllers/Admin/UserController.php

@@ -16,7 +16,9 @@ use Exception;
 use Psr\Http\Message\ResponseInterface;
 use Slim\Http\Response;
 use Slim\Http\ServerRequest;
+use function str_replace;
 use function time;
+use const PHP_EOL;
 
 final class UserController extends BaseController
 {
@@ -104,6 +106,9 @@ final class UserController extends BaseController
         );
     }
 
+    /**
+     * @throws Exception
+     */
     public function createNewUser(ServerRequest $request, Response $response, array $args): Response|ResponseInterface
     {
         $email = $request->getParam('email');
@@ -111,33 +116,34 @@ final class UserController extends BaseController
         $password = $request->getParam('password');
         $balance = $request->getParam('balance');
 
-        try {
-            if ($email === '') {
-                throw new Exception('请填写邮箱');
-            }
-            if (! Tools::isEmailLegal($email)) {
-                throw new Exception('邮箱格式不正确');
-            }
-            $exist = User::where('email', $email)->first();
-            if ($exist !== null) {
-                throw new Exception('此邮箱已注册');
-            }
-            if ($password === '') {
-                $password = Tools::genRandomChar(16);
-            }
-            AuthController::registerHelper($response, 'user', $email, $password, '', 1, '', 0, $balance, 1);
-            $user = User::where('email', $email)->first();
-            if ($ref_by !== '') {
-                $user->ref_by = (int) $ref_by;
-                $user->save();
-            }
-        } catch (Exception $e) {
+        if ($email === '' || ! Tools::isEmailLegal($email)) {
+            return $response->withJson([
+                'ret' => 0,
+                'msg' => '邮箱格式错误',
+            ]);
+        }
+
+        $exist = User::where('email', $email)->first();
+
+        if ($exist !== null) {
             return $response->withJson([
                 'ret' => 0,
-                'msg' => $e->getMessage(),
+                'msg' => '邮箱已存在',
             ]);
         }
 
+        if ($password === '') {
+            $password = Tools::genRandomChar(16);
+        }
+
+        AuthController::registerHelper($response, 'user', $email, $password, '', 1, '', 0, $balance, 1);
+        $user = User::where('email', $email)->first();
+
+        if ($ref_by !== '') {
+            $user->ref_by = (int) $ref_by;
+            $user->save();
+        }
+
         return $response->withJson([
             'ret' => 1,
             'msg' => '添加成功，用户邮箱：'.$email.' 密码：'.$password,

src/Controllers/AuthController.php

@@ -240,32 +240,13 @@ final class AuthController extends BaseController
         $money,
         $is_admin_reg
     ): ResponseInterface {
-        $user_invite = InviteCode::where('code', $code)->first();
-        $gift_user = null;
         $redir = Cookie::get('redir') ?? '/user';
-
-        if ($user_invite === null && ! $is_admin_reg) {
-            if (Setting::obtain('reg_mode') === 'invite') {
-                return ResponseHelper::error($response, '邀请码无效');
-            }
-        } elseif ($user_invite->user_id !== 0 && ! $is_admin_reg) {
-            $gift_user = User::where('id', $user_invite->user_id)->first();
-            if ($gift_user === null) {
-                return ResponseHelper::error($response, '邀请码无效');
-            }
-
-            if ($gift_user->invite_num === 0) {
-                return ResponseHelper::error($response, '邀请码无效');
-            }
-        }
-
         $configs = Setting::getClass('register');
         // do reg user
         $user = new User();
-        $antiXss = new AntiXSS();
 
-        $user->user_name = $antiXss->xss_clean($name);
-        $user->email = $antiXss->xss_clean($email);
+        $user->user_name = $name;
+        $user->email = $email;
         $user->remark = '';
         $user->pass = Hash::passwordHash($passwd);
         $user->passwd = Tools::genRandomChar(16);
@@ -278,8 +259,9 @@ final class AuthController extends BaseController
         $user->method = $configs['sign_up_for_method'];
         $user->forbidden_ip = Setting::obtain('reg_forbidden_ip');
         $user->forbidden_port = Setting::obtain('reg_forbidden_port');
-        $user->im_type = $antiXss->xss_clean($imtype);
-        $user->im_value = $antiXss->xss_clean($imvalue);
+        $user->im_type = $imtype;
+        $user->im_value = $imvalue;
+        $user->telegram_id = $telegram_id;
 
         $user->transfer_enable = Tools::toGB($configs['sign_up_for_free_traffic']);
         $user->invite_num = $configs['sign_up_for_invitation_codes'];
@@ -293,25 +275,13 @@ final class AuthController extends BaseController
             $user->money = 0;
         }
 
-        //dumplin：填写邀请人，写入邀请奖励
         $user->ref_by = 0;
 
-        if ($user_invite !== null && $user_invite->user_id !== 0) {
-            $invitation = Setting::getClass('invite');
-            // 设置新用户
-            $user->ref_by = $user_invite->user_id;
-            $user->money = $invitation['invitation_to_register_balance_reward'];
-            // 邀请人添加邀请流量
-            $gift_user->transfer_enable += $invitation['invitation_to_register_traffic_reward'] * 1024 * 1024 * 1024;
-            if ($gift_user->invite_num > 0) {
-                --$gift_user->invite_num;
-                // 避免设置为不限制邀请次数的值 -1 发生变动
-            }
-            $gift_user->save();
-        }
-
-        if ($telegram_id) {
-            $user->telegram_id = $telegram_id;
+        if ($code !== '') {
+            $invite = InviteCode::where('code', $code)->first();
+            $invite->reward();
+            $user->ref_by = $invite->user_id;
+            $user->money = Setting::obtain('invitation_to_register_balance_reward');
         }
 
         $ga = new GoogleAuthenticator();
@@ -351,16 +321,15 @@ final class AuthController extends BaseController
         return ResponseHelper::error($response, '未知错误');
     }
 
+    /**
+     * @throws Exception
+     */
     public function registerHandle(ServerRequest $request, Response $response, array $args): Response|ResponseInterface
     {
         if (Setting::obtain('reg_mode') === 'close') {
             return ResponseHelper::error($response, '未开放注册。');
         }
 
-        if (Setting::obtain('reg_mode') === 'invite' && $request->getParam('code') === '') {
-            return ResponseHelper::error($response, '注册需要填写邀请码');
-        }
-
         if (Setting::obtain('enable_reg_captcha')) {
             $ret = Captcha::verify($request->getParams());
             if (! $ret) {
@@ -380,14 +349,36 @@ final class AuthController extends BaseController
         if (! $tos) {
             return ResponseHelper::error($response, '请同意服务条款');
         }
+        // Check Invite Code
+        if ($code === '' && Setting::obtain('reg_mode') === 'invite') {
+            return ResponseHelper::error($response, '邀请码不能为空');
+        }
 
+        if ($code !== '') {
+            $user_invite = InviteCode::where('code', $code)->first();
+
+            if ($user_invite === null) {
+                return ResponseHelper::error($response, '邀请码无效');
+            }
+
+            $gift_user = User::where('id', $user_invite->user_id)->first();
+
+            if ($gift_user === null || $gift_user->invite_num === 0) {
+                return ResponseHelper::error($response, '邀请码无效');
+            }
+        }
+
+        // Check IM
         if (Setting::obtain('enable_reg_im')) {
             $imtype = $antiXss->xss_clean($request->getParam('im_type'));
             $imvalue = $antiXss->xss_clean($request->getParam('im_value'));
+
             if ($imtype === '' || $imvalue === '') {
                 return ResponseHelper::error($response, '请填上你的联络方式');
             }
+
             $user = User::where('im_value', $imvalue)->where('im_type', $imtype)->first();
+
             if ($user !== null) {
                 return ResponseHelper::error($response, '此联络方式已注册');
             }
@@ -406,37 +397,30 @@ final class AuthController extends BaseController
         if ($user !== null) {
             return ResponseHelper::error($response, '邮箱已经被注册了');
         }
-
-        if (Setting::obtain('reg_email_verify')) {
-            $email_code = trim($antiXss->xss_clean($request->getParam('emailcode')));
-            $mailcount = EmailVerify::where('email', '=', $email)
-                ->where('code', '=', $email_code)
-                ->where('expire_in', '>', time())
-                ->first();
-            if ($mailcount === null) {
-                return ResponseHelper::error($response, '你的邮箱验证码不正确');
-            }
-        }
-
         // check pwd length
         if (strlen($passwd) < 8) {
             return ResponseHelper::error($response, '密码请大于8位');
         }
-
         // check pwd re
         if ($passwd !== $repasswd) {
             return ResponseHelper::error($response, '两次密码输入不符');
         }
 
         if (Setting::obtain('reg_email_verify')) {
+            $email_code = trim($antiXss->xss_clean($request->getParam('emailcode')));
+            $email_verify = EmailVerify::where('email', '=', $email)
+                ->where('code', '=', $email_code)
+                ->where('expire_in', '>', time())
+                ->first();
+
+            if ($email_verify === null) {
+                return ResponseHelper::error($response, '你的邮箱验证码不正确');
+            }
+
             EmailVerify::where('email', $email)->delete();
         }
 
-        try {
-            return $this->registerHelper($response, $name, $email, $passwd, $code, $imtype, $imvalue, 0, 0, 0);
-        } catch (Exception $e) {
-            return ResponseHelper::error($response, $e->getMessage());
-        }
+        return $this->registerHelper($response, $name, $email, $passwd, $code, $imtype, $imvalue, 0, 0, 0);
     }
 
     public function logout(ServerRequest $request, Response $response, $next): Response

src/Controllers/User/CouponController.php

@@ -12,6 +12,7 @@ use Psr\Http\Message\ResponseInterface;
 use Slim\Http\Response;
 use Slim\Http\ServerRequest;
 use voku\helper\AntiXSS;
+use function explode;
 use function in_array;
 use function json_decode;
 use function time;

src/Controllers/UserController.php

@@ -266,41 +266,46 @@ final class UserController extends BaseController
     {
         $antiXss = new AntiXSS();
         $user = $this->user;
-        $newemail = $antiXss->xss_clean($request->getParam('newemail'));
-        $oldemail = $user->email;
-        $otheruser = User::where('email', $newemail)->first();
+        $new_email = $antiXss->xss_clean($request->getParam('newemail'));
+        $old_email = $user->email;
 
         if (! $_ENV['enable_change_email']) {
             return ResponseHelper::error($response, '此项不允许自行修改，请联系管理员操作');
         }
 
-        if (Setting::obtain('reg_email_verify')) {
-            $emailcode = $request->getParam('emailcode');
-            $mailcount = EmailVerify::where('email', '=', $newemail)
-                ->where('code', '=', $emailcode)->where('expire_in', '>', time())->first();
-            if ($mailcount === null) {
-                return ResponseHelper::error($response, '你的邮箱验证码不正确');
-            }
-        }
-
-        if ($newemail === '') {
+        if ($new_email === '') {
             return ResponseHelper::error($response, '未填写邮箱');
         }
 
-        $check_res = Tools::isEmailLegal($newemail);
-        if ($check_res['ret'] === 0) {
+        if (! Tools::isEmailLegal($new_email)) {
             return $response->withJson($check_res);
         }
 
-        if ($otheruser !== null) {
+        $exist_user = User::where('email', $new_email)->first();
+
+        if ($exist_user !== null) {
             return ResponseHelper::error($response, '邮箱已经被使用了');
         }
 
-        if ($newemail === $oldemail) {
+        if ($new_email === $old_email) {
             return ResponseHelper::error($response, '新邮箱不能和旧邮箱一样');
         }
 
-        $user->email = $newemail;
+        if (Setting::obtain('reg_email_verify')) {
+            $email_code = $request->getParam('emailcode');
+            $email_verify = EmailVerify::where('email', '=', $new_email)
+                ->where('code', '=', $email_code)
+                ->where('expire_in', '>', time())
+                ->first();
+
+            if ($email_verify === null) {
+                return ResponseHelper::error($response, '你的邮箱验证码不正确');
+            }
+
+            EmailVerify::where('email', $email)->delete();
+        }
+
+        $user->email = $new_email;
 
         if (! $user->save()) {
             return ResponseHelper::error($response, '修改失败');

src/Models/InviteCode.php

@@ -11,4 +11,17 @@ final class InviteCode extends Model
 {
     protected $connection = 'default';
     protected $table = 'user_invite_code';
+
+    public function reward(): void
+    {
+        $user = User::where('id', $this->user_id)->first();
+        $user->transfer_enable += Setting::obtain('invitation_to_register_traffic_reward') * 1024 * 1024 * 1024;
+
+        if ($user->invite_num > 0) {
+            --$user->invite_num;
+            // 避免设置为不限制邀请次数的值 -1 发生变动
+        }
+
+        $user->save();
+    }
 }

src/Services/CronJob.php

@@ -7,7 +7,6 @@ namespace App\Services;
 use App\Models\Ann;
 use App\Models\DetectLog;
 use App\Models\EmailQueue;
-use App\Models\EmailVerify;
 use App\Models\Invoice;
 use App\Models\Node;
 use App\Models\OnlineLog;
@@ -66,7 +65,6 @@ final class CronJob
         UserSubscribeLog::where('request_time', '<', date('Y-m-d H:i:s', time() - 86400 * (int) $_ENV['subscribeLog_keep_days']))->delete();
         UserHourlyUsage::where('datetime', '<', time() - 86400 * (int) $_ENV['trafficLog_keep_days'])->delete();
         DetectLog::where('datetime', '<', time() - 86400 * 3)->delete();
-        EmailVerify::where('expire_in', '<', time() - 86400)->delete();
         EmailQueue::where('time', '<', time() - 86400)->delete();
         PasswordReset::where('expire_time', '<', time() - 86400)->delete();
         OnlineLog::where('last_time', '<', time() - 86400)->delete();