zhaopin/zhaopin.git

			@@ -68,18 +68,17 @@
			* 获取邮件、短信模板
			* @param array $data 传入参数
			* @param string $type 模板类型：email邮箱; msg短信
			* @return mixed
			* @return array
			*/
			public function getTpl($data, $type) {
			$name = $type . $data['type'];


			$row = $this->select_once('templates', array('name' => $name));

			if ($row) {
			$tpl['title'] = $this->_tpl($row['title'], $data);
			$tpl['content'] = $this->_tpl($row['content'], $data);

			$tpl['template_id'] = $row['template_id'];
			return $tpl;
			} else {
			return array('status' => -1, 'msg' => '信息模板有误，请联系管理员');
			@@ -235,12 +234,12 @@
			}

			/**
			* @desc 发送短信
			* @desc 发送短信接口
			* @param $type
			* @param $data
			* @return bool\|string
			* @return array
			*/
			private function postSMS($type = "msgsend", $data = '') {
			private function postSMS($type = "msgsend", $data = []) {
			$sing = $this->config['sy_msg_appsing'];
			$data['content'] = str_replace(array(" ", "　", "\t", "\n", "\r"), array("", "", "", "", ""), $data['content']);
			$url = 'http://api.smsbao.com/sms';
			@@ -285,6 +284,7 @@
			}

			/**
			* @desc 发送短信
			* $data['moblie'] / $data['mobile'] 手机号（必填）
			* $data['content'] 短信内容（必填）
			*
			@@ -297,30 +297,29 @@
			return array('status' => -1, 'msg' => '还没有配置短信，请联系管理员！');
			}

			$data['mobile'] = $data['moblie'] ? $data['moblie'] : $data['mobile'];
			if (!$this->_isKey('mobile', $data) \|\| !CheckMobile($data['mobile'])) {
			return array('status' => -1, 'msg' => '手机号错误');
			}

			if ($this->config['sy_web_mobile'] != '') {
			$regnamer = @explode(';', $this->config['sy_web_mobile']);
			if (in_array($data['mobile'], $regnamer)) {
			return array('status' => -1, 'msg' => '该手机号已被禁止使用');
			}
			}

			if (!$this->_isKey('content', $data) \|\| $data['content'] == '') {
			return array('status' => -1, 'msg' => '短信内容为空');
			}

			//发送短信
			$row = array(

			'appsecret' => $this->config['sy_msg_appsecret'],
			'appkey' => $this->config['sy_msg_appkey'],
			'appsing' => $this->config['sy_msg_appsing'],
			'phone' => $data['mobile'],
			'content' => $data['content'],
			'mid' => isset($data['mid']) ? $data['mid'] : ''
			'sy_sms_secret_id' => $this->config['sy_sms_secret_id'],
			'sy_sms_secret_key' => $this->config['sy_sms_secret_key'],
			'sy_sms_sdk_app_id' => $this->config['sy_sms_sdk_app_id'],
			'sy_sms_sign_name' => $this->config['sy_sms_sign_name'],
			'template_id' => $data['template_id'],
			'phone' => $data['mobile'],
			'code' => $data['code'],
			);

			$location = '';
			@@ -363,7 +362,9 @@
			}
			}
			if (!isset($re['code'])) {
			$re = $this->postSMS('msgsend', $row);
			///// 发送短信 /////
			// $re = $this->postSMS('msgsend', $row);
			$re = $this->sendSmsHttpRequest($row);
			}
			//短信记录保存数据库
			$sql_data = array(
			@@ -376,7 +377,7 @@
			'location' => $location
			);

			if (trim($re) == '0') {
			if ($re['code'] == 1) {
			//检查是否需要发送系统预警
			include_once('warning.model.php');

			@@ -425,10 +426,11 @@
			return $tpl;
			}
			$content = $tpl['content'];
			$template_id = $tpl['template_id'];
			}

			$data['content'] = $content;

			$data['template_id'] = $template_id;
			return $this->sendSMS($data);
			}

			@@ -501,19 +503,20 @@

			/**
			* @desc 短信验证码时效性
			* @param array $data
			* @param string $data
			* @return boolean
			*/
			public function checkTime($data) {
			public function checkTime($data = 0) {
			$cert_validity = $this->config['moblie_codetime'] * 60; // 验证码有效时间
			if (!$data) {
			return false;
			}
			$time = time();
			$ctime = bcsub($time, $data);

			$data = is_numeric($data) ?: 0;
			$ctime = round($time - $data, 2);
			if ($ctime <= $cert_validity) {

			return true;
			} else {

			return false;
			}
			}
			@@ -535,6 +538,7 @@
			$today = strtotime('today');
			$code = gt_Generate_code($length); //验证码
			$lastSend = [];
			$result = [];
			if ($kind == 'msg') {
			///// 短信 /////
			if (!checkMsgOpen($this->config)) {
			@@ -574,6 +578,7 @@
			///// 获取企业认证信息 /////
			$lastSend = $this->select_once('company_cert', array('check' => $sended, 'type' => 7, 'orderby' => 'id,desc'), '`ctime`,`type`');
			} else {
			///// 获取企业认证信息 /////
			$lastSend = $this->select_once('company_cert', array('check' => $sended, 'type' => 2, 'orderby' => 'id,desc'), '`ctime`,`type`');
			}
			if ($lastSend['ctime'] > $overtime) {
			@@ -685,13 +690,13 @@

			/**
			* 按类别发送验证码
			* @param $sended // 发送对象
			* @param $sended // 发送对象-手机号
			* @param $type // 验证码类别
			* @param $code // 验证码
			* @param $kind // 发送类别
			* @param $user // 用户信息
			* @param $port // 端口
			* @return array\|mixed\|number[]\|string[]
			* @return array\|number[]\|string[]
			*/
			private function sendType($sended, $type, $code, $kind = 'msg', $user = array(), $port = null) {
			$finfo = $this->forsend($user); //用户信息
			@@ -705,7 +710,7 @@
			);
			$result = [];
			if ($kind == 'msg') {
			$data['moblie'] = $sended;
			$data['mobile'] = $sended;
			$data['port'] = $port;
			$result = $this->sendSMSType($data);
			} elseif ($kind == 'email') {
			@@ -798,96 +803,102 @@
			* @param $msg
			* @return string
			*/
			function sign($key, $msg) {
			protected function sign($key, $msg) {
			return hash_hmac("sha256", $msg, $key, true);
			}

			/**
			* 发送短信接口-腾讯云
			* @param $params
			* @param $data
			* @return array
			*/
			public function sendSmsHttpRequest($params = []) {
			public function sendSmsHttpRequest($data = []) {
			// 实例化一个认证对象，入参需要传入腾讯云账户 SecretId 和 SecretKey，此处还需注意密钥对的保密
			// 代码泄露可能会导致 SecretId 和 SecretKey 泄露，并威胁账号下所有资源的安全性。以下代码示例仅供参考，建议采用更安全的方式来使用密钥，请参见：https://cloud.tencent.com/document/product/1278/85305
			// 密钥可前往官网控制台 https://console.cloud.tencent.com/cam/capi 进行获取

			$secret_id = $data['sy_sms_secret_id'];
			$secret_key = $data['sy_sms_secret_key'];
			$token = "";

			$service = "sms";
			$host = "sms.tencentcloudapi.com";
			$req_region = "ap-guangzhou";
			$version = "2021-01-11";
			$action = "SendSms";

			//////数字转字符串 //////
			$params = [
			'PhoneNumberSet' => ['+86' . $data['phone']],
			'SmsSdkAppId' => $data['sy_sms_sdk_app_id'],
			'TemplateId' => $data['template_id'],
			'SignName' => $data['sy_sms_sign_name'],
			'TemplateParamSet' => [strval($data['code'])]
			];
			$payload = json_encode($params, JSON_UNESCAPED_UNICODE);
			$endpoint = "https://sms.tencentcloudapi.com";
			$algorithm = "TC3-HMAC-SHA256";
			$timestamp = time();
			$date = gmdate("Y-m-d", $timestamp);

			// *********** 步骤 1：拼接规范请求串 ***********
			$http_request_method = "POST";
			$canonical_uri = "/";
			$canonical_querystring = "";
			$ct = "application/json; charset=utf-8";
			$canonical_headers = "content-type:" . $ct . "\nhost:" . $host . "\nx-tc-action:" . strtolower($action) . "\n";
			$signed_headers = "content-type;host;x-tc-action";
			$hashed_request_payload = hash("sha256", $payload);
			$canonical_request = "$http_request_method\n$canonical_uri\n$canonical_querystring\n$canonical_headers\n$signed_headers\n$hashed_request_payload";

			// *********** 步骤 2：拼接待签名字符串 ***********
			$credential_scope = "$date/$service/tc3_request";
			$hashed_canonical_request = hash("sha256", $canonical_request);
			$string_to_sign = "$algorithm\n$timestamp\n$credential_scope\n$hashed_canonical_request";

			// *********** 步骤 3：计算签名 ***********
			$secret_date = $this->sign("TC3" . $secret_key, $date);
			$secret_service = $this->sign($secret_date, $service);
			$secret_signing = $this->sign($secret_service, "tc3_request");
			$signature = hash_hmac("sha256", $string_to_sign, $secret_signing);

			// *********** 步骤 4：拼接 Authorization ***********
			$authorization = "$algorithm Credential=$secret_id/$credential_scope, SignedHeaders=$signed_headers, Signature=$signature";

			// *********** 步骤 5：构造并发起请求 ***********
			$headers = [
			"Authorization" => $authorization,
			"Content-Type" => "application/json; charset=utf-8",
			"Host" => $host,
			"X-TC-Action" => $action,
			"X-TC-Timestamp" => $timestamp,
			"X-TC-Version" => $version
			];
			if ($req_region) {
			$headers["X-TC-Region"] = $req_region;
			}
			if ($token) {
			$headers["X-TC-Token"] = $token;
			}
			try {
			$secret_id = "SecretId";
			$secret_key = "SecretKey";
			$token = "";

			$service = "sms";
			$host = "sms.tencentcloudapi.com";
			$req_region = "ap-guangzhou";
			$version = "2021-01-11";
			$action = "SendSms";
			// $params = [
			// 'PhoneNumberSet' => '18019261992',
			// 'SmsSdkAppId' => '2343224242',
			// 'TemplateId' => '54645454'
			// ];
			$payload = json_encode($params);
			$endpoint = "https://sms.tencentcloudapi.com";
			$algorithm = "TC3-HMAC-SHA256";
			$timestamp = time();
			$date = gmdate("Y-m-d", $timestamp);

			// *********** 步骤 1：拼接规范请求串 ***********
			$http_request_method = "POST";
			$canonical_uri = "/";
			$canonical_querystring = "";
			$ct = "application/json; charset=utf-8";
			$canonical_headers = "content-type:" . $ct . "\nhost:" . $host . "\nx-tc-action:" . strtolower($action) . "\n";
			$signed_headers = "content-type;host;x-tc-action";
			$hashed_request_payload = hash("sha256", $payload);
			$canonical_request = "$http_request_method\n$canonical_uri\n$canonical_querystring\n$canonical_headers\n$signed_headers\n$hashed_request_payload";

			// *********** 步骤 2：拼接待签名字符串 ***********
			$credential_scope = "$date/$service/tc3_request";
			$hashed_canonical_request = hash("sha256", $canonical_request);
			$string_to_sign = "$algorithm\n$timestamp\n$credential_scope\n$hashed_canonical_request";

			// *********** 步骤 3：计算签名 ***********
			$secret_date = sign("TC3" . $secret_key, $date);
			$secret_service = sign($secret_date, $service);
			$secret_signing = sign($secret_service, "tc3_request");
			$signature = hash_hmac("sha256", $string_to_sign, $secret_signing);

			// *********** 步骤 4：拼接 Authorization ***********
			$authorization = "$algorithm Credential=$secret_id/$credential_scope, SignedHeaders=$signed_headers, Signature=$signature";

			// *********** 步骤 5：构造并发起请求 ***********
			$headers = [
			"Authorization" => $authorization,
			"Content-Type" => "application/json; charset=utf-8",
			"Host" => $host,
			"X-TC-Action" => $action,
			"X-TC-Timestamp" => $timestamp,
			"X-TC-Version" => $version
			];
			if ($req_region) {
			$headers["X-TC-Region"] = $req_region;
			}
			if ($token) {
			$headers["X-TC-Token"] = $token;
			}

			$ch = curl_init();
			curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
			curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
			curl_setopt($ch, CURLOPT_URL, $endpoint);
			curl_setopt($ch, CURLOPT_POST, true);
			curl_setopt($ch, CURLOPT_POST, TRUE);
			curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
			curl_setopt($ch, CURLOPT_HTTPHEADER, array_map(function ($k, $v) {
			return "$k: $v";
			}, array_keys($headers), $headers));
			curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
			curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
			$response = curl_exec($ch);
			curl_close($ch);

			$result = json_decode($response, TRUE);

			if (!$result['Response']['RequestId']) {
			throw new Exception("请求失败", 10000);
			}

			$result_result = [
			'code' => 1,
			'msg' => 'ok',