Added security code

geeeeeeeek · Mar 26, 2017 · e117aeb · e117aeb
1 parent dd6dcde
commit e117aeb
Show file tree

Hide file tree

Showing 6 changed files with 23 additions and 12 deletions.
diff --git a/ajax/getCode.php b/ajax/getCode.php
@@ -1,5 +1,16 @@
 <?php
 require_once '../taobao-sdk-PHP/sendCode.php';
+
+// 安全验证 (防止恶意调用)
+if(isset($_SESSION['send_count'])){
+    $_SESSION['send_count']+=1;
+}else{
+    $_SESSION['send_count']=1;
+}
+if($_SESSION['send_count']>4){
+    exit("超过发送次数");
+}
+
 $arr=$_POST;
 $phone=$_POST['phone'];
 

diff --git a/images/logo-50-50.jpg b/images/logo-50-50.jpg
diff --git a/place.html b/place.html
@@ -367,7 +367,7 @@ <h2>修改密码</h2>
     <script src="scripts/login.js"></script>
     <script src="scripts/cart.lib.js"></script>
     <script src="scripts/cart.js"></script>
-    <script src="scripts/header.js"></script>
+    <script src="scripts/header.js?v=1"></script>
     <script src="scripts/footer.js"></script>
     <script type="text/javascript">
                 $(function(){

diff --git a/scripts/header.js b/scripts/header.js
@@ -69,7 +69,7 @@ function searchPlace(){
             var shopName=arrObj[i].shopName; 
             var shopId=arrObj[i].shopId;
             if(shopName.indexOf(keyword)>=0){ 
-                $(".search-result").append("<a href='/shop/"+shopId+".html'>"+shopName+"</a>");
+                $(".search-result").append("<a href='/shop.html'>"+shopName+"</a>");
                 $(".search-result").show(); 
             }
         }

diff --git a/scripts/login.js b/scripts/login.js
@@ -55,11 +55,11 @@
             $('#register-pwd-error').text('密码不能为空');
             return;
         }  
-        // var md5Code=$.md5(code);
-        // if(md5Code!=code2){
-        //     $('#register-code-error').text('验证码不正确');
-        //     return;
-        // }
+        var md5Code=$.md5(code);
+        if(md5Code!=code2){
+            $('#register-code-error').text('验证码不正确');
+            return;
+        }
         create(phone,pwd,code);
     });
 
@@ -158,13 +158,13 @@
 })(jQuery);
 
 
-var leftSeconds=15;
+var leftSeconds=60;
 function setCodeTime(){  
     $('.phone-code-btn').attr('disabled',"true");
     $('.phone-code-btn').text(leftSeconds+"s");
     leftSeconds--;
     if(leftSeconds<0){
-        leftSeconds=15;
+        leftSeconds=60;
         $('.phone-code-btn').text("重新获取");
         $('.phone-code-btn').removeAttr("disabled");
     }else{
@@ -260,7 +260,6 @@ function getCode(pn){
     $.post(postUrl, 
         {phone:pn}, 
         function(data, status, xhr) {
-            alert(data);
            if(status=="success"){  
                 $res= $.parseJSON(data); 
                 if($res.code=="0"){  

diff --git a/shop.html b/shop.html
@@ -914,8 +914,9 @@
                 <a class="weixin-dingfan fw" href="#">微信订饭</a>
                 <a class="logo" href="/"></a>
                 <div class="search">
-                <img class="search-icon" src="/images/icon_search.png" width="22" height="22">
-                <input class="search-input" type="text" placeholder="请输入楼名">
+                <img class="search-icon" src="/images/icon_search.png" width="20" height="20">
+                <input id="search-input" class="search-input" type="text" placeholder="请输入楼名" onkeypress="onKeySearch()">
+                <span id="search-del" class="search-del">&times;</span> 
                 </div>
                 <div class="clear"></div>
             </div>