From 50a48207955d7b4c9fba1830fb75266193628339 Mon Sep 17 00:00:00 2001
From: filesite <release@filesite.io>
Date: Tue, 7 May 2024 08:40:57 +0000
Subject: [PATCH] bug fix: check sms code sent phone number with the submit one

---
 themes/tajian/controller/FrontapiController.php | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/themes/tajian/controller/FrontapiController.php b/themes/tajian/controller/FrontapiController.php
index 3b84cb0..82102d7 100644
--- a/themes/tajian/controller/FrontapiController.php
+++ b/themes/tajian/controller/FrontapiController.php
@@ -430,7 +430,7 @@ eof;
     }
 
     //生成4随机数，并保存生成时间，10 分钟内有效
-    protected function generateRandSmsCode() {
+    protected function generateRandSmsCode($cellphone) {
         if(session_status() !== PHP_SESSION_ACTIVE) {
             session_start();
         }
@@ -439,23 +439,27 @@ eof;
 
         $_SESSION['randSmsCode'] = $rndCode;
         $_SESSION['randSmsCode_created'] = time();
+        $_SESSION['smsCodePhone'] = $cellphone;         //保存发送验证码的手机号码，便于在登录、注册的时候验证
 
         return $rndCode;
     }
 
     //短信验证码 10 分钟内有效
-    protected function getMySmsCode() {
+    protected function getMySmsCode($cellphone) {
         if(session_status() !== PHP_SESSION_ACTIVE) {
             session_start();
         }
 
         $rndCode = !empty($_SESSION['randSmsCode']) ? $_SESSION['randSmsCode'] : 0;
         $rndCode_created = !empty($_SESSION['randSmsCode_created']) ? $_SESSION['randSmsCode_created'] : 0;
+        $codeSentPhoneNumber = !empty($_SESSION['smsCodePhone']) ? $_SESSION['smsCodePhone'] : 0;
         $current_time = time();
 
         $max_cache_time = !empty(FSC::$app['config']['sms_code_cache_time']) ? FSC::$app['config']['sms_code_cache_time'] : 600;
         if (!empty($rndCode_created) && $current_time - $rndCode_created > $max_cache_time) {
             $rndCode = 0;
+        }else if (empty($codeSentPhoneNumber) || $cellphone != $codeSentPhoneNumber) {  //检查发送验证码的手机号码跟提交的是否一致
+            $rndCode = 0;
         }
 
         return $rndCode;
@@ -500,7 +504,7 @@ eof;
                 //尝试发送短信验证码
                 $params = array(
                     'phoneNumber' => $cellphone,
-                    'codeNumber' => $this->generateRandSmsCode(),
+                    'codeNumber' => $this->generateRandSmsCode($cellphone),
                     'action' => $action,
                 );
                 $params['sign'] = $this->sign($params, FSC::$app['config']['service_3rd_api_key']);
@@ -565,7 +569,7 @@ eof;
             }
 
             //验证短信验证码是否正确
-            $mySmsCode = $this->getMySmsCode();
+            $mySmsCode = $this->getMySmsCode($cellphone);
             if (empty($mySmsCode) || $mySmsCode != $sms_code) {
                 $err = "{$sms_code} 验证码已过期或错误，请检查是否输入正确";
             }
@@ -629,7 +633,7 @@ eof;
             }
 
             //验证短信验证码是否正确
-            $mySmsCode = $this->getMySmsCode();
+            $mySmsCode = $this->getMySmsCode($cellphone);
             if (empty($mySmsCode) || $mySmsCode != $sms_code) {
                 $err = "{$sms_code} 验证码已过期或错误，请检查是否输入正确";
             }