fanli-server.git

			@@ -10,10 +10,13 @@
			import org.springframework.stereotype.Controller;
			import org.springframework.web.bind.annotation.RequestMapping;
			import org.yeshi.utils.JsonUtil;
			import org.yeshi.utils.encrypt.DESUtil;

			import com.alipay.api.AlipayApiException;
			import com.yeshi.fanli.entity.accept.AcceptData;
			import com.yeshi.fanli.entity.bus.user.BindingAccount;
			import com.yeshi.fanli.entity.bus.user.ForbiddenUserIdentifyCode;
			import com.yeshi.fanli.entity.bus.user.ForbiddenUserIdentifyCode.ForbiddenUserIdentifyCodeTypeEnum;
			import com.yeshi.fanli.entity.bus.user.LoginResult;
			import com.yeshi.fanli.entity.bus.user.SMSHistory;
			import com.yeshi.fanli.entity.bus.user.UserInfo;
			@@ -43,6 +46,7 @@
			import com.yeshi.fanli.service.inter.user.AccountMessageService;
			import com.yeshi.fanli.service.inter.user.BindingAccountService;
			import com.yeshi.fanli.service.inter.user.ExtractService;
			import com.yeshi.fanli.service.inter.user.ForbiddenUserIdentifyCodeService;
			import com.yeshi.fanli.service.inter.user.ShamUserService;
			import com.yeshi.fanli.service.inter.user.SpreadUserImgService;
			import com.yeshi.fanli.service.inter.user.TBPidService;
			@@ -137,6 +141,9 @@
			@Resource
			private UserShareGoodsRecordService userShareGoodsRecordService;

			@Resource
			private ForbiddenUserIdentifyCodeService forbiddenUserIdentifyCodeService;

			private static final String PASSWORD_MAX_ERROR = "password_max_error";
			private static final String EXTRACT_MIN_MONEY = "extract_min_money";
			private static final String EXTRACT_MAX_MONEY = "extract_max_money";
			@@ -166,19 +173,40 @@

			if (loginType == 3 && !Constant.IS_TEST)// 验证短信验证码
			{
			String oldVcode = redisManager.getSMSVCode(phone, SMSHistory.TYPE_LOGIN);
			if (StringUtil.isNullOrEmpty(oldVcode) \|\| !oldVcode.equalsIgnoreCase(vcode)) {
			out.print(JsonUtil.loadFalseResult(90001, "验证码错误"));
			return;
			// 苹果应用商店上线测试号码
			if ("17316780233".equalsIgnoreCase(phone) && "258168".equalsIgnoreCase(vcode)) {
			;
			} else {
			String oldVcode = redisManager.getSMSVCode(phone, SMSHistory.TYPE_LOGIN);
			if (StringUtil.isNullOrEmpty(oldVcode) \|\| !oldVcode.equalsIgnoreCase(vcode)) {
			out.print(JsonUtil.loadFalseResult(90001, "验证码错误"));
			return;
			}
			}

			redisManager.clearSMSFrequencyLimit(phone, SMSHistory.TYPE_LOGIN);
			}

			UserInfo tbUserInfo = new UserInfo();
			if (!StringUtil.isNullOrEmpty(tbSession)) {
			try {
			tbSession = DESUtil.decode(tbSession.replace("\n", ""), StringUtil.getBase64String("YeShiFANLI889*+"),
			StringUtil.getBase64String("*M#34f?,"));
			} catch (Exception e) {
			e.printStackTrace();
			}
			JSONObject tbs = JSONObject.fromObject(tbSession);
			tbOpenid = tbs.optString("openId");
			tbNickName = tbs.optString("nick");
			tbPortrait = tbs.optString("avatarUrl");
			// 淘宝ID
			tbUserInfo.setTaoBaoUid(tbs.optString("taobao_user_id"));
			}

			tbUserInfo.setOpenid(tbOpenid);
			tbUserInfo.setTbName(tbNickName);
			tbUserInfo.setTbPic(tbPortrait);

			try {
			LoginResult result = userAccountService.login(request, first, system.getAppid(), code, phone, tbUserInfo,
			wxinstall, loginType);
			@@ -398,15 +426,32 @@

			String oldVCode = redisManager.getSMSVCode(phone, SMSHistory.TYPE_LOGIN);

			if (!vcode.equalsIgnoreCase(oldVCode)) {
			out.print(JsonUtil.loadFalseResult(90001, "验证码错误"));
			return;
			if (Constant.IS_OUTNET) {
			if (!vcode.equalsIgnoreCase(oldVCode)) {
			out.print(JsonUtil.loadFalseResult(90001, "验证码错误"));
			return;
			}
			redisManager.clearSMSFrequencyLimit(phone, SMSHistory.TYPE_LOGIN);
			}
			redisManager.clearSMSFrequencyLimit(phone, SMSHistory.TYPE_LOGIN);

			try {
			userAccountService.bindPhone(uid, phone);
			UserInfo user = userInfoService.getUserByIdWithMybatis(uid);
			// 判断电话号码是否已经封禁
			ForbiddenUserIdentifyCode ic = forbiddenUserIdentifyCodeService
			.listByTypeAndIdentifyCode(ForbiddenUserIdentifyCodeTypeEnum.phone, phone);
			if (ic != null && ic.getEffective() != null && ic.getEffective()) {
			out.print(JsonUtil.loadFalseResult(Constant.CODE_FORBIDDEN_USER, Constant.FORBIDDEN_USER_REASON_DESC));
			// 封禁用户
			// 封禁绑定的正常用户
			if (user != null && user.getState() != null && user.getState() == UserInfo.STATE_NORMAL) {
			UserInfo update = new UserInfo(uid);
			update.setState(UserInfo.STATE_FORBIDDEN);
			update.setStateDesc("绑定被封禁的电话号码被封禁");
			userInfoService.updateByPrimaryKeySelective(update);
			}
			return;
			}

			JSONObject data = new JSONObject();
			data.put("user", UserUtil.filterForClientUser(user));
			out.print(JsonUtil.loadTrueResult(data));
			@@ -468,16 +513,45 @@
			return;
			}

			String taoBaoUid = "";

			if (!StringUtil.isNullOrEmpty(tbSession)) {
			try {
			tbSession = DESUtil.decode(tbSession.replace("\n", ""), StringUtil.getBase64String("YeShiFANLI889*+"),
			StringUtil.getBase64String("*M#34f?,"));
			} catch (Exception e) {
			e.printStackTrace();
			}
			JSONObject session = JSONObject.fromObject(tbSession);
			tbOpenid = session.optString("openId");
			tbNickName = session.optString("nick");
			tbPortrait = session.optString("avatarUrl");
			taoBaoUid = session.optString("taobao_user_id");
			}

			try {
			userAccountService.bindTaoBao(uid, tbOpenid, tbNickName, tbPortrait);
			UserInfo user = userInfoService.getUserByIdWithMybatis(uid);

			// 判断taoBaoUid是否已经封禁
			if (!StringUtil.isNullOrEmpty(taoBaoUid)) {
			ForbiddenUserIdentifyCode ic = forbiddenUserIdentifyCodeService
			.listByTypeAndIdentifyCode(ForbiddenUserIdentifyCodeTypeEnum.taobaoUid, taoBaoUid);
			if (ic != null && ic.getEffective() != null && ic.getEffective()) {
			out.print(JsonUtil.loadFalseResult(Constant.CODE_FORBIDDEN_USER,
			Constant.FORBIDDEN_USER_REASON_DESC));
			// 封禁用户
			// 封禁绑定的正常用户
			if (user != null && user.getState() != null && user.getState() == UserInfo.STATE_NORMAL) {
			UserInfo update = new UserInfo(uid);
			update.setState(UserInfo.STATE_FORBIDDEN);
			update.setStateDesc("绑定被封禁的淘宝号被封禁");
			userInfoService.updateByPrimaryKeySelective(update);
			}
			return;
			}
			}

			JSONObject data = new JSONObject();
			data.put("user", UserUtil.filterForClientUser(user));
			out.print(JsonUtil.loadTrueResult(data));
			@@ -533,6 +607,22 @@
			try {
			userAccountService.changeWXBind(uid, code);
			UserInfo user = userInfoService.getUserByIdWithMybatis(uid);
			// 判断taoBaoUid是否已经封禁
			ForbiddenUserIdentifyCode ic = forbiddenUserIdentifyCodeService
			.listByTypeAndIdentifyCode(ForbiddenUserIdentifyCodeTypeEnum.wxUnionId, user.getWxUnionId());
			if (ic != null && ic.getEffective() != null && ic.getEffective()) {
			out.print(JsonUtil.loadFalseResult(Constant.CODE_FORBIDDEN_USER, Constant.FORBIDDEN_USER_REASON_DESC));
			// 封禁用户
			// 封禁绑定的正常用户
			if (user != null && user.getState() != null && user.getState() == UserInfo.STATE_NORMAL) {
			UserInfo update = new UserInfo(uid);
			update.setState(UserInfo.STATE_FORBIDDEN);
			update.setStateDesc("绑定被封禁的微信号被封禁");
			userInfoService.updateByPrimaryKeySelective(update);
			}
			return;
			}

			JSONObject data = new JSONObject();
			data.put("user", UserUtil.filterForClientUser(user));
			out.print(JsonUtil.loadTrueResult(data));
			@@ -796,6 +886,23 @@
			return;
			}
			redisManager.cacheCommonString(key, "1", 120);

			// 支付宝绑定
			ForbiddenUserIdentifyCode ic = forbiddenUserIdentifyCodeService
			.listByTypeAndIdentifyCode(ForbiddenUserIdentifyCodeTypeEnum.alipayAccount, account);
			if (ic != null && ic.getEffective() != null && ic.getEffective()) {
			out.print(JsonUtil.loadFalseResult(Constant.CODE_FORBIDDEN_USER, Constant.FORBIDDEN_USER_REASON_DESC));
			// 封禁用户
			// 封禁绑定的正常用户
			if (user != null && user.getState() != null && user.getState() == UserInfo.STATE_NORMAL) {
			UserInfo update = new UserInfo(uid);
			update.setState(UserInfo.STATE_FORBIDDEN);
			update.setStateDesc("绑定被封禁的支付宝被封禁");
			userInfoService.updateByPrimaryKeySelective(update);
			}
			return;
			}

			// 可以展示给用户看的错误码
			String[] ALIPAY_CODES = new String[] { "SYSTEM_ERROR", "PERMIT_CHECK_PERM_LIMITED", "PERM_AML_NOT_REALNAME_REV",
			"PERM_AML_NOT_REALNAME_REV", "PAYEE_USER_INFO_ERROR", "PAYEE_ACC_OCUPIED",