From a4ce25e97f0714957ee3266c7d595373339f8b94 Mon Sep 17 00:00:00 2001
From: zhaocheng <578322713@qq.com>
Date: Fri, 6 Dec 2019 17:50:33 +0800
Subject: [PATCH] =?UTF-8?q?=E7=9F=AD=E4=BF=A1=E6=8E=A5=E5=8F=A3=E5=A2=9E?=
 =?UTF-8?q?=E5=8A=A0ip=E9=A2=91=E6=AC=A1=E9=99=90=E5=88=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 frontend/controllers/ApiController.php | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/frontend/controllers/ApiController.php b/frontend/controllers/ApiController.php
index 996bd6f..3db1141 100644
--- a/frontend/controllers/ApiController.php
+++ b/frontend/controllers/ApiController.php
@@ -13,6 +13,8 @@ use common\models\SendLogT;
 use common\models\UserLogT;
 use common\models\UserT;
 use Yii;
+use yii\captcha\Captcha;
+use yii\captcha\CaptchaAction;
 use yii\db\Exception;
 use yii\web\Response;
 use yii\web\UploadedFile;
@@ -845,6 +847,18 @@ class ApiController extends \yii\web\Controller
         header("Access-Control-Allow-Headers: Content-Type, X-Requested-With, Cache-Control,Authorization,Beeba-Sign,Beeba-Timestamp");
         Yii::$app->response->format = Response::FORMAT_JSON;
         $params = Yii::$app->request->post();
+        $cache = Yii::$app->cache;
+        $now = time();
+        $last_visited_name = 'hy_last_visit_ip_' . Yii::$app->request->getUserIP();
+        $last_visited_time = $cache->get($last_visited_name);
+        if ($last_visited_time && $now - $last_visited_time < 90) {
+            $result['success'] = false;
+            $result['msg'] = '接口调用过于频繁';
+            $result['data'] = $now - $last_visited_time;
+            return $result;
+        } else {
+            $cache->set($last_visited_name, $now);
+        }
         if (!isset($params['mobile']) || $params['mobile'] == '') {
             $result['success'] = false;
             $result['msg'] = '手机号无效';
@@ -888,7 +902,7 @@ class ApiController extends \yii\web\Controller
         $user = UserT::findOne(['name' => $name, 'phone' => $mobile]);
         if($name == '' || !preg_match('/^1[345789]\d{9}$/', $mobile)){
             $result['code'] = -1;
-            $result['msg'] = '参数错误：'.'手机'.$mobile.'-'.(!preg_match('/^1[345789]\d{9}$/', $mobile)).'name'.$name.'--'.($name == '');
+            $result['msg'] = '参数错误';
             return $result;
         }
         if($code == '' || Yii::$app->session->get('hy_vcode_'.$mobile) != $code){