feat: 添加PHPMailer依赖并实现邮箱验证功能

- 添加PHPMailer依赖用于发送验证邮件 - 实现开发者邮箱验证功能 - 添加SMTP邮件配置到config.php - 创建邮箱验证模板文件 - 修改上传应用逻辑要求验证邮箱 - 移除不再使用的SQL文件
2025-07-08 15:24:27 +08:00
parent 6f484ffed7
commit dd71417b3d
96 changed files with 18579 additions and 19 deletions
--- a/developer/register.php
+++ b/developer/register.php
@@ -1,7 +1,21 @@
 <?php
+// Define SMTP constants if not already defined
+if (!defined('SMTP_USERNAME')) define('SMTP_USERNAME', '');
+if (!defined('SMTP_ENCRYPTION')) define('SMTP_ENCRYPTION', 'tls');
+if (!defined('SMTP_FROM_EMAIL')) define('SMTP_FROM_EMAIL', 'noreply@example.com');
+
+
+// 引入PHPMailer命名空间
+use PHPMailer\PHPMailer\PHPMailer;
+use PHPMailer\PHPMailer\SMTP;
+use PHPMailer\PHPMailer\Exception;
+
 // 引入配置文件
 require_once '../config.php';

+// 引入Composer自动加载器
+require_once '../vendor/autoload.php';
+
 // 顶栏样式
 echo '<style>
 .navbar.scrolled {
@@ -61,25 +75,62 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
                    $error = '用户名或邮箱已被注册';
                } else {
                    $hashedPassword = password_hash($password, PASSWORD_DEFAULT);
-                    $insertStmt = $conn->prepare('INSERT INTO developers (username, email, password) VALUES (?, ?, ?)');
+                    // 生成验证令牌
+                    $verificationToken = bin2hex(random_bytes(32));
+                    $insertStmt = $conn->prepare('INSERT INTO developers (username, email, password, verification_token) VALUES (?, ?, ?, ?)');
                    if (!$insertStmt) {
                        log_error('插入准备失败: ' . $conn->error, __FILE__, __LINE__);
                        $error = '系统错误，请稍后再试';
-                    } else {
-                        $insertStmt->bind_param('sss', $username, $email, $hashedPassword);
-                        if (!$insertStmt->execute()) {
-                            log_error('插入执行失败: ' . $insertStmt->error, __FILE__, __LINE__);
-                            $error = '系统错误，请稍后再试';
-                        }
-                    }
+                } else {
+                        // 生成验证链接
+                        $verificationLink = 'https://' . $_SERVER['HTTP_HOST'] . '/developer/verify_email.php?token=' . urlencode($verificationToken);

-                    header('Location: login.php?register_success=1');
-                    exit;
+                        // 加载邮件模板
+                        $templatePath = __DIR__ . '/../mail/verification_template.php';
+                        if (file_exists($templatePath)) {
+                            $templateContent = file_get_contents($templatePath);
+                            $templateContent = str_replace('{username}', htmlspecialchars($username), $templateContent);
+                            $templateContent = str_replace('{verification_link}', $verificationLink, $templateContent);
+
+                            // 配置SMTP邮件发送
+                            require_once '../vendor/phpmailer/phpmailer/src/PHPMailer.php';
+                            require_once '../vendor/phpmailer/phpmailer/src/SMTP.php';
+
+
+                            /** @var \PHPMailer\PHPMailer\PHPMailer $mail */
+                            $mail = new \PHPMailer\PHPMailer\PHPMailer(true);
+                            try {
+                                $mail->isSMTP();
+                                $mail->Host = defined('SMTP_HOST') ? SMTP_HOST : 'smtp.example.com';
+                                $mail->SMTPAuth = true;
+                                $mail->Username = defined('SMTP_USERNAME') ? SMTP_USERNAME : ''; // Ensure SMTP_USERNAME is defined in config.php
+                                $mail->Password = defined('SMTP_PASSWORD') ? SMTP_PASSWORD : '';
+                                $mail->SMTPSecure = defined('SMTP_ENCRYPTION') ? SMTP_ENCRYPTION : 'tls'; // Ensure SMTP_ENCRYPTION is defined in config.php
+                                $mail->Port = defined('SMTP_PORT') ? SMTP_PORT : 587;
+
+                                $mail->setFrom(defined('SMTP_FROM_EMAIL') ? SMTP_FROM_EMAIL : 'noreply@example.com', defined('SMTP_FROM_NAME') ? SMTP_FROM_NAME : 'App Store'); // Ensure SMTP_FROM_EMAIL is defined in config.php
+                                $mail->addAddress($email, $username);
+
+                                $mail->isHTML(true);
+                                $mail->Subject = '邮箱验证 - ' . (defined('APP_STORE_NAME') ? APP_STORE_NAME : 'App Store');
+                                $mail->Body = $templateContent;
+
+                                $mail->send();
+                            } catch (\PHPMailer\PHPMailer\Exception $e) {
+                                log_error('邮件发送失败: ' . $mail->ErrorInfo, __FILE__, __LINE__);
+                            }
+                        } else {
+                            log_error('验证邮件模板不存在: ' . $templatePath, __FILE__, __LINE__);
+                        }
+
+                        header('Location: login.php?register_success=1&verify_email_sent=1');
+                        exit;
+                    }
                }
            } catch (PDOException $e) {
                $error = '注册时发生错误，请稍后再试';
            }
-        }
+          }
    }
 }
 ?>
--- a/developer/upload_app.php
+++ b/developer/upload_app.php
@@ -14,6 +14,23 @@ $developerId = $_SESSION['developer_id'];
 $error = '';
 $success = '';

+// 检查开发者邮箱是否已验证
+$stmt = $conn->prepare('SELECT is_verified FROM developers WHERE id = ?');
+if (!$stmt) {
+    log_error('准备验证状态查询失败: ' . $conn->error, __FILE__, __LINE__);
+    $error = '系统错误，请稍后再试';
+} else {
+    $stmt->bind_param('i', $developerId);
+    $stmt->execute();
+    $result = $stmt->get_result();
+    $developer = $result->fetch_assoc();
+    $stmt->close();
+
+    if (!$developer || !$developer['is_verified']) {
+        $error = '您的邮箱尚未验证，请先验证邮箱后再上传应用。';
+    }
+}
+
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    // 创建上传目录（如果不存在）
    $uploadDirs = ['../uploads/apps', '../uploads/images'];
--- a/developer/verify_email.php
+++ b/developer/verify_email.php
@@ -0,0 +1,90 @@
+<?php
+// 引入配置文件
+require_once '../config.php';
+
+session_start();
+
+$error = '';
+$success = '';
+
+// 检查是否提供了验证令牌
+if (!isset($_GET['token']) || empty($_GET['token'])) {
+    $error = '无效的验证链接';
+} else {
+    $token = trim($_GET['token']);
+
+    // 验证数据库连接
+    if (!($conn instanceof mysqli)) {
+        log_error('数据库连接错误: 连接不是MySQLi实例', __FILE__, __LINE__);
+        $error = '数据库连接错误，请稍后再试';
+    } else {
+        try {
+            // 查询具有该令牌的未验证开发者
+            $stmt = $conn->prepare('SELECT id FROM developers WHERE verification_token = ? AND is_verified = FALSE');
+            $stmt->bind_param('s', $token);
+            $stmt->execute();
+            $stmt->store_result();
+
+            if ($stmt->num_rows === 1) {
+                // 更新验证状态
+                $updateStmt = $conn->prepare('UPDATE developers SET is_verified = TRUE, verified_at = NOW(), verification_token = NULL WHERE verification_token = ?');
+                $updateStmt->bind_param('s', $token);
+                $updateStmt->execute();
+                $updateStmt->close();
+
+                $success = '邮箱验证成功！现在您可以登录并创建应用了。';
+            } else {
+                $error = '验证链接无效或已过期';
+            }
+            $stmt->close();
+        } catch (Exception $e) {
+            log_error('邮箱验证失败: ' . $e->getMessage(), __FILE__, __LINE__);
+            $error = '验证过程中发生错误，请稍后再试';
+        }
+    }
+}
+?>
+<!DOCTYPE html>
+<html lang="zh-CN">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>邮箱验证 - <?= APP_STORE_NAME ?></title>
+    <link href="/css/bootstrap.min.css" rel="stylesheet">
+    <style>
+        body { background-color: #f4f4f4; padding: 70px 0; }
+        .container { max-width: 500px; background: white; padding: 30px; border-radius: 8px; box-shadow: 0 0 10px rgba(0,0,0,0.1); }
+        .alert { margin-bottom: 20px; }
+    </style>
+</head>
+<body>
+    <!-- 导航栏 -->
+    <nav class="navbar navbar-expand-lg navbar-light bg-light fixed-top">
+        <div class="container">
+            <a class="navbar-brand" href="../index.php"><?= APP_STORE_NAME ?></a>
+            <button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#navbarNav">
+                <span class="navbar-toggler-icon"></span>
+            </button>
+            <div class="collapse navbar-collapse" id="navbarNav">
+                <ul class="navbar-nav">
+                    <li class="nav-item"><a class="nav-link" href="../index.php">首页</a></li>
+                    <li class="nav-item"><a class="nav-link" href="login.php">开发者登录</a></li>
+                </ul>
+            </div>
+        </div>
+    </nav>
+
+    <div class="container">
+        <h2 class="mb-4">邮箱验证</h2>
+        <?php if (!empty($success)): ?>
+            <div class="alert alert-success" role="alert"><?= $success ?></div>
+            <a href="login.php" class="btn btn-primary">前往登录</a>
+        <?php else: ?>
+            <div class="alert alert-danger" role="alert"><?= $error ?></div>
+            <a href="register.php" class="btn btn-secondary">重新注册</a>
+        <?php endif; ?>
+    </div>
+
+    <script src="/js/bootstrap.bundle.min.js"></script>
+</body>
+</html>