站点工具

New release available: 2020-07-29 "Hogfather". upgrade now! [51.3] (what's this?)
New release candidate 3 available: 2020-06-09 "Hogfather". upgrade now! [51.2] (what's this?)
New release candidate 2 available: 2020-06-01 "Hogfather". upgrade now! [51.1] (what's this?)
New release candidate available: 2020-06-01 "Hogfather". upgrade now! [51] (what's this?)
Hotfix release available: 2018-04-22c "Greebo". upgrade now! [50.3] (what's this?)
Hotfix release available: 2018-04-22b "Greebo". upgrade now! [50.2] (what's this?)
Hotfix release available: 2018-04-22a "Greebo". upgrade now! [50.1] (what's this?)
New release available: 2018-04-22 "Greebo". upgrade now! [50] (what's this?)
Hotfix release available: 2017-02-19g "Frusterick Manners". upgrade now! [49.7] (what's this?)
Hotfix release available: 2017-02-19f "Frusterick Manners". upgrade now! [49.6] (what's this?)
Hotfix release available: 2017-02-19e "Frusterick Manners". upgrade now! [49.5] (what's this?)
Hotfix release available fixing CVE-2017-12979 and CVE-2017-12980: 2017-02-19d "Frusterick Manners". upgrade now! [49.4] (what's this?)
Hotfix release available fixing CVE-2017-12583: 2017-02-19c "Frusterick Manners". upgrade now! [49.3] (what's this?)
Hotfix release available fixing security token and media manager: 2017-02-19b "Frusterick Manners". upgrade now! [49.2] (what's this?)
Hotfix release available fixing install and media manager issues: 2017-02-19a "Frusterick Manners". upgrade now! [49.1] (what's this?)
New release available: 2017-02-19 "Frusterick Manners". upgrade now! [49] (what's this?)
Hotfix release available: 2016-06-26e "Elenor of Tsort". upgrade now! [48.5] (what's this?)
Hotfix release available fixing CVE-2017-12979 and CVE-2017-12980: 2016-06-26d "Elenor of Tsort". upgrade now! [48.4] (what's this?)
Hotfix release available fixing CVE-2017-12583: 2016-06-26c "Elenor of Tsort". upgrade now! [48.3] (what's this?)
Hotfix release available fixing security token: 2016-06-26b "Elenor of Tsort". upgrade now! [48.2] (what's this?)
Hotfix release available fixing authad issues: 2016-06-26a "Elenor of Tsort". upgrade now! [48.1] (what's this?)
New release available: 2016-06-26 "Elenor of Tsort". upgrade now! [48] (what's this?)
Hotfix release available: 2015-08-10a "Detritus". upgrade now! [47.1] (what's this?)
New release available: 2015-08-10 "Detritus". upgrade now! [47] (what's this?)
Hotfix release available: 2014-09-29d "Hrun". upgrade now! [46.4] (what's this?)
Hotfix release available: 2014-09-29c "Hrun". upgrade now! [46.3] (what's this?)
Hotfix release available to prevent XSS attack via SWF uploads: 2014-09-29b "Hrun". upgrade now! [46.2] (what's this?)
Hotfix release available: 2014-09-29a "Hrun". upgrade now! [46.1] (what's this?)
New release available: 2014-09-29 "Hrun". upgrade now! [46] (what's this?)
Hotfix release available: 2014-05-05e "Ponder Stibbons". upgrade now! [44.5] (what's this?)
Hotfix release available: 2014-05-05d "Ponder Stibbons". upgrade now! [44.4] (what's this?)
Hotfix release available to prevent XSS attack via SWF uploads: 2014-05-05c "Ponder Stibbons". upgrade now! [44.3] (what's this?)
Security Hotfix 2014-05-05b to prevent zero byte attacks on external auth systems is available. upgrade now! [44.2] (what's this?)
Security Hotfix 2014-05-05a for Issue 765 available. upgrade now! [44.1] (what's this?)

phone_verify

APP客户端用户手机号短信真实性验证接口

前言:通过 APP客户端用户登陆状态判断及用户详情接口 获取到的用户信息列表中,rp_phonestatus 的值代表手机号是否经过短信验证,字符串1为已验证,0为未验证,某些关键项(比如商家报名)需要短信验证。如果未验证,可以通过本接口进行手机号短信真实性验证。

1、客户端调用发送短信验证码接口(发送验证码按钮)

https://m.repai.com/user/phone_verify_sendsms_api/appkey/密钥编号/phone/十一位手机号/timestamp/时间戳/token/防篡改验证串

输入参数说明:

  • appkey 【热拍卖家版Android客户端的appkey为100005,iOS为100004;买家版HTML5为100001,iOS为100002,Android为100003】
  • phone 【11位半角数字手机号,作为登陆名】
  • timestamp 【当前的UNIX时间戳】
  • token 【防篡改验证串,token值的组成为,以PHP代码为例:md5(“RP”.$appkey.$appsecret.$phone.$timestamp) 由客户端生成,其中 $appsecret 为密钥,每个appkey对应的不同的密钥,密钥请询问张宴】

输出参数说明:

  • JSON格式输出,错误时,status值为false,reason值为错误原因文本信息,示例如下:
{
"reason": "很抱歉,由于您频繁获取短信验证码,系统已冻结6小时,请6小时后重试。",
"status": false
}

备注:同一个手机账号,6小时内只能接收5次短信验证码。

  • JSON格式输出,正确时,status值为true,示例如下:
{
"reason": "短信验证码已发送到您的手机,短信接收可能会有延迟,敬请等候!",
"status": true
}

2、客户端利用输入的短信验证码,验证手机号真实性的接口(确认按钮)

https://m.repai.com/user/phone_verify_api/appkey/密钥编号/phone/十一位手机号/timestamp/1402307990/token/73191b75734ea67df90cbb824ff67811/authcode/短信验证码

输入参数说明:

  • appkey 【热拍卖家版Android客户端的appkey为100005,iOS为100004;买家版HTML5为100001,iOS为100002,Android为100003】
  • phone 【11位半角数字手机号,作为登陆名】
  • timestamp 【当前的UNIX时间戳,时间戳有效期20分钟】
  • token 【防篡改验证串,token值的组成为,以PHP代码为例:md5(“RP”.$appkey.$appsecret.$phone.$authcode.$timestamp) 由客户端生成,其中 $appsecret 为密钥,每个appkey对应的不同的密钥,密钥请询问张宴】
  • authcode 【用户手机接收到的四位数字短信验证码】

输出参数说明:

  • JSON格式输出,错误时,status值为false,reason值为错误原因文本信息,示例如下:
{
"reason": "短信验证码无效或已过期,请重新获取!",
"status": false
}

备注:从安全角度考虑,如果用户输错验证码,必须重新获取新的短信验证码。

  • JSON格式输出,正确时,status值为true,并输出手机号、rp_phonestatus手机号验证状态(1为已验证通过)等用户信息,示例如下:
{
"reason": "手机号已通过验证!",
"status": true,
"user_info": {
	"rp_city": "北京",
	"rp_coin": "0",
	"rp_grade": "0",
	"rp_idcard": null,
	"rp_ipaddr": null,
	"rp_isp": "移动",
	"rp_isseller": "0",
	"rp_lastip": "106.2.171.114",
	"rp_phone": "15901283960",
	"rp_phonestatus": "1",
	"rp_province": "北京",
	"rp_realname": null,
	"rp_uid": "1"
}
}

返回首页

phone_verify.txt · 最后更改: 2014/06/19 12:04 由 106.2.171.114