From c4edda8b4e2fcf36fca7be483ca8332ffd3c423d Mon Sep 17 00:00:00 2001 From: lkddi Date: Thu, 2 Apr 2026 16:38:17 +0800 Subject: [PATCH] =?UTF-8?q?=E7=89=B9=E6=80=A7=EF=BC=9A=E4=BC=98=E5=8C=96?= =?UTF-8?q?=E6=B3=A8=E5=86=8C=E4=B8=8E=E6=94=B9=E5=90=8D=E5=8D=A1=E9=80=BB?= =?UTF-8?q?=E8=BE=91=EF=BC=8C=E5=9C=A8=E8=A7=A6=E5=8F=91=E6=95=8F=E6=84=9F?= =?UTF-8?q?=E8=AF=8D=E6=88=96=E6=8B=A6=E6=88=AA=E9=87=8D=E5=90=8D=E6=97=B6?= =?UTF-8?q?=E6=98=8E=E7=A1=AE=E6=8F=90=E7=A4=BA=E5=85=B7=E4=BD=93=E6=98=AF?= =?UTF-8?q?=E8=A7=A6=E5=8F=91=E4=BA=86=E5=93=AA=E4=B8=AA=E8=AF=8D=E6=B1=87?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- app/Http/Controllers/AuthController.php | 9 ++++- app/Models/UsernameBlacklist.php | 51 ++++++++++++++----------- app/Services/ShopService.php | 11 +++++- 3 files changed, 45 insertions(+), 26 deletions(-) diff --git a/app/Http/Controllers/AuthController.php b/app/Http/Controllers/AuthController.php index df48b28..6e29aac 100644 --- a/app/Http/Controllers/AuthController.php +++ b/app/Http/Controllers/AuthController.php @@ -101,8 +101,13 @@ class AuthController extends Controller } // 检测用户名是否在禁用词列表(永久禁用 或 改名临时保留期内) - if (UsernameBlacklist::isBlocked($username)) { - return response()->json(['status' => 'error', 'message' => '该用户名已被系统禁止注册,请更换其他名称。'], 422); + if ($blockingRecord = UsernameBlacklist::getBlockingRecord($username)) { + $reason = ''; + if ($blockingRecord->type === 'permanent') { + $reason = "(包含违禁敏感词:{$blockingRecord->username})"; + } + + return response()->json(['status' => 'error', 'message' => "该用户名已被系统禁止注册{$reason},请更换其他名称。"], 422); } // --- 提取邀请人 Cookie --- diff --git a/app/Models/UsernameBlacklist.php b/app/Models/UsernameBlacklist.php index 5ac0284..bc7881c 100644 --- a/app/Models/UsernameBlacklist.php +++ b/app/Models/UsernameBlacklist.php @@ -40,34 +40,41 @@ class UsernameBlacklist extends Model // ────────────────────────────────────────── /** - * 判断给定名称是否被禁止使用。 + * 获取拦截该名称的具体黑名单记录(如果有)。 * - * 满足以下任一条件时返回 true: - * 1. 存在 type=permanent 的永久禁用记录 - * 2. 存在 type=temp 且 reserved_until 尚未过期的临时保留记录 + * @param string $username 要检测的用户名 + * @return static|null + */ + public static function getBlockingRecord(string $username): ?self + { + // 1. 检查是否存在精确匹配且未过期的“临时改名保留”名称 + $tempRecord = static::where('type', 'temp') + ->where('username', $username) + ->where('reserved_until', '>', now()) + ->first(); + + if ($tempRecord) { + return $tempRecord; + } + + // 2. 检查永久禁用词,改为【模糊匹配】(只要新注册的名字中包含禁用词,拦截) + // 比如数据库禁用了 "admin",那么 "admin123" 也会触发拦截 + $permanentRecord = static::where('type', 'permanent') + ->where('username', '!=', '') + ->whereRaw('? LIKE CONCAT("%", username, "%")', [$username]) + ->first(); + + return $permanentRecord; + } + + /** + * 判断给定名称是否被禁止使用。 * * @param string $username 要检测的用户名 */ public static function isBlocked(string $username): bool { - // 1. 检查是否存在精确匹配且未过期的“临时改名保留”名称 - $hasTemp = static::where('type', 'temp') - ->where('username', $username) - ->where('reserved_until', '>', now()) - ->exists(); - - if ($hasTemp) { - return true; - } - - // 2. 检查永久禁用词,改为【模糊匹配】(只要新注册的名字中包含禁用词,拦截) - // 比如数据库禁用了 "admin",那么 "admin123" 也会触发拦截 - $hasPermanent = static::where('type', 'permanent') - ->where('username', '!=', '') - ->whereRaw('? LIKE CONCAT("%", username, "%")', [$username]) - ->exists(); - - return $hasPermanent; + return static::getBlockingRecord($username) !== null; } /** diff --git a/app/Services/ShopService.php b/app/Services/ShopService.php index 05e7adb..b84176d 100644 --- a/app/Services/ShopService.php +++ b/app/Services/ShopService.php @@ -151,8 +151,15 @@ class ShopService } // 不能在黑名单保留期内 - if (UsernameBlacklist::isReserved($newName)) { - return ['ok' => false, 'message' => '该昵称处于保护期,暂时无法使用。']; + if ($blockingRecord = UsernameBlacklist::getBlockingRecord($newName)) { + $reason = ''; + if ($blockingRecord->type === 'permanent') { + $reason = "(包含敏感词:{$blockingRecord->username})"; + } else { + $reason = '(处于曾用名保护期)'; + } + + return ['ok' => false, 'message' => "该昵称已被系统禁止使用{$reason}。"]; } // 查找有效的改名卡记录