漏洞bug修改

@@ -387,27 +387,36 @@ const validate2 = (req, res, next) => {
             }
 
         } else if (type === 'mobile') {
-            let a = yield accountModel.checkVerifyMsg(body.code, body.mobile, body.area);
-            let b = yield accountModel.modifyVerifyMobile(uid, body.area, body.mobile);
-
-            if (a.code === 200 && b.code === 200) {
-                cookieHelper.setVal(res, body.type + '_STEP', 2);
-                res.send({
-                    code: 200,
-                    data: {}
-                });
-            } else {
-                let msg = [];
-
-                if (a.code !== 200) {
-                    msg.push('<p>图片验证：' + a.message + '</p>');
-                }
-                if (b.code !== 200) {
-                    msg.push('<p>修改号码：' + a.message + '</p>');
+            let b = yield accountModel.checkVerifyMobile(uid, body.mobile, body.area);
+
+            if (b.code === 200) {
+                let a = yield accountModel.checkVerifyMsg(body.code, body.mobile, body.area);
+
+                if (a.code === 200) {
+                    let c = yield accountModel.modifyVerifyMobile(uid, body.area, body.mobile);
+
+                    cookieHelper.setVal(res, body.type + '_STEP', 2);
+                    if (c.code === 200) {
+                        res.send({
+                            code: 200,
+                            data: {}
+                        });
+                    } else {
+                        res.send({
+                            code: 500,
+                            message: c.message
+                        });
+                    }
+                } else {
+                    res.send({
+                        code: 500,
+                        message: '<p>短信验证：' + a.message + '</p>'
+                    });
                 }
+            } else {
                 res.send({
                     code: 500,
-                    message: msg.join('')
+                    message: '<p>修改号码：' + b.message + '</p>'
                 });
             }
         }

@@ -34,7 +34,7 @@ const safeRedirect = (uri) => {
     }
 
 
-    return _.some(domains, matchFunc) ? uri : '/';
+    return _.some(domains, matchFunc) ? uri.replace(/\@.*$/, '') : '/';
 };
 
 /**

@@ -5,7 +5,7 @@
  */
 var dialog = require('../../plugins/dialog');
 var _alert = dialog.Alert;
-var regValidate = require('../../passport/common/mail-phone-regx');
+//var regValidate = require('../../passport/common/mail-phone-regx');
 var types = location.pathname.split('/');
 var type = types[types.length - 1]; // 界面操作类型
 var $imgCaptchaInput = $('#captcha');
@@ -28,21 +28,21 @@ var disableSMSBtn = function() {
 };
 
 // 校验手机号码格式
-var validatePhoneNumLocal = function(phoneNum) {
-    var length = phoneNum.length;
-
-    phoneNum = parseInt(phoneNum, 10);
-
-    if (length === 0) {
-        new _alert('请输入手机号码！').show();
-        return false;
-    } else if (length !== 11 || !/^[0-9]+$/.test(phoneNum) || !regValidate.phoneRegx['+86'].test(phoneNum)) {
-        new _alert('手机号码格式不正确,请重新输入！').show();
-        return false;
-    } else {
-        return true;
-    }
-};
+// var validatePhoneNumLocal = function(phoneNum) {
+//     var length = phoneNum.length;
+
+//     phoneNum = parseInt(phoneNum, 10);
+
+//     if (length === 0) {
+//         new _alert('请输入手机号码！').show();
+//         return false;
+//     } else if (length !== 11 || !/^[0-9]+$/.test(phoneNum) || !regValidate.phoneRegx['+86'].test(phoneNum)) {
+//         new _alert('手机号码格式不正确,请重新输入！').show();
+//         return false;
+//     } else {
+//         return true;
+//     }
+// };
 
 require('yoho-jquery-placeholder');
 
@@ -57,42 +57,42 @@ $('#region').on('change', function() {
 });
 
 // 校验手机号码
-$('#real-mobile').blur(function() {
-    var mobile = $(this).val();
-    var self = $('#real-mobile').parent();
-
-    if (validatePhoneNumLocal(mobile)) {
-        $.ajax({
-            type: 'POST',
-            url: '/me/account/checkVerifyMobile',
-            dataType: 'json',
-            data: {
-                mobile: mobile,
-                area: area
-            },
-            success: function(data) {
-                if (data.code === 200) {
-                    $sms.removeClass('disable');
-                    self.find('.tips-success').addClass('ok').show();
-                    self.find('.tips-error').removeClass('notok').hide();
-                } else {
-                    new _alert(data.message).show();
-                    self.find('.tips-success').removeClass('ok').hide();
-                    self.find('.tips-error').addClass('notok').show();
-                }
-            }
-        });
-    }
-});
+// $('#real-mobile').blur(function() {
+//     var mobile = $(this).val();
+//     var self = $('#real-mobile').parent();
+
+//     if (validatePhoneNumLocal(mobile)) {
+//         $.ajax({
+//             type: 'POST',
+//             url: '/me/account/checkVerifyMobile',
+//             dataType: 'json',
+//             data: {
+//                 mobile: mobile,
+//                 area: area
+//             },
+//             success: function(data) {
+//                 if (data.code === 200) {
+//                     $sms.removeClass('disable');
+//                     self.find('.tips-success').addClass('ok').show();
+//                     self.find('.tips-error').removeClass('notok').hide();
+//                 } else {
+//                     new _alert(data.message).show();
+//                     self.find('.tips-success').removeClass('ok').hide();
+//                     self.find('.tips-error').addClass('notok').show();
+//                 }
+//             }
+//         });
+//     }
+// });
 
 
 // 发送手机验证码
 $sms.click(function() {
     var mobile = $('#real-mobile').val();
 
-    if ($(this).hasClass('disable')) {
-        return;
-    }
+    // if ($(this).hasClass('disable')) {
+    //     return;
+    // }
     $sms.addClass('disable');
     $.ajax({
         type: 'POST',