public function photo_urls(Req $req, Res $res, $args)
{
$params = $req->getQueryParams();
$jd_id = $args['jd_id'] ?? '0';
$params['jd_id'] = $jd_id;
$m_p = new \App\Model\Photo();
$result = $m_p->get_urls($params);
return $res->output($result);
}
public function authorize(Req $req, Res $res, $args)
{
$grant_type = $req->getInput('grant_type');
$client_id = $req->getServerParam('PHP_AUTH_USER');
$client_secret = $req->getServerParam('PHP_AUTH_PW');
$oauth = new Oauth();
$result = $oauth->get_token($client_id, $client_secret, $grant_type);
return $res->authorize_output($result);
}
public function main()
{
$this->meta[] = array('name' => 'google-signin-client_id', 'content' => Config::$googleClientId . '.apps.googleusercontent.com');
$cookie = Lib::cookie();
$identifier = $cookie->get(Lib::hash(Config::$userkey));
$user = Lib::table('user');
$isLoggedIn = !empty($identifier) && $user->load(array('identifier' => $identifier));
$this->set('user', $user);
$this->set('isLoggedIn', $isLoggedIn);
$this->js[] = $isLoggedIn ? 'inbox' : 'login';
if ($isLoggedIn) {
array_shift($this->js);
$id = Req::get('id');
if (empty($id)) {
Lib::redirect('index');
}
$report = Lib::table('report');
if (!$report->load($id)) {
$this->template = 'no-report';
return;
}
$report->init();
$assignees = Lib::model('user')->getProjectAssignees($report->project_id);
$projectTable = Lib::table('project');
$projectTable->load($report->project_id);
$this->set('report', $report);
$this->set('assignees', $assignees);
$this->set('project', $projectTable);
}
}
function show()
{
global $page, $db, $user, $fs, $proj;
$page->setTitle($fs->prefs['page_title'] . L('reports'));
$events = array(1 => L('taskopened'), 13 => L('taskreopened'), 2 => L('taskclosed'), 3 => L('taskedited'), 14 => L('assignmentchanged'), 29 => L('events.useraddedtoassignees'), 4 => L('commentadded'), 5 => L('commentedited'), 6 => L('commentdeleted'), 7 => L('attachmentadded'), 8 => L('attachmentdeleted'), 11 => L('relatedadded'), 12 => L('relateddeleted'), 9 => L('notificationadded'), 10 => L('notificationdeleted'), 17 => L('reminderadded'), 18 => L('reminderdeleted'));
$user_events = array(30 => L('created'), 31 => L('deleted'));
$page->assign('events', $events);
$page->assign('user_events', $user_events);
$sort = strtoupper(Get::enum('sort', array('desc', 'asc')));
$where = array();
$params = array();
$orderby = '';
switch (Get::val('order')) {
case 'type':
$orderby = "h.event_type {$sort}, h.event_date {$sort}";
break;
case 'user':
$orderby = "user_id {$sort}, h.event_date {$sort}";
break;
case 'date':
default:
$orderby = "h.event_date {$sort}, h.event_type {$sort}";
}
foreach (Get::val('events', array()) as $eventtype) {
$where[] = 'h.event_type = ?';
$params[] = $eventtype;
}
$where = '(' . implode(' OR ', $where) . ')';
if ($proj->id) {
$where = $where . 'AND (t.project_id = ? OR h.event_type > 29) ';
$params[] = $proj->id;
}
if (($fromdate = Req::val('fromdate')) || Req::val('todate')) {
$where .= ' AND ';
$todate = Req::val('todate');
if ($fromdate) {
$where .= ' h.event_date > ?';
$params[] = Flyspray::strtotime($fromdate) + 0;
}
if ($todate && $fromdate) {
$where .= ' AND h.event_date < ?';
$params[] = Flyspray::strtotime($todate) + 86400;
} else {
if ($todate) {
$where .= ' h.event_date < ?';
$params[] = Flyspray::strtotime($todate) + 86400;
}
}
}
$histories = array();
if (count(Get::val('events'))) {
if (Get::num('event_number') > 0) {
$db->setLimit(Get::num('event_number'));
}
$histories = $db->x->getAll("SELECT h.*, t.*, p.project_prefix\n FROM {history} h\n LEFT JOIN {tasks} t ON h.task_id = t.task_id\n LEFT JOIN {projects} p ON t.project_id = p.project_id\n WHERE {$where}\n ORDER BY {$orderby}", null, $params);
}
$page->assign('histories', $histories);
$page->assign('sort', $sort);
$page->pushTpl('reports.tpl');
}
public function saveAssignees()
{
$keys = array('project', 'setting');
if (!Req::haspost($keys)) {
return $this->fail('Insufficient data.');
}
$identifier = Lib::cookie(Lib::hash(Config::$userkey));
$user = Lib::table('user');
$isLoggedIn = !empty($identifier) && $user->load(array('identifier' => $identifier));
if (!$isLoggedIn || $user->role != USER_ROLE_ADMIN) {
return $this->fail('You are not authorized.');
}
$project = Req::post('project');
$setting = json_decode(Req::post('setting'));
$projectTable = Lib::table('project');
if ($project !== 'all' && $project !== '-1' && !$projectTable->load(array('name' => $project))) {
return $this->fail('No such project.');
}
if ($project !== 'all') {
$projectAssignee = Lib::table('project_assignee');
$projectAssignee->load(array('user_id' => $setting->id, 'project_id' => $projectTable->id));
if ($setting->value) {
$projectAssignee->store();
} else {
$projectAssignee->delete();
}
}
return $this->success();
}
/**
* 根据 IP、当前小时、对应的路由、arg 参数、key 限制调用频率
*
* @param Req $req HTTP 请求对象
*/
protected function set_id(Req $req)
{
$ip = $req->getServerParam('REMOTE_ADDR');
$id = $ip . ':' . date('H');
$route = $req->getAttribute('route');
if ($route) {
$id .= ':' . $route->getIdentifier();
if (!empty($this->opts['arg'])) {
$id .= ':' . $route->getArgument($this->opts['arg']);
}
}
if (!empty($this->opts['key'])) {
$id .= ':' . $this->opts['key'];
}
$this->id = $id;
}
public function execute()
{
$api = Lib::api('admin', array('response' => 'return', 'format' => 'php'));
$type = Req::get('type');
if (!is_callable(array($api, $type))) {
return Lib::redirect('error');
}
$result = $api->{$type}();
$options = array('view' => 'admin');
$ref = Req::post('ref');
if (!$result['state']) {
if (!empty($ref)) {
$options['ref'] = $ref;
}
} else {
$segments = explode('/', base64_decode(urldecode($ref)));
$base = array_shift($segments);
$type = array_shift($segments);
$subtype = array_shift($segments);
if (!empty($type)) {
$options['type'] = $type;
}
if (!empty($subtype)) {
$options['subtype'] = $subtype;
}
}
Lib::redirect('admin', $options);
}
public function before($obj = null)
{
// 推荐商户设置 add by t-btei 2015/05/04
$companyId = Req::args('companyId');
if (isset($companyId)) {
// 保存推荐ID
setcookie('company_affiliate_uid', $companyId);
}
//测试平板或者手机端主题
$clientType = Chips::clientType();
if ($clientType == 'tablet' || $clientType == 'mobile') {
$config_path = APP_CODE_ROOT . 'config/config.php';
$config = (require $config_path);
if (isset($config['themes_mobile'])) {
$themes_mobile = Tiny::app()->setTheme($config['themes_mobile']);
} else {
Tiny::app()->setTheme("default");
}
}
$config = Config::getInstance();
$site = $config->get('globals');
$other = $config->get('other');
$currency_symbol = isset($other['other_currency_symbol']) ? $other['other_currency_symbol'] : '¥';
$site_logo = isset($site['site_logo']) && $site['site_logo'] != '' ? $site['site_logo'] : 'static/images/logo.png';
$site_qr = isset($site['site_qr']) && $site['site_qr'] != '' ? $site['site_qr'] : 'static/images/qr-app.png';
$site_name = isset($site['site_name']) ? $site['site_name'] : 'TinyShop商城';
$site_icp = isset($site['site_icp']) ? $site['site_icp'] : '鲁ICP备00000100号';
$obj->assign('currency_symbol', $currency_symbol);
$obj->assign('site_logo', $site_logo);
$obj->assign('site_qr', $site_qr);
$obj->assign('site_name', $site_name);
$obj->assign('site_icp', $site_icp);
}
public static function env($checkget = true)
{
if ($checkget && Req::hasget('environment')) {
return Req::get('environment');
}
$serverName = $_SERVER['SERVER_NAME'];
return isset(Config::$baseurl[$serverName]) ? Config::$baseurl[$serverName] : 'production';
}
public static function start()
{
if (!is_null(self::$instance)) {
throw new MyException('The RPost already was initialized');
}
self::$instance = new self();
return self::$instance;
}
public function main()
{
$filterProject = Req::get('project');
if (empty($filterProject)) {
$this->template = 'empty-project';
return;
}
$projectTable = Lib::table('project');
if (!$projectTable->load(array('name' => $filterProject))) {
$this->set('name', $filterProject);
$this->template = 'new-project';
return;
}
$this->meta[] = array('name' => 'google-signin-client_id', 'content' => Config::$googleClientId . '.apps.googleusercontent.com');
$cookie = Lib::cookie();
$identifier = $cookie->get(Lib::hash(Config::$userkey));
$user = Lib::table('user');
$isLoggedIn = !empty($identifier) && $user->load(array('identifier' => $identifier));
$this->set('user', $user);
$this->set('filterProject', $filterProject);
$this->set('filterSettingsProject', $filterProject);
$this->set('isLoggedIn', $isLoggedIn);
if (!$isLoggedIn) {
$this->js[] = 'login';
}
if ($isLoggedIn) {
$this->js[] = 'inbox';
$this->js[] = 'settings';
array_shift($this->js);
$userModel = Lib::model('user');
$assignees = $userModel->getProjectAssignees($projectTable->id);
$users = $userModel->getUsers();
$filterState = $cookie->get('filter-state', 'pending');
$filterAssignee = $cookie->get('filter-assignee', empty($assignees[$user->id]) ? 'all' : $user->id);
$filterSort = $cookie->get('filter-sort', 'asc');
$reportModel = Lib::model('report');
$reports = $reportModel->getItems(array('state' => constant('STATE_' . strtoupper($filterState)), 'assignee_id' => $filterAssignee, 'order' => 'date', 'direction' => $filterSort, 'project_id' => $projectTable->id));
$userSettingsTable = Lib::table('user_settings');
if (!$userSettingsTable->load(array('user_id' => $user->id, 'project_id' => $projectTable->id))) {
$userSettingsTable->load(array('user_id' => $user->id, 'project_id' => 0));
}
$userSettings = $userSettingsTable->getData();
if ($userSettings['color'] !== 'cyan' && $userSettings['color'] !== 'custom') {
$this->css[] = 'theme-' . str_replace(' ', '', $userSettings['color']);
}
$categories = Lib::model('category')->getCategories(['projectid' => $projectTable->id]);
$this->set('filterState', $filterState);
$this->set('filterAssignee', $filterAssignee);
$this->set('filterSort', $filterSort);
$this->set('reports', $reports);
$this->set('assignees', $assignees);
$this->set('userSettings', $userSettings);
$this->set('users', $users);
$this->set('projectTable', $projectTable);
$this->set('categories', $categories);
}
}
public function decode($segments)
{
foreach ($segments as $index => $value) {
if (empty($value) || !isset($this->segments[$index])) {
continue;
}
Req::set('GET', $this->segments[$index], $value);
}
}
public function decode($segments = array())
{
$total = count($segments);
foreach ($segments as $index => $value) {
if (!isset($this->segments[$index])) {
continue;
}
Req::set('GET', $this->segments[$index], $value);
}
}
public function decode($segments)
{
if (count($segments) >= 3) {
$view = array_shift($segments);
$api = array_shift($segments);
$action = array_shift($segments);
Req::set('GET', 'api', $api);
Req::set('GET', 'action', $action);
}
}
public function nextReq()
{
$req = \Req::orderBy('req', 'DESC')->first(array('req'));
if (isset($req)) {
$req->req++;
return $req->req;
} else {
return 1;
}
}
public static function env()
{
if (Req::hasget('development')) {
Lib::cookie()->set('development', Req::get('development'));
}
if (Lib::cookie()->get('development')) {
return 'development';
}
return self::$env;
}
public function create($req_id)
{
$req = Req::find($req_id);
$unidades = Unidad::all();
$data['req'] = $req;
foreach ($unidades as $unidad) {
$arr_unidades[$unidad->tipo][$unidad->unidad] = $unidad->unidad;
}
$data['unidades'] = $arr_unidades;
return View::make('reqs.formArticulo')->with($data);
}
public function __invoke(Req $req, Res $res, callable $next)
{
$request_uri = $req->getServerParam('REQUEST_URI');
if (strpos($request_uri, '/token') !== 0) {
// 获取 token 链接无需验证权限
$route = $req->getAttribute('route');
if (!$route) {
return $next($req, $res);
}
$action = ltrim($route->getCallable(), 'App\\Action\\');
$this->container->get('db');
$m_o = new \App\Model\Oauth();
$token = $req->getAccessToken();
$result = $m_o->valid_token($token, $action, $req);
if ($result[0] !== 0) {
return $res->output($result);
}
}
return $next($req, $res);
}
public function form()
{
$ref = Req::get('ref');
$this->set('ref', $ref);
$model = Lib::model('admin');
if (!$model->hasAdmins()) {
$this->template = 'formcreate';
return;
}
$this->template = 'form';
}
/**
* 取得视图路径
*
* @access public
* @return String
*/
public function getViewPath()
{
if ($this->viewPath === null) {
if (!is_null(Req::args($this->viewParam))) {
$this->resolveView(Req::args($this->viewParam));
} else {
$this->viewPath = strtolower($this->getController()->id) . DIRECTORY_SEPARATOR . strtr($this->id, '.', '/');
}
}
return $this->viewPath;
}
public function show($id)
{
$req = Req::find($id);
$articulos = Articulo::whereReqId($id)->get();
$data['req'] = $req;
if (isset($articulos)) {
$data['articulos'] = $articulos;
} else {
$data['articulos'] = array();
}
return View::make('reqs.infoRequisicion')->with($data);
}
function _onsubmit()
{
global $proj;
// only meant for global fields...
if (!count(Get::val('ids', array()))) {
return array(ERROR_RECOVER, L('notasksselected'), CreateUrl('index'));
}
$proj = new Project(0);
$return = $this->handle('action', Req::val('action'));
$proj = new Project(0);
return $return;
}
/**
* action 运行入口
*
* @access public
* @return mixed
*/
public function run()
{
$controller = $this->getController();
$methodName = preg_split("/_(?=(save|del|edit)\$)/i", $this->getId());
if (count($methodName) == 2) {
$op = $methodName[1];
$modelName = $methodName[0];
} else {
$op = $methodName[0];
$modelName = $controller->getId();
}
$operator = array('save' => 'save', 'del' => 'delete', 'edit' => 'find');
//如果配制文件存在curd函数自动进行处理
if ($controller->getAutoActionRight() && array_key_exists($op, $operator)) {
if ($op == 'save') {
$pre_validator = $modelName . '_validator';
if (method_exists($controller, $pre_validator)) {
$validator = $controller->{$pre_validator}();
if (is_array($validator)) {
$data = Req::args() + array('validator' => $validator);
$controller->redirect($modelName . '_edit', false, $data);
exit;
}
}
}
$model = new Model($modelName);
$data = $model->data(Req::args())->{$operator}[$op]();
switch ($op) {
case 'save':
if ($data !== false) {
$controller->redirect($modelName . '_list');
} else {
$controller->redirect($modelName . '_edit', null, false, array('form' => $model->find()));
}
break;
case 'del':
$controller->redirect($modelName . '_list');
break;
case 'edit':
$data = isset($data) ? $data : array();
$controller->redirect($modelName . '_edit', false, $data);
break;
}
} else {
$action = new ViewAction($controller, $this->getId());
$action->run();
//exit;
}
}
function show($area = null)
{
global $page, $fs, $db, $proj, $user, $conf;
$perpage = '20';
if (isset($user->infos['tasks_perpage'])) {
$perpage = $user->infos['tasks_perpage'];
}
$pagenum = max(1, Get::num('pagenum', 1));
$offset = $perpage * ($pagenum - 1);
// Get the visibility state of all columns
$visible = explode(' ', trim($proj->id ? $proj->prefs['visible_columns'] : $fs->prefs['visible_columns']));
if (!is_array($visible) || !count($visible) || !$visible[0]) {
$visible = array('id');
}
list($tasks, $id_list) = Backend::get_task_list($_GET, $visible, $offset, $perpage);
$page->assign('tasks', $tasks);
$page->assign('offset', $offset);
$page->assign('perpage', $perpage);
$page->assign('pagenum', $pagenum);
$page->assign('visible', $visible);
// List of task IDs for next/previous links
$_SESSION['tasklist'] = $id_list;
$page->assign('total', count($id_list));
// Javascript replacement
if (Get::val('toggleadvanced')) {
$advanced_search = intval(!Req::val('advancedsearch'));
Flyspray::setCookie('advancedsearch', $advanced_search, time() + 60 * 60 * 24 * 30);
$_COOKIE['advancedsearch'] = $advanced_search;
}
// Update check {{{
if (Get::has('hideupdatemsg')) {
unset($_SESSION['latest_version']);
} else {
if ($conf['general']['update_check'] && $user->perms('is_admin') && $fs->prefs['last_update_check'] < time() - 60 * 60 * 24 * 3) {
if (!isset($_SESSION['latest_version'])) {
$latest = Flyspray::remote_request('http://flyspray.org/version.txt', GET_CONTENTS);
//if for some silly reason we get and empty response, we use the actual version
$_SESSION['latest_version'] = empty($latest) ? $fs->version : $latest;
$db->x->execParam('UPDATE {prefs} SET pref_value = ? WHERE pref_name = ?', array(time(), 'last_update_check'));
}
}
}
if (isset($_SESSION['latest_version']) && version_compare($fs->version, $_SESSION['latest_version'], '<')) {
$page->assign('updatemsg', true);
}
// }}}
$page->setTitle($fs->prefs['page_title'] . $proj->prefs['project_title'] . ': ' . L('tasklist'));
$page->pushTpl('index.tpl');
}
public function saveProjectTitle()
{
$keys = array('project-title', 'project-name');
$post = Req::post($keys);
if (empty($post['project-name'])) {
Lib::redirect('page', array('view' => 'embed'));
}
if (empty($post['project-title'])) {
Lib::redirect('page', array('view' => 'embed', 'project' => $post['project-name']));
}
$projectTable = Lib::table('project');
$projectTable->load(array('name' => $post['project-name']));
$projectTable->title = $post['project-title'];
$projectTable->store();
Lib::redirect('page', array('view' => 'embed', 'project' => $post['project-name']));
}
public function decode($segments)
{
if (count($segments) === 1) {
Req::set('GET', 'view', 'admin');
return;
}
$systemKey = array('login', 'logout', 'create');
if (in_array($segments[1], $systemKey)) {
Req::set('GET', 'controller', 'admin');
} else {
Req::set('GET', 'view', 'admin');
}
Req::set('GET', 'type', $segments[1]);
if (!empty($segments[2])) {
Req::set('GET', 'subtype', $segments[2]);
}
}
public function main()
{
$slug = Req::get('slug');
$this->set('slug', $slug);
if (file_exists(Config::getBasePath() . '/assets/css/' . $slug . '.' . (Config::env() === 'development' ? 'less' : 'css'))) {
$this->css[] = $slug;
}
if (file_exists(Config::getBasePath() . '/assets/js/' . $slug . '.' . (Config::env() === 'development' ? 'coffee' : 'js'))) {
$this->js[] = $slug;
}
$page = $this->getPages()->{$slug};
$this->set('slug', $slug);
$this->set('page', $page);
$this->set('pagetitle', $page->title);
$this->set('pagedate', $page->date);
$content = $this->loadTemplate($slug . '/content');
$this->set('content', $content);
}
public function pac_message_receiver()
{
$content = Req::post("content");
if (!isset($content)) {
$this->returnXML("false", "S09", "返回报文为空");
}
$signature = Req::post("data_digest");
if (!isset($signature)) {
$this->returnXML("false", "S09", "返回报文为空");
}
Tiny::log("异步审批结果回执信息【content:" . $content . "】data_digest【" . $signature . "】");
// 测试密钥
$aeskey = base64_decode($this->jkf['aes_key']);
//AES解密,采用ECB模式
$aes = new Crypt_AES(CRYPT_MODE_ECB);
//设置AES密钥
$aes->setKey($aeskey);
//解密AES密文
$plaintext = $aes->decrypt(base64_decode($content));
//测试rsa公钥
$publickey = $this->jkf['public_key'];
$rsa = new Crypt_RSA();
//设置RSA签名模式 CRYPT_RSA_SIGNATURE_PSS or CRYPT_RSA_SIGNATURE_PKCS1
$rsa->setSignatureMode(CRYPT_RSA_SIGNATURE_PKCS1);
//使用RSA公钥验证签名
$rsa->loadKey(base64_decode($publickey));
//签名通过
if ($rsa->verify($plaintext, base64_decode($signature))) {
$contentXML = simplexml_load_string($plaintext);
$businessType = (string) $contentXML->head->businessType;
$model = new GatewayModel();
if ($businessType == "RESULT") {
$model->insertResult($contentXML, "1");
} else {
if ($businessType == "PRODUCT_RECORD") {
$model->insertExamineResult($contentXML);
}
}
$this->returnXML();
} else {
$this->returnXML("false", "S02", "非法的数字签名");
}
}
public function update()
{
if (!Req::haspost(['id', 'name'])) {
return $this->fail('Insufficient data.');
}
$identifier = Lib::cookie(Lib::hash(Config::$userkey));
$user = Lib::table('user');
$isLoggedIn = !empty($identifier) && $user->load(['identifier' => $identifier]);
if (!$isLoggedIn || $user->role != USER_ROLE_ADMIN) {
return $this->fail('You are not authorized.');
}
$id = Req::post('id');
$name = Req::post('name');
$table = Lib::table('category');
if (!$table->load($id)) {
return $this->false('Invalid data.');
}
$table->name = $name;
$table->store();
return $this->success();
}
public function create()
{
$keys = array('username', 'password');
if (!Req::haspost($keys)) {
return $this->fail();
}
$referral = Req::post('referral');
if (empty($referral) && Lib::model('admin')->hasAdmins()) {
return $this->fail();
}
$post = Req::post($keys);
extract($post);
$admin = Lib::table('admin');
$admin->username = $username;
$admin->setPassword($password);
if (!$admin->store()) {
return $this->fail();
}
$admin->login();
return $this->success();
}
