public function autoinAction($appid)
{
$request = $this->getRequest();
$user = $this->get('security.context')->getToken()->getUser();
$encode = $user->eno . ",{$user->openid},x,y," . time();
$appid2 = DES::decrypt($appid);
$da = $this->get('we_data_access');
$ds = $da->GetData("app", "select appkey from we_appcenter_apps where appid=? ", array((string) $appid2));
$auth = DES::encrypt2($encode, $ds["app"]["rows"][0]["appkey"]);
//获取url
$url = $_SERVER['QUERY_STRING'];
//$urlsource=$request->get("_urlSource");
//$this->get("logger")->err("wefafa=>".$url);
if (!empty($url)) {
$url = "&url=" . $this->parseurl(str_replace(array("url=", "%25"), array("", "%"), $url));
}
//if(!empty($urlsource))
// $url .= "%2526urlsource=".($urlsource);
//$this->get("logger")->err("query_string=>".$_SERVER['QUERY_STRING']);
//生成应用中心地址
$appcenterUrl = $this->container->getParameter('fafa_appcenter_url') . "/appcenter/link/{$appid}";
$appcenterUrl .= "?auth={$auth}" . $url;
$this->get("logger")->err("appcenterUrl=>" . $appcenterUrl);
return $this->redirect($appcenterUrl);
}
public function indexAction($network_domain, $appid)
{
try {
$user = $this->get('security.context')->getToken()->getUser();
$this->get("logger")->err($this->getrequest());
$appid = trim(DES::decrypt($appid));
//$this->get("logger")->err($appid);
if ($appid == "index") {
$checkcode = $user->getAppSig($appid, DES::$key);
return $this->render("JustsyBaseBundle:AppCenter:wefafaHeader.html.twig", array('curr_network_domain' => $network_domain, 'error' => "", 'weburl' => "", 'checkcode' => $checkcode));
}
$da = $this->get("we_data_access");
$sql = "select a.*,(select eno from we_enterprise where eno=a.appdeveloper and edomain='fafatime.com') dev from we_appcenter_apps a where a.appid=? ";
$ds = $da->GetData("app", $sql, array((string) $appid));
$checkcode = $user->getAppSig($appid, $ds["app"]["rows"][0]["appkey"]);
if ($checkcode == "") {
return $this->render("JustsyBaseBundle:AppCenter:index.html.twig", array('curr_network_domain' => $network_domain, 'error' => "请向管理获取你的openid!", 'weburl' => "", 'checkcode' => ""));
} else {
if (empty($ds) || count($ds["app"]["rows"]) == 0) {
return $this->render("JustsyBaseBundle:AppCenter:index.html.twig", array('curr_network_domain' => $network_domain, 'error' => "应用不存在或者未认证!", 'weburl' => "", 'checkcode' => ""));
} else {
$apptype = $ds["app"]["rows"][0]["apptype"];
if ($ds["app"]["rows"][0]["appdeveloper"] != $user->eno) {
if ($apptype != "4" || $apptype == "4" && empty($ds["app"]["rows"][0]["dev"])) {
//判断当前企业是否已订阅该应用
$sql = "select 1 from we_app_subscibe A ,we_staff B where A.appid=? and A.objectid=B.eno and B.login_account=? and B.state_id='1'";
$t_ds = $da->GetData("t_app", $sql, array((string) $appid, (string) $user->getUsername()));
if (count($t_ds["t_app"]["rows"]) == 0) {
return $this->render("JustsyBaseBundle:AppCenter:hint.html.twig", array('curr_network_domain' => $network_domain, 'nick' => $user->nick_name, 'jid' => $user->fafa_jid));
}
}
}
//到应用中心获取当前应用的基本信息,主要获取入口地址
$weburl = $ds["app"]["rows"][0]["url"];
if (strpos($weburl, "http://") === false && strpos($weburl, "https://") === false) {
if (strpos($weburl, "html.twig") === false) {
return $this->forward($weburl, array("network_domain" => $network_domain));
} else {
return $this->render($weburl, array('this' => $this, 'network_domain' => $network_domain, 'checkcode' => $checkcode, 'appname' => $ds["app"]["rows"][0]["appname"], 'logo' => $ds["app"]["rows"][0]["logo"]));
}
} else {
$weburl = strpos($weburl, "?") > 0 ? $weburl : $weburl . "?1=1";
return $this->render("JustsyBaseBundle:AppCenter:index.html.twig", array('curr_network_domain' => $network_domain, 'weburl' => $weburl, 'checkcode' => $checkcode, 'appname' => $ds["app"]["rows"][0]["appname"], 'logo' => $ds["app"]["rows"][0]["logo"]));
}
}
}
} catch (\Exception $e) {
$this->get("logger")->err($e);
return $this->render("JustsyBaseBundle:AppCenter:hint.html.twig", array('curr_network_domain' => $network_domain, 'nick' => $user->nick_name, 'jid' => $user->fafa_jid));
}
}
public function WeiXinLoginAction()
{
$deploy_mode = $this->container->getParameter('deploy_mode');
$da = $this->get("we_data_access");
$request = $this->getRequest();
$openid = $request->get("openid");
$unionid = $request->get("unionid");
$logintype = $request->get("logintype");
$logintype = empty($logintype) ? "02" : $logintype;
$ldap_uid = null;
$login_account = $unionid . "@fafatime.com";
$staffMgr = new \Justsy\BaseBundle\Management\Staff($da, $this->get('we_data_access_im'), $login_account, $this->get("logger"), $this->container);
$staffdata = $staffMgr->getInfo();
$re = array("returncode" => ReturnCode::$SYSERROR, "msg" => "");
$password = "";
//账号为空表示不存在
if (empty($staffdata)) {
$eno = $deploy_mode == "C" ? Utils::$PUBLIC_ENO : "";
if (empty($eno)) {
$cacheobj = new \Justsy\BaseBundle\Management\Enterprise($da, $this->get("logger"), $this->container);
//获取用户认证模块
$authConfig = $cacheobj->getUserAuth();
if (!empty($authConfig)) {
$eno = $authConfig["ENO"];
}
if (empty($eno)) {
$re["returncode"] = ReturnCode::$SYSERROR;
$re["msg"] = "企业号不能为空。";
return $re;
}
}
$ldap_uid = $unionid;
$password = rand(1000000, 999999);
$parameter = array("appid" => $request->get("appid"), "eno" => $eno, "openid" => $openid, "nick_name" => $request->get("nickname"), "sex" => $request->get("sex"), "province" => $request->get("province"), "city" => $request->get("city"), "headimgurl" => $request->get("headimgurl"), "unionid" => $unionid, "account" => "", "password" => $password, "ldap_uid" => $ldap_uid, "type" => "weixin");
$staffdata = $staffMgr->createstaff($parameter);
//注册用户账号
if ($staffdata["returncode"] == ReturnCode::$SUCCESS) {
$re = $this->autologin($login_account, $password, $logintype);
} else {
$re = $staffdata;
}
} else {
$password = DES::decrypt($staffdata["t_code"]);
$re = $this->autologin($login_account, $password, $logintype);
}
//$staffdata["des"] = DES::decrypt($staffdata["t_code"]);
$response = new Response(json_encode($re));
$response->headers->set('Content-Type', 'text/json');
return $response;
}
public function getData($type, $code)
{
if (empty($code)) {
$result = Utils::WrapResultError("无效的数据");
return $this->responseJson($result);
}
try {
if (empty($type)) {
$result = Utils::WrapResultError("无效的type参数");
return $this->responseJson($result);
}
//$this->logger->err($code);
$code = DES::decrypt($code);
$code = explode(",", $code);
$result = call_user_func_array(array(self, $type), $code);
return $this->responseJson($result);
} catch (\Exception $e) {
$this->logger->err($e);
$result = Utils::WrapResultError($e->getMessage());
}
return $this->responseJson($result);
}
public function getByDsid($user, $re, $parameters, $container)
{
if (isset($re["inf_url"]) && isset($re["req_user"]) && isset($re["req_pass"]) && isset($re["req_action"])) {
//{"type":"MySQL","server":"182.92.11.9","port":"3531","charset":"UTF-8","dbname":"we_im"}
$configure = json_decode($re["inf_url"], true);
//$configure = explode(";",$url);
$data = array();
if (count($configure) > 1) {
$charset = isset($configure["charset"]) && !empty($configure["charset"]) ? $configure["charset"] : "utf8";
$server = $configure["server"] . ":" . (isset($configure["port"]) && !empty($configure["port"]) ? $configure["port"] : "3306");
$dbname = $configure["dbname"];
$sql = $re["req_action"];
if (empty($server)) {
throw new \Exception("请指定连接到的服务器!");
} else {
if (empty($dbname)) {
throw new \Exception("请指定连接到服务器的数据库名称!");
} else {
if (empty($sql)) {
throw new \Exception("请求的MySQL语句不能为空!");
} else {
$dbuser = $re["req_user"];
$dbpassword = DES::decrypt($re["req_pass"]);
$conn = mysql_connect($server, $dbuser, $dbpassword);
if ($conn) {
mysql_select_db($dbname, $conn);
$utf = "set names '" . $charset . "'";
mysql_query($utf, $conn);
$sqls = array();
$need_para = $re["inf_parameter"];
if (!empty($need_para) && is_string($need_para)) {
$need_para = json_decode($need_para, true);
}
//如果有传入参数请,对传入参数的处理
if (strpos($sql, "@") !== false && !empty($need_para)) {
$parameters = json_decode($parameters, true);
//将json格式的参数转化为数组
for ($i = 0; $i < count($need_para); $i++) {
$key = $need_para[$i]["paramname"];
$paraname = "@" . $key;
if ($paraname == "@pageno" || $paraname == "@pagesize") {
$pagesize = isset($parameters["pagesize"]) ? $parameters["pagesize"] : $need_para[$i]["paramvalue"];
$pageno = isset($parameters["pageno"]) ? $parameters["pageno"] : $need_para[$i]["paramvalue"];
//翻页参数处理
$limitstart = $pageno * $pagesize;
$sql = preg_replace("/@pageno *\\* *@pagesize/is", $limitstart, $sql);
}
$val = isset($parameters[$key]) ? $parameters[$key] : $need_para[$i]["paramvalue"];
$sql = preg_replace("/" . $paraname . "/is", $val, $sql);
}
$sql = rtrim($sql, ";");
$sqls = explode(";", $sql);
} else {
$sqls = array($sql);
}
$container->get("logger")->err(json_encode($sqls));
for ($i = 0; $i < count($sqls); $i++) {
$sql = $sqls[$i];
$table = mysql_query($sql);
if ($table === false) {
mysql_close($conn);
throw new \Exception("SQL[" . $sql . "]操作失败,请检查!");
} else {
$temp = array();
if (mysql_num_rows($table) > 0) {
while ($row = mysql_fetch_array($table, MYSQL_ASSOC)) {
array_push($temp, $row);
}
}
if (count($sqls) == 1) {
$data = array("returncode" => ReturnCode::$SUCCESS, "data" => $temp, "msg" => "操作成功!");
} else {
$data["data" . $i] = array("returncode" => ReturnCode::$SUCCESS, "data" => $temp, "msg" => "操作成功!");
}
}
}
//关闭数据库连接
mysql_close($conn);
return $data;
} else {
throw new \Exception("连接数据库失败,请检查您的数据库连接配置!");
}
}
}
}
} else {
throw new \Exception("数据库连接参数inf_url不详细!");
}
} else {
throw new \Exception("请指定连接属性!");
}
}
public function pcSyncAction()
{
$res = $this->get("request");
$auth = $res->get("authcode");
$interviewee = $res->get("interviewee");
//$paras = explode(",", trim(DES::decrypt($interviewee)));
if ($auth == null || $auth == "") {
$this->get("logger")->err("=====pcSyncAction Error:authcode为空!");
return $this->render('JustsyBaseBundle:Account:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
try {
$auth = trim(DES::decrypt($auth));
//解密参数串
$paras = explode(",", trim(DES::decrypt($interviewee)));
//授权码已过期
$lng = time() - (int) $auth;
if ($lng > 30 || $lng < 0) {
$this->get("logger")->err("=====pcSyncAction Error:授权码已过期!");
return $this->render('JustsyBaseBundle:Account:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
} catch (\Exception $e) {
$this->get("logger")->err($e);
return $this->render('JustsyBaseBundle:Account:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
try {
if (count($paras) != 2 && count($paras) != 1) {
$this->get("logger")->err("=====pcSyncAction Error:参数{$paras不正确!}");
return $this->render('JustsyBaseBundle:Account:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
$ec = new \Justsy\BaseBundle\Controller\PersonalHomeController();
$ec->setContainer($this->container);
//通过openID获取用户信息
$user = $ec->loadUserByUsername($paras[0]);
if ($user == null) {
$this->get("logger")->err("=====pcSyncAction Error:{$paras用户信息未找到!}");
return $this->render('JustsyBaseBundle:Account:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
$network_domain = $user->edomain;
//登记seesion
$token = new UsernamePasswordToken($user, $user->getPassword(), "secured_area", $user->getRoles());
$this->get("security.context")->setToken($token);
$session = $res->getSession()->set('_security_' . 'secured_area', serialize($token));
$event = new InteractiveLoginEvent($this->get("request"), $token);
$this->get("event_dispatcher")->dispatch("security.interactive_login", $event);
$account = "";
if (count($paras) == 1) {
$photo_url = $this->container->getParameter('FILE_WEBSERVER_URL') . $user->photo_path_big;
$account = $user->getUsername();
$list["account"] = $account;
$list["name"] = $user->nick_name;
$list["deptid"] = $user->dept_id;
$list["deptname"] = $user->dept_name;
$list["birthday"] = $user->birthday;
$list["year"] = date('Y', strtotime($user->birthday));
$list["month"] = date('n', strtotime($user->birthday));
$list["day"] = date('j', strtotime($user->birthday));
$list["birthday"] = $list["year"] . "年" . $list["month"] . "月" . $list["day"] . "日";
$list["work_phone"] = $user->work_phone;
$list["mobile"] = $user->mobile;
$list["duty"] = $user->duty;
$list["sex_id"] = empty($user->sex_id) ? "" : $user->sex_id;
$list["isself"] = "1";
} else {
$user = $ec->getUserInfo($paras[1]);
$user = $user["we_staff"]["rows"][0];
$photo_url = $this->container->getParameter('FILE_WEBSERVER_URL') . $user["photo_path_big"];
$account = $user["login_account"];
$list["account"] = $account;
$list["name"] = $user["nick_name"];
$list["deptid"] = $user["dept_id"];
$list["deptname"] = $user["dept_name"];
$list["birthday"] = $user["birthday"];
$list["year"] = date('Y', strtotime($list["birthday"]));
$list["month"] = date('n', strtotime($list["birthday"]));
$list["day"] = date('j', strtotime($list["birthday"]));
$list["birthday"] = $list["year"] . "年" . $list["month"] . "月" . $list["day"] . "日";
$list["work_phone"] = $user["work_phone"];
$list["mobile"] = $user["mobile"];
$list["duty"] = $user["duty"];
$list["sex_id"] = empty($user["sex_id"]) ? "" : $user["sex_id"];
$list["isself"] = "0";
}
$sql = "select a.mobile, a.mobile_bind,a.hometown,a.graduated,a.work_his,a.self_desc,a.specialty,a.hobby from we_staff a where a.login_account=?";
$params = array();
$params[] = $account;
$da = $this->get("we_data_access");
$ds = $da->GetData("we_staff_mobile", $sql, $params);
$ds = $ds["we_staff_mobile"]["rows"][0];
$list["mobile_bind"] = $ds["mobile_bind"];
$list["self_desc"] = $ds["self_desc"];
$list["hometown"] = $ds["hometown"];
$list["graduated"] = $ds["graduated"];
$list["work_his"] = $ds["work_his"];
$list["specialty"] = $ds["specialty"];
$list["hobby"] = $ds["hobby"];
$list["direct_manages"] = "";
$list["report_object"] = "";
$list["path"] = $photo_url;
$list["msg"] = null;
$list["curr_network_domain"] = $network_domain;
$perBase = new \Justsy\BaseBundle\Controller\CPerBaseInfoController();
$perBase->setContainer($this->container);
$list["InfoCompletePercent"] = $perBase->GetInfoCompletePercent($account);
return $this->render('JustsyBaseBundle:Account:pcsync.html.twig', $list);
} catch (\Exception $e) {
$this->get("logger")->err($e);
return $this->render('JustsyBaseBundle:Account:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
}
public function getJidAction()
{
$request = $this->getRequest();
$token = $request->get("access_token");
$openid = $request->get("openid");
$da = $this->get("we_data_access");
$re = array("s" => 0);
//判断token是否还有效
$tokenR = $da->GetData("tken", "select access_token_expires,appid from we_app_oauth_sessions where access_token=? and userid=?", array((string) $token, (string) $openid));
if (count($tokenR["tken"]["rows"]) > 0) {
$appid = $tokenR["tken"]["rows"][0]["appid"];
$table = $da->GetData("app", "select appkey from we_appcenter_apps where appid=? and state=1", array((string) $appid));
if (count($table["app"]["rows"]) == 0) {
$re["msg"] = "10009";
$response = new Response($request->get('jsoncallback') ? $request->get('jsoncallback') . "(" . json_encode($re) . ");" : json_encode($re));
$response->headers->set('Content-Type', 'text/json');
return $response;
}
$appkey = $table["app"]["rows"][0]["appkey"];
$table = $da->GetData("staff", "select fafa_jid,t_code from we_staff where openid=?", array((string) $openid));
if (count($table["staff"]["rows"]) == 0) {
$re["msg"] = "10008";
$response = new Response($request->get('jsoncallback') ? $request->get('jsoncallback') . "(" . json_encode($re) . ");" : json_encode($re));
$response->headers->set('Content-Type', 'text/json');
return $response;
}
$p = trim(DES::decrypt($table["staff"]["rows"][0]["t_code"]));
//获取原始密码
$pk = str_pad(substr($p, 0, 8), "0");
//$p = DES::encrypt2($p,$pk); //重新使用当前应用的key加密,应用得到后需解密才能使用
$u = $table["staff"]["rows"][0]["fafa_jid"];
$uk = str_pad(substr($u, 0, 8), "0");
//$u = DES::encrypt2($u,$uk);
$re = array("s" => 1, "qa" => $u, "xs" => $p);
}
$response = new Response($request->get('jsoncallback') ? $request->get('jsoncallback') . "(" . json_encode($re) . ");" : json_encode($re));
$response->headers->set('Content-Type', 'text/json');
return $response;
}
public function getByDsid($user, $re, $parameters, $container)
{
if (isset($re["inf_url"]) && isset($re["req_user"]) && isset($re["req_pass"]) && isset($re["req_action"])) {
$configure = json_decode($re["inf_url"], true);
$data = array();
if (count($configure) > 1) {
$charset = isset($configure["charset"]) && !empty($configure["charset"]) ? $configure["charset"] : "GBK";
$server = $configure["server"] . (isset($configure["port"]) && !empty($configure["port"]) ? $configure["port"] : "3306");
$dbname = $configure["dbname"];
$sql = $re["req_action"];
//判断服务器连接属性不允许为空
if (empty($server)) {
throw new \Exception("请指定服务器地址!");
} else {
if (empty($dbname)) {
throw new \Exception("请指定数据库名称!");
} else {
if (empty($sql)) {
throw new \Exception("请求的SQL语句不允许为空!");
} else {
$uid = $re["req_user"];
$pwd = DES::decrypt($re["req_pass"]);
$connectionInfo = array("UID" => $uid, "PWD" => $pwd, "Database" => $dbname);
$conn = sqlsrv_connect($server, $connectionInfo);
if ($conn) {
$need_para = $re["inf_parameter"];
if (!empty($need_para) && is_string($need_para)) {
$need_para = json_decode($need_para, true);
}
//如果有传入参数请,对传入参数的处理
if (strpos($sql, "@") !== false && !empty($need_para)) {
$parameters = json_decode($parameters, true);
//将json格式的参数转化为数组
foreach ($need_para as $key => $val) {
$paraname = "@" . $key;
if (isset($parameters[$key])) {
$val = $parameters[$key];
}
if ($paraname == "@pageno" || $paraname == "@pagesize") {
$pagesize = isset($parameters["pagesize"]) ? $parameters["pagesize"] : $need_para["pagesize"];
$pageno = isset($parameters["pageno"]) ? $parameters["pageno"] : $need_para["pageno"];
//翻页参数处理
$limitstart = $pageno * $pagesize;
$sql = preg_replace("/@pageno *\\* *@pagesize/is", $limitstart, $sql);
}
$sql = preg_replace("/" . $paraname . "/is", $val, $sql);
}
$sql = rtrim($sql, ";");
$sqls = explode(";", $sql);
} else {
$sqls = array($sql);
}
//执行有结果集的SQL语句
$table = sqlsrv_query($conn, $sql);
if ($table === false) {
throw new \Exception(json_encode(sqlsrv_errors()));
} else {
$data = array();
while ($row = sqlsrv_fetch_array($table, SQLSRV_FETCH_ASSOC)) {
if ($charset != "UTF-8") {
foreach ($row as $key => $value) {
$row[$key] = iconv($charset, "UTF-8", $value);
}
}
array_push($data, $row);
}
return array("returncode" => ReturnCode::$SUCCESS, "data" => $data, "msg" => "");
}
} else {
throw new \Exception(json_encode(sqlsrv_errors()));
}
}
}
}
} else {
throw new \Exception("请指定数据库连接详细参数!");
}
} else {
throw new \Exception("请指定数据库连接详细参数!");
}
}
public function changeLoginAccount($newAccount, $factory)
{
$oldUser = $this->getInfo();
//原用户信息
$jid = $oldUser["fafa_jid"];
$t_code = $oldUser["t_code"];
$ldap_uid = $oldUser["ldap_uid"];
$pass = DES::decrypt($t_code);
if (!strpos($newAccount, "@")) {
$domain = $this->container->getParameter('edomain');
$ldap_uid = $newAccount;
$newAccount .= "@" . $domain;
}
$user = new \Justsy\BaseBundle\Login\UserSession($newAccount, $pass, $newAccount, array("ROLE_USER"));
$encoder = $factory->getEncoder($user);
$micro_password = $encoder->encodePassword($pass, $newAccount);
$sql = "update we_staff set password=?,t_code=?,ldap_uid=? where login_account=?";
$paras = array((string) $micro_password, (string) $t_code, (string) $ldap_uid, (string) $this->account);
$result = array();
try {
$dataexec = $this->conn->ExecSQL($sql, $paras);
//更新帐号
$this->conn->ExecSQL("call p_change_login_account(?,?)", array((string) $this->account, (string) $newAccount));
//刷新缓存
$this->getInfo(true);
$result = Utils::WrapResultOK("");
} catch (\Exception $e) {
$result = Utils::WrapResultError($e->getMessage());
}
return $result;
}
$network_domain = $request->get("network_domain");
$group_id = (string) SysSeq::GetSeqNextValue($da, "we_groups", "group_id");
$sqls = array("insert into we_groups(group_id,circle_id,group_name,group_desc,group_photo_path,join_method,create_staff,create_date)value(?,?,?,?,?,?,?,now())", "insert into we_group_staff(group_id,login_account)values(?,?)");
$paras = array(array((string) $group_id, (string) $user->get_circle_id($network_domain), (string) $request->get("txtname"), (string) $request->get("txtdesc"), (string) $fileid == "" ? null : $fileid, (string) $request->get("radjoin"), (string) $user->getUsername()), array((string) $group_id, (string) $user->getUsername()));
} else {
$sqls = "update we_groups set group_name=?,group_desc=?,group_photo_path=?,join_method=? where group_id=?";
$sqls_im = "update im_group set groupname=?,groupdesc=?,join_method=? where groupid=?";
$paras = array((string) $request->get("txtname"), (string) $request->get("txtdesc"), (string) $fileid == "" ? null : $fileid, (string) $request->get("radjoin"), (string) $groupid);
$paras_im = array((string) $request->get("txtname"), (string) $request->get("txtdesc"), (string) $request->get("radjoin"), (string) $groupid);
}
try {
if ($groupid == 0) {
$da->ExecSQLs($sqls, $paras);
} else {
$da->ExecSQL($sqls, $paras);
$da_im->ExecSQL($sqls_im, $paras_im);
}
return $this->redirect($this->generateUrl("JustsyBaseBundle_group"));
} catch (Exception $e) {
return $this->render('JustsyBaseBundle:login:index.html.twig', array('name' => 'err'));
}
}
//指定群的最新动态列表。专门为PC端提供
//参数data:由openid,groupid组成
public function trendListForPCAction()
{
$res = $this->get("request");
$auth = $res->get("authcode");
$paras = $res->get("data");
if ($auth == null || $auth == "") {
$this->get("logger")->err("=====pcSyncAction Error:authcode为空!");
return $this->render('JustsyBaseBundle:Group:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
//$paras = explode(",", trim(DES::decrypt($paras)));
try {
$auth = trim(DES::decrypt($auth));
//解密参数串
$paras = explode(",", trim(DES::decrypt($paras)));
//授权码已过期
$lng = time() - (int) $auth;
if ($lng > 30 || $lng < 0) {
$this->get("logger")->err("=====pcSyncAction Error:授权码已过期!");
return $this->render('JustsyBaseBundle:Group:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
} catch (\Exception $e) {
$this->get("logger")->err($e);
return $this->render('JustsyBaseBundle:Group:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
try {
if (count($paras) != 2) {
$this->get("logger")->err("=====pcSyncAction Error:参数{$paras不正确!}");
return $this->render('JustsyBaseBundle:Group:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
$ec = new \Justsy\BaseBundle\Controller\PersonalHomeController();
$ec->setContainer($this->container);
//通过openID获取用户信息
$user = $ec->loadUserByUsername($paras[0]);
if ($user == null) {
$this->get("logger")->err("=====pcSyncAction Error:{$paras用户信息未找到!}");
return $this->render('JustsyBaseBundle:Group:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
//登记seesion
$token = new UsernamePasswordToken($user, $user->getPassword(), "secured_area", $user->getRoles());
$this->get("security.context")->setToken($token);
$session = $res->getSession()->set('_security_' . 'secured_area', serialize($token));
$event = new InteractiveLoginEvent($this->get("request"), $token);
$this->get("event_dispatcher")->dispatch("security.interactive_login", $event);
$photo_url = $this->container->getParameter('FILE_WEBSERVER_URL') . $user->photo_path_small;
public function refuseJoinAction()
{
$para = $this->getRequest()->get('para');
$paraArr = explode(",", trim(DES::decrypt($para)));
$da = $this->get("we_data_access");
$user = $this->get('security.context')->getToken()->getUser();
//检查帐号是否存在
$sql = "select eno from we_staff where login_account=?";
$ds = $da->GetData('we_staff', $sql, array((string) $paraArr[1]));
if (!$ds || $ds['we_staff']['recordcount'] == 0) {
return new Response("0");
}
$eno = $ds['we_staff']['rows'][0]['eno'];
$sql = "select count(1) as cnt from we_circle_staff where circle_id=? and login_account=?";
$ds = $da->GetData('we_circle_staff', $sql, array((string) $paraArr[0], (string) $paraArr[1]));
if ($ds && $ds['we_circle_staff']['rows'][0]['cnt'] > 0) {
return new Response("0");
} else {
$txt = "您加入圈子【" . $paraArr[3] . "】的请求被拒绝了!";
$msgId = SysSeq::GetSeqNextValue($da, "we_message", "msg_id");
$sql = "insert into we_message(msg_id,sender,recver,send_date,title,content)values(?,?,?,now(),?,?)";
$param = array((int) $msgId, (string) $user->getUserName(), (string) $paraArr[1], "申请加入圈子被拒绝", $txt);
$da->ExecSQL($sql, $param);
$apply = new \Justsy\BaseBundle\Management\ApplyMgr($da, null);
$apply->SetCircleApplyInvalid($paraArr[1], $paraArr[0]);
//发送即时消息通知申请人
$im_sender = $this->container->getParameter('im_sender');
$message = $txt;
Utils::sendImMessage($im_sender, $paraArr[1], "圈子消息", $message, $this->container, "", "", true, Utils::$systemmessage_code);
return new Response("1");
}
}
public function agreeJoinCircleAction($para)
{
if (empty($para)) {
return $this->render('JustsyBaseBundle:Error:index.html.twig', array('error' => '参数错误!'));
}
$da = $this->get('we_data_access');
$res = $this->get('request');
$urlSource = $res->get("_urlSource");
//获取操作源。FaFaWin:从PC客户端操作的
//受邀人员帐号,圈子id,邀请人帐号
$paraArr = explode(",", trim(DES::decrypt($para)));
//是否有帐号
$sql = "select nick_name,fafa_jid from we_staff where login_account=?";
$ds = $da->GetData("we_staff", $sql, array((string) $paraArr[0]));
if (!$ds || $ds['we_staff']['recordcount'] == 0) {
if (empty($urlSource)) {
return $this->render('JustsyBaseBundle:Error:index.html.twig', array('error' => '您还没有微发发帐号,请先注册!'));
} else {
$response = new Response("{\"succeed\":0,\"msg\":\"您还没有微发发帐号,请先注册!\"}");
$response->headers->set('Content-Type', 'text/json');
return $response;
}
}
//判断是否是邀请加入人脉圈子,则在互相关注
if ($paraArr[1] == "9999") {
//互相添加好友
$staffMgr = new \Justsy\BaseBundle\Management\Staff($da, $this->get('we_data_access_im'), $paraArr[2], $this->get("logger"));
try {
$staffMgr->attentionTo($paraArr[0]);
} catch (\Exception $e) {
}
try {
$staffMgr->attentionMe($paraArr[0]);
} catch (\Exception $e) {
}
try {
$staffMgr->bothAddFriend($this->container, $paraArr[0]);
} catch (\Exception $e) {
}
$response = new Response("{\"succeed\":1,\"name\":\"人脉圈\",\"circleurl\":\"" . $this->generateUrl("JustsyBaseBundle_enterprise", array('network_domain' => "9999"), true) . "\"}");
$response->headers->set('Content-Type', 'text/json');
return $response;
}
$nick_name = $ds['we_staff']['rows'][0]['nick_name'];
$fafa_jid = $ds['we_staff']['rows'][0]['fafa_jid'];
//圈子是否存在
$sql = "select network_domain,circle_name,fafa_groupid from we_circle where circle_id=?";
$ds = $da->GetData("we_circle", $sql, array((string) $paraArr[1]));
if (!$ds || $ds['we_circle']['recordcount'] == 0) {
if (empty($urlSource)) {
return $this->render('JustsyBaseBundle:Error:index.html.twig', array('error' => '您要加入的圈子不存在!'));
} else {
$response = new Response("{\"succeed\":0,\"msg\":\"您要加入的圈子不存在!\"}");
$response->headers->set('Content-Type', 'text/json');
return $response;
}
}
$fafa_groupid = $ds['we_circle']['rows'][0]['fafa_groupid'];
$network_domain = $ds['we_circle']['rows'][0]['network_domain'];
$circle_name = $ds['we_circle']['rows'][0]['circle_name'];
//是否已经加入圈子
$sql = "select count(1) cnt from we_circle_staff where login_account=? and circle_id=?";
$ds = $da->GetData("cnt", $sql, array((string) $paraArr[0], (string) $paraArr[1]));
if ($ds && $ds['cnt']['rows'][0]['cnt'] > 0) {
if (empty($urlSource)) {
return $this->render('JustsyBaseBundle:Error:index.html.twig', array('error' => '您已经加入该圈子!'));
} else {
$response = new Response("{\"succeed\":0,\"msg\":\"您已经加入该圈子!\"}");
$response->headers->set('Content-Type', 'text/json');
return $response;
}
}
//圈子id+nick_name不能重复
$sql = "select count(1) cnt from we_circle_staff where circle_id=? and nick_name=?";
$ds = $da->GetData("cnt", $sql, array((string) $paraArr[1], (string) $nick_name));
if ($ds && $ds['cnt']['rows'][0]['cnt'] > 0) {
$user = $this->get('security.context')->getToken()->getUser();
$nick_name = $nick_name . "(" . $user->eshortname . ")";
}
//判断圈子是否有人
$sql = "select count(1) as cnt from we_circle_staff where circle_id=?";
$ds = $da->GetData('we_circle_staff', $sql, array((string) $paraArr[1]));
if ($ds && $ds['we_circle_staff']['rows'][0]['cnt'] == 0) {
$sql = "update we_circle set create_staff=? where circle_id=?";
$da->ExecSQL($sql, array((string) $paraArr[0], (string) $paraArr[1]));
}
$sql = "insert into we_circle_staff (circle_id,login_account,nick_name) values (?,?,?)";
$da->ExecSQL($sql, array((string) $paraArr[1], (string) $paraArr[0], (string) $nick_name));
//更新邀请信息
$sql = "update we_invite set real_active_email=?,active_date=now() where invite_send_email=? and invite_recv_email=? and eno=?";
$da->ExecSQL($sql, array((string) $paraArr[0], (string) $paraArr[2], (string) $paraArr[0], (string) ("c" . $paraArr[1])));
//10-加入外部圈子-5
$sql = "insert into we_staff_points (login_account,point_type,point_desc,point,point_date) values (?,?,?,?,now())";
$da->ExecSQL($sql, array((string) $paraArr[0], (string) '10', (string) '成功加入外部圈子' . $circle_name . ',获得积分5', (int) 5));
$apply = new \Justsy\BaseBundle\Management\ApplyMgr($da, null);
$apply->SetCircleApplyInvalid($paraArr[0], $paraArr[1]);
//发送即时消息通知申请人及成员
$circleObj = new \Justsy\BaseBundle\Controller\CircleController();
$circleObj->setContainer($this->container);
$message = Utils::makeHTMLElementTag('employee', $fafa_jid, $nick_name) . "加入了圈子【" . Utils::makeHTMLElementTag('circle', $fafa_groupid, $circle_name) . "】";
$circleObj->sendPresenceCirlce($paraArr[1], "circle_addmember", $message);
$backurl = $this->generateUrl("JustsyBaseBundle_enterprise", array('network_domain' => $paraArr[0]), true);
if (empty($urlSource)) {
return $this->render('JustsyBaseBundle:Error:success.html.twig', array('backurl' => $backurl));
} else {
$response = new Response("{\"succeed\":1,\"name\":\"" . $circle_name . "\",\"circleurl\":\"" . $backurl . "\"}");
$response->headers->set('Content-Type', 'text/json');
return $response;
}
}
public static function tokenAction($container, $con, $appid, $code, $encrypt)
{
$app = new \Justsy\BaseBundle\Management\App($container->container);
$stat_v = explode(",", $appid);
$appid = $stat_v[0];
$openid = $stat_v[1];
$isLogin = null;
if (strpos($appid, "SSO_") !== false) {
$isLogin = $appid;
//新浪微博集成登录
//获取微博对应的业务系统认证配置
$syspara = new \Justsy\BaseBundle\DataAccess\SysParam($container);
$appid = $syspara->GetSysParam(strtolower($appid) . "_appid");
if (empty($appid)) {
$resp = new Response("未配置微博业务系统或参数sso_sina_appid");
$resp->headers->set('Content-Type', 'text/html');
return $resp;
}
$appdata = $app->getbussysteminfo(array("appid" => $appid));
$appid = $isLogin;
//把appid还原成sso集成登录标识
} else {
if (strpos($appid, "SYS_") !== false) {
//业务系统直接对接
$appdata = $app->getbussysteminfo(array("appid" => substr($appid, 4)));
} else {
$appdata = $app->getappinfo(array("appid" => $appid));
}
}
if (empty($appdata)) {
return "无效的APPID";
}
$token_url = $appdata["token_url"];
if (empty($token_url)) {
return "无效的配置:令牌获取地址无效";
}
$token_method = $appdata["token_method"];
$token_method = empty($token_method) ? "POST" : $token_method;
$auth_url = $token_url;
$para_name = $appdata["redirecturl_para_name"];
if (empty($para_name)) {
$para_name = "redirect_uri";
}
$paraString = "";
if (empty($code)) {
$paraString .= "grant_type=client_credentials&" . $para_name . "=" . $appdata["redirection_url"];
} else {
$paraString .= "grant_type=authorization_code&" . $para_name . "=" . $appdata["redirection_url"];
}
$para_name = $appdata["clientid_para_name"];
if (empty($para_name)) {
$para_name = "client_id";
}
$paraString .= "&" . $para_name . "=" . $appdata["clientid"];
$para_name = $appdata["clientkey_para_name"];
if (empty($para_name)) {
$para_name = "client_secret";
}
$paraString .= "&" . $para_name . "=" . $appdata["clientkey"];
$paraString .= "&code=" . $code;
$paraString .= "&state=" . $appid . "," . $openid;
$container->get("logger")->err($auth_url . " -- " . $paraString);
if (strtoupper($token_method) == "POST") {
$token = Utils::do_post_request($auth_url, $paraString);
} else {
$token = Utils::do_post_request($auth_url . "?" . $paraString, null);
}
$container->get("logger")->err("token value:" . $token);
$retuenAry = array();
if (substr($token, 0, 1) == "{") {
$retuenAry = json_decode($token, true);
} else {
$rv = explode("&", $token);
for ($i = 0; $i < count($rv); $i++) {
$rv_i = explode("=", $rv[$i]);
$retuenAry[$rv_i[0]] = preg_replace("/'/is", "", $rv_i[1]);
}
}
$result = array("returncode" => "0000", "data" => null);
$para_name = $appdata["token_para_name"];
if (empty($para_name)) {
$para_name = "access_token";
}
if (isset($retuenAry[$para_name])) {
$retuenAry[$appdata["clientid_para_name"]] = $appdata["clientid"];
$retuenAry[$appdata["clientkey_para_name"]] = $appdata["clientkey"];
$result["returncode"] = "0000";
$retuenAry[$appdata["token_para_name"]] = $retuenAry[$para_name];
$app->setappsession(array("session" => $retuenAry, "openid" => $openid, "appid" => $appid));
} else {
$result["returncode"] = "9999";
}
$result["data"] = $retuenAry;
if (!empty($isLogin)) {
if (strpos($isLogin, "SSO_") !== false) {
if ($isLogin == "SSO_SINA") {
$uid = $retuenAry["uid"];
} else {
if ($isLogin == "SSO_WECHAT") {
$uid = $retuenAry["openid"];
}
}
//判断并注册用户
$staffobj = new \Justsy\BaseBundle\Management\Staff($container->get("we_data_access"), $container->get("we_data_access_im"), $uid, null, $container->container);
$re = $staffobj->createstaff(array("password" => rand(100000, 999999), "eno" => Utils::$PUBLIC_ENO, "nick_name" => $uid, "ldap_uid" => $uid, "account" => ""));
$re["data"]["des"] = DES::decrypt($re["data"]["t_code"]);
}
return self::responseLoginJson(json_encode($re));
} else {
if (strpos($appid, "SYS_") !== false) {
return self::responseJsonStr(json_encode($result));
} else {
return self::responseJson(json_encode($result));
}
}
}
public function releaseTogetherAttentionAction($attenaccount)
{
$da = $this->get('we_data_access');
$paras = explode(",", DES::decrypt($attenaccount));
if (count($paras) != 2) {
return new Response("{\"succeed\":0,\"msg\":\"parameter error\"}");
}
$sql = "select (select login_account from we_staff where fafa_jid=?) account1,(select login_account from we_staff where fafa_jid=?) account2";
$dataset = $da->GetData("accounts", $sql, array((string) $paras[0], (string) $paras[1]));
if (empty($dataset) || $dataset["accounts"]["recordcount"] == 0) {
return new Response("{\"succeed\":1}");
}
$isme = $dataset["accounts"]["rows"][0]["account1"];
$attenaccount = $dataset["accounts"]["rows"][0]["account2"];
$da = $this->get('we_data_access');
$attention_type = '01';
//关注人员
$sqls = array("delete from we_staff_atten where login_account=? and atten_type=? and atten_id=?", "delete from we_staff_atten where login_account=? and atten_type=? and atten_id=?");
$para = array();
$para[] = array((string) $isme, (string) $attention_type, (string) $attenaccount);
$para[] = array((string) $attenaccount, (string) $attention_type, (string) $isme);
$da->ExecSQLs($sqls, $para);
$response = new Response("{\"succeed\":1,\"both\":0}");
$response->headers->set('Content-Type', 'text/json');
return $response;
}
public static function bindAction($controller, $con, $appid, $openid, $params)
{
$re = array("returncode" => "0000");
try {
$bindinfo = $params->get("auth");
$bindinfo = explode(",", $bindinfo);
$bind_uid = $bindinfo[0];
$authkey = count($bindinfo) == 1 ? "" : DES::encrypt($bindinfo[1]);
$app = new \Justsy\BaseBundle\Management\App($controller->container);
$appdata = $app->getappinfo(array("appid" => $appid));
//获取应用信息
//自动身份认证
$cookie_key = self::$bind_type . "_" . $openid;
$loginUrl = $appdata["authorization_url"];
if (!empty($loginUrl)) {
$authResult = Utils::do_get_request_cookie($loginUrl . "&" . http_build_query(array("uid" => $bind_uid, "upwd" => md5(DES::decrypt($authkey)))), null, null, $cookie_key);
$authResult = json_decode($authResult, true);
if (!isset($authResult["islogin"]) || $authResult["islogin"] != "1") {
return $controller->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'errormsg' => '绑定的帐号或密码不正确', 'ssomodule' => self::$bind_type . "Controller"));
}
}
$app->setappbind(array("appid" => $appid, "openid" => $openid, "bind_type" => self::$bind_type, "bind_uid" => $bind_uid, "authkey" => $authkey));
} catch (\Exception $e) {
$response = new Response($e->getMessage());
$response->headers->set('Content-Type', 'text/html');
return $response;
}
return self::responseJson(json_encode($re));
}
public function loadUserByUsername($username)
{
$dataset = $this->getUserInfo($username);
$DataAccess = $this->get('we_data_access');
if ($dataset && $dataset["we_staff"]["recordcount"] > 0) {
$we_staff_row = $dataset["we_staff"]["rows"][0];
$password = $we_staff_row['password'];
$salt = $we_staff_row['login_account'];
$roles = array('ROLE_USER');
$sqls = array();
$params = array();
//获取用户角色和对应功能点数据
$sqls[] = "select DISTINCT d.`code`,d.`name`\n\t from we_staff_role a ,we_role b, we_role_function c,we_function d \n\t\t\twhere a.roleid=b.id and b.id=c.roleid and c.functionid=d.id and a.staff=? ;";
//获取用户角色
$sqls[] = "select DISTINCT b.name,b.code from we_staff_role a,we_role b where a.roleid=b.id and a.staff=?";
$params[] = array((string) $salt);
$params[] = array((string) $salt);
$ds = $DataAccess->GetDatas(array("we_function", "we_role"), $sqls, $params);
$us = new UserSession($we_staff_row['login_account'], $password, $salt, $roles);
$us->nick_name = $we_staff_row['nick_name'];
//$us->identify = $we_staff_row['identify'];
$us->photo_path = $we_staff_row['photo_path'];
$us->photo_path_small = $we_staff_row['photo_path_small'];
$us->photo_path_big = $we_staff_row['photo_path_big'];
$us->dept_id = $we_staff_row['dept_id'];
$us->dept_name = $we_staff_row['dept_name'];
$us->dept_name = $us->dept_name == null ? "[未设置部门]" : $us->dept_name;
$us->eno = $we_staff_row['eno'];
$us->fafa_jid = $we_staff_row['fafa_jid'];
$us->duty = $we_staff_row['duty'];
$us->work_phone = $we_staff_row['work_phone'];
$us->mobile = $we_staff_row['mobile'];
$us->birthday = $we_staff_row['birthday'];
$us->sex_id = $we_staff_row['sex_id'];
$us->openid = $we_staff_row['openid'];
$us->t_code = trim(DES::decrypt($we_staff_row['t_code']));
$us->edomain = $we_staff_row['edomain'];
$us->ename = $we_staff_row['ename'];
$us->eshortname = $we_staff_row['eshortname'];
$us->total_point = $we_staff_row['total_point'];
$us->level = \Justsy\BaseBundle\Common\ExperienceLevel::getLevel($us->total_point);
$us->vip_level = empty($we_staff_row['vip_level']) ? '1' : $we_staff_row['vip_level'];
$us->auth_level = empty($we_staff_row['auth_level']) ? 'J' : $we_staff_row['auth_level'];
if ($us->auth_level != 'S') {
$us->vip_level = $us->level;
}
$us->eno_level = $we_staff_row['eno_level'];
$us->we_level = $we_staff_row['we_level'];
foreach ($dataset["we_circle"]["rows"] as &$row) {
$us->circle_ids[] = $row['circle_id'];
$us->circle_names[] = $row['circle_name'];
$us->network_domains[] = $row['network_domain'];
$us->circle_logo_path_small[] = $row['logo_path_small'];
}
$us->manager_circles = $this->get_manager_circles($we_staff_row['login_account']);
foreach ($ds["we_function"]["rows"] as &$row) {
$us->function_names[] = $row['name'];
$us->function_codes[] = $row['code'];
$us->function_array[] = array("name" => $row['name'], "code" => $row['code']);
}
foreach ($ds["we_role"]["rows"] as &$row) {
$us->role_names[] = $row['name'];
$us->role_codes[] = $row['code'];
$us->role_array[] = array("name" => $row['name'], "code" => $row['code']);
}
return $us;
} else {
return null;
}
}
public function resetPwdAction($para)
{
$da = $this->get('we_data_access');
$state = 1;
try {
$arr = explode(",", trim(DES::decrypt($para)));
$sql = "select count(1) as cnt from we_retrieve_password where id=? and login_account=? \n\t and now()<valid_date and valid='1'";
$ds = $da->GetData('we_retrieve_password', $sql, array((string) $arr[1], (string) $arr[0]));
if (!$ds || $ds['we_retrieve_password']['rows'][0]['cnt'] == 0) {
$state = 0;
}
return $this->render('JustsyBaseBundle:Register:retrieve_pwd_modify.html.twig', array('login_account' => $arr[0], 'id' => $arr[1], 'state' => $state));
} catch (\Exception $e) {
return $this->render('JustsyBaseBundle:Register:retrieve_pwd_modify.html.twig', array('login_account' => '', 'id' => '', 'state' => 0));
}
}
