public function post($f3)
{
global $smarty;
// 首先做参数合法性验证
$validator = new Validator($f3->get('POST'));
$input = array();
$input['phone'] = $validator->validate('phone');
$input['address'] = $validator->validate('address');
$input['oldpassword'] = $validator->validate('oldpassword');
$input['password'] = $validator->validate('password');
// 用户打算修改密码
if (!Utils::isBlank($input['password'])) {
$validator->required('必须提供旧密码才能修改密码')->validate('oldpassword');
}
// 提供的旧密码,但是新密码为空
if (!Utils::isBlank($input['oldpassword'])) {
$validator->required('新密码不能为空')->validate('password');
}
if (!$this->validate($validator)) {
goto out;
}
$authSupplierUser = AuthHelper::getAuthUser();
$supplierUserService = new SupplierUserService();
// 验证用户登陆
$supplierUser = $supplierUserService->loadSupplierById($authSupplierUser['suppliers_id']);
if ($supplierUser->isEmpty()) {
$this->addFlashMessage("非法登陆用户");
RouteHelper::reRoute($this, '/User/Logout', false);
}
// 用户打算修改密码,但是旧密码不对
if (!empty($input['password']) && !$supplierUserService->verifyPassword($authSupplierUser['suppliers_id'], $input['oldpassword'])) {
$this->addFlashMessage('旧密码不对');
goto out;
}
// 更新数据
unset($input['oldpassword']);
$supplierUserService->updateSupplier($supplierUser, $input);
// 记录用户的登陆信息
$supplierUserInfo = $supplierUser->toArray();
unset($supplierUserInfo['password']);
// 不要记录密码
AuthHelper::saveAuthUser($supplierUserInfo);
$this->addFlashMessage("修改资料成功");
$smarty->assign($supplierUserInfo);
out:
// 从这里出去
$smarty->display('my_profile.tpl');
}
/**
* 显示订单详情
*/
public function Detail($f3)
{
// 权限检查
$this->requirePrivilege('manage_order_goods_detail');
global $smarty;
// 参数验证
$validator = new Validator($f3->get('GET'));
$rec_id = $validator->required()->digits()->min(1)->validate('rec_id');
if (!$this->validate($validator)) {
goto out_display;
}
// 取 order_goods
$orderBasicService = new OrderBasicService();
$orderGoods = $orderBasicService->loadOrderGoodsById($rec_id);
if ($orderGoods->isEmpty() || $orderGoods['order_id'] <= 0) {
$this->addFlashMessage('订单ID非法');
goto out_display;
}
// 转换状态显示
$orderGoods['order_goods_status_desc'] = OrderGoodsService::$orderGoodsStatusDesc[$orderGoods['order_goods_status']];
// 额外优惠允许的最大金额
$allowExtraDiscount = $orderGoods['goods_price'] + $orderGoods['shipping_fee'] - $orderGoods['discount'];
$maxExtraDiscount = round($allowExtraDiscount * $f3->get('sysConfig[max_order_goods_extra_discount_rate]'), 2);
$maxExtraDiscount = max($maxExtraDiscount, $f3->get('sysConfig[max_order_goods_extra_discount_value]'));
$maxExtraDiscount = min($maxExtraDiscount, $allowExtraDiscount);
// 退款允许退的最大金额
$maxRefund = $orderGoods['goods_price'] + $orderGoods['shipping_fee'] - $orderGoods['discount'] - $orderGoods['extra_discount'];
// 取商品信息
$goodsBasicService = new GoodsBasicService();
$goods = $goodsBasicService->loadGoodsById($orderGoods['goods_id'], 300);
// 缓存 300 秒
// 取 order_info
$orderInfo = $orderBasicService->loadOrderInfoById($orderGoods['order_id']);
if ($orderInfo->isEmpty()) {
$this->addFlashMessage('订单ID非法');
goto out_display;
}
$orderInfo['order_status_desc'] = OrderBasicService::$orderStatusDesc[$orderInfo['order_status']];
$orderInfo['pay_status_desc'] = OrderBasicService::$payStatusDesc[$orderInfo['pay_status']];
// 取订单来源信息
$orderReferService = new OrderReferService();
$orderRefer = $orderReferService->loadOrderReferByOrderId($orderInfo['order_id'], 300);
//缓存5分钟
// 取用户账户
$userBasicService = new UserBasicService();
$userInfo = $userBasicService->loadUserById($orderInfo['user_id']);
// 取得订单的操作日志
$orderActionService = new OrderActionService();
$orderLogArray = $orderActionService->fetchOrderLogArray($orderGoods['order_id'], $orderGoods['rec_id']);
// 状态字段转换成可以显示的字符串
foreach ($orderLogArray as &$orderLog) {
$orderLog['order_status'] = OrderBasicService::$orderStatusDesc[$orderLog['order_status']];
$orderLog['pay_status'] = OrderBasicService::$payStatusDesc[$orderLog['pay_status']];
$orderLog['order_goods_status'] = OrderGoodsService::$orderGoodsStatusDesc[$orderLog['order_goods_status']];
$orderLog['action_note'] = nl2br($orderLog['action_note']);
}
unset($orderLog);
// 查询供货商信息
$supplierUserService = new SupplierUserService();
$supplierInfo = $supplierUserService->loadSupplierById($orderGoods['suppliers_id']);
// 给模板赋值
$smarty->assign('orderGoods', $orderGoods);
$smarty->assign('goods', $goods);
$smarty->assign('maxExtraDiscount', $maxExtraDiscount);
$smarty->assign('maxRefund', $maxRefund);
$smarty->assign('orderInfo', $orderInfo);
$smarty->assign('orderRefer', $orderRefer);
$smarty->assign('userInfo', $userInfo);
$smarty->assign('supplierInfo', $supplierInfo);
$smarty->assign('orderLogArray', $orderLogArray);
out_display:
$smarty->display('order_goods_detail.tpl');
}
public function post($f3)
{
// 权限检查
$this->requirePrivilege('manage_goods_edit_edit_post');
global $smarty;
$isCreateGoods = false;
// 是否是创建新商品
// 参数验证
$validator = new Validator($f3->get('GET'));
$goods_id = $validator->digits()->filter('ValidatorIntValue')->validate('goods_id');
if (!$this->validate($validator)) {
goto out_fail_list_goods;
}
unset($validator);
// 用户提交的商品信息做验证
$goods = $f3->get('POST[goods]');
if (empty($goods)) {
goto out_fail_validate;
}
$validator = new Validator($goods);
$goodsInfo = array();
//表单数据验证、过滤
$goodsInfo['goods_name'] = $validator->required('商品名不能为空')->validate('goods_name');
$goodsInfo['goods_name_short'] = $validator->required('商品短标题不能为空')->validate('goods_name_short');
$goodsInfo['keywords'] = $validator->validate('keywords');
$goodsInfo['seo_title'] = $validator->validate('seo_title');
$goodsInfo['seo_keyword'] = $validator->validate('seo_keyword');
$goodsInfo['seo_description'] = $validator->validate('seo_description');
$goodsInfo['goods_sn'] = $validator->validate('goods_sn');
$goodsInfo['warehouse'] = $validator->validate('warehouse');
$goodsInfo['shelf'] = $validator->validate('shelf');
$goodsInfo['cat_id'] = $validator->required('商品分类不能为空')->filter('ValidatorIntValue')->validate('cat_id');
// 记录管理员
$authAdminUser = AuthHelper::getAuthUser();
$goodsInfo['admin_user_id'] = $validator->filter('ValidatorIntValue')->validate('admin_user_id');
// 如果没有选择管理员,就用当前管理员
if (empty($goodsInfo['admin_user_id'])) {
$goodsInfo['admin_user_id'] = $authAdminUser['user_id'];
$goodsInfo['admin_user_name'] = $authAdminUser['user_name'];
} else {
$adminUserService = new AdminUserService();
$adminUser = $adminUserService->loadAdminById($goodsInfo['admin_user_id']);
if ($adminUser->isEmpty()) {
$this->addFlashMessage('管理员[' . $goodsInfo['admin_user_id'] . ']不存在');
goto out_fail_validate;
}
$goodsInfo['admin_user_name'] = $adminUser['user_name'];
unset($adminUser);
unset($adminUserService);
}
$goodsInfo['brand_id'] = $validator->filter('ValidatorIntValue')->validate('brand_id');
$goodsInfo['suppliers_id'] = $validator->required('供货商不能为空')->filter('ValidatorIntValue')->validate('suppliers_id');
$goodsInfo['is_alone_sale'] = $validator->filter('ValidatorIntValue')->validate('is_alone_sale');
$goodsInfo['is_best'] = $validator->filter('ValidatorIntValue')->validate('is_best');
$goodsInfo['is_new'] = $validator->filter('ValidatorIntValue')->validate('is_new');
$goodsInfo['is_hot'] = $validator->filter('ValidatorIntValue')->validate('is_hot');
$goodsInfo['is_on_sale'] = $validator->filter('ValidatorIntValue')->validate('is_on_sale');
$goodsInfo['market_price'] = Money::toStorage($validator->validate('market_price'));
$goodsInfo['shop_price'] = Money::toStorage($validator->validate('shop_price'));
$goodsInfo['shipping_fee'] = Money::toStorage($validator->validate('shipping_fee'));
$goodsInfo['shipping_free_number'] = $validator->validate('shipping_free_number');
$goodsInfo['goods_number'] = abs($validator->filter('ValidatorIntValue')->validate('goods_number'));
$goodsInfo['virtual_buy_number'] = $validator->filter('ValidatorIntValue')->validate('virtual_buy_number');
$goodsInfo['suppliers_price'] = Money::toStorage($validator->validate('suppliers_price'));
$goodsInfo['suppliers_shipping_fee'] = Money::toStorage($validator->validate('suppliers_shipping_fee'));
$goodsInfo['sort_order'] = $validator->validate('sort_order');
$goodsInfo['warn_number'] = $validator->filter('ValidatorIntValue')->validate('warn_number');
$goodsInfo['goods_brief'] = @$goods['goods_brief'];
//不需要过滤 html
$goodsInfo['goods_notice'] = @$goods['goods_notice'];
//不需要过滤 html
$goodsInfo['goods_after_service'] = @$goods['goods_after_service'];
//不需要过滤 html
$goodsInfo['seller_note'] = $validator->validate('seller_note');
$goodsInfo['system_tag_list'] = Utils::makeTagString(@$goods['system_tag_list']);
// 生成系统的 tag string
$goodsInfo['update_time'] = Time::gmTime();
// 商品的更新时间
$goodsInfo['goods_desc'] = @$goods['goods_desc'];
//不需要过滤 html
if (!$this->validate($validator)) {
goto out_fail_validate;
}
// 某些时候,我们不允许编辑直接粘贴别人网站的图片上来,所以我们需要过滤图片的域名
$goodsDescAllowImageDomainArray = $f3->get('sysConfig[goods_desc_allow_image_domain_array]');
if ($goodsDescAllowImageDomainArray && is_array($goodsDescAllowImageDomainArray) && !empty($goodsDescAllowImageDomainArray)) {
$patternMatch = array();
preg_match_all('/<img(.*?)src="(.*?)"(.*?)\\/?>/', $goodsInfo['goods_desc'], $patternMatch, PREG_SET_ORDER);
// 检查每一个图片
foreach ($patternMatch as $matchItem) {
$imageUrl = $matchItem[2];
$urlInfo = parse_url($imageUrl);
if (!in_array(@$urlInfo['host'], $goodsDescAllowImageDomainArray)) {
$this->addFlashMessage('商品详情非法图片 ' . $imageUrl);
goto out_fail_validate;
}
}
}
// 写入到数据库
unset($goods);
$goodsBasicService = new GoodsBasicService();
$goods = $goodsBasicService->loadGoodsById($goods_id);
// 判断是否是新建商品
$isCreateGoods = $goods->isEmpty();
if ($isCreateGoods) {
// 权限检查
$this->requirePrivilege('manage_goods_create');
$goodsInfo['add_time'] = Time::gmTime();
}
$post_goods_sn = $validator->validate('goods_sn');
if ($isCreateGoods && !Utils::isBlank($post_goods_sn)) {
$goodsInfo['goods_sn'] = $post_goods_sn;
}
$goods->copyFrom($goodsInfo);
$goods->save();
// 新商品需要自动生成 goods_sn
if ($isCreateGoods && Utils::isBlank($post_goods_sn)) {
$goods->goods_sn = $f3->get('sysConfig[goods_sn_prefix]') . $goods['goods_id'];
$goods->save();
}
// 取得供货商信息
$supplierName = '';
if (!empty($goods['suppliers_id'])) {
$supplierUserService = new SupplierUserService();
$supplierInfo = $supplierUserService->loadSupplierById($goods['suppliers_id']);
if (!$supplierInfo->isEmpty()) {
$supplierName = $supplierInfo['suppliers_name'];
}
}
// 记录商品编辑日志
$goodsLogContent = '商品编辑:[' . $goods['admin_user_id'] . ']' . $goods['admin_user_name'] . "\n" . '上架状态:' . ($goods['is_on_sale'] > 0 ? '已上架' : '未上架') . "\n" . '销售价:' . Money::toSmartyDisplay($goods['shop_price']) . ' 供货价:' . Money::toSmartyDisplay($goods['suppliers_price']) . "\n" . '快递费:' . Money::toSmartyDisplay($goods['shipping_fee']) . ' 供货快递费:' . Money::toSmartyDisplay($goods['suppliers_shipping_fee']) . "\n" . ($goods['shipping_free_number'] > 0 ? '' . $goods['shipping_free_number'] . "件免邮\n" : '') . '商品排序:' . $goods['sort_order'] . "\n" . '系统Tag:' . $goods['system_tag_list'] . "\n" . '供货商:[' . $goods['suppliers_id'] . ']' . $supplierName;
$goodsLogService = new GoodsLogService();
$goodsLogService->addGoodsLog($goods['goods_id'], $authAdminUser['user_id'], $authAdminUser['user_name'], $isCreateGoods ? '新建商品' : static::$goodsLogDesc, $goodsLogContent);
// 成功,显示商品详情
$this->addFlashMessage('商品信息保存成功');
//清除缓存,确保商品显示正确
ClearHelper::clearGoodsCacheById($goods->goods_id);
RouteHelper::reRoute($this, RouteHelper::makeUrl('/Goods/Edit/Edit', array('goods_id' => $goods->goods_id), true));
return;
// 参数验证失败
out_fail_validate:
if (!$goods_id) {
// 新建商品验证失败
RouteHelper::reRoute($this, '/Goods/Create');
return;
}
$smarty->assign('goods', $goodsInfo);
$smarty->display('goods_edit_edit.tpl');
return;
out_fail_list_goods:
RouteHelper::reRoute($this, '/Goods/Search');
}
/**
* 供货商详情显示
*/
public function Edit($f3)
{
// 权限检查
$this->requirePrivilege('manage_account_supplier_edit_get');
global $smarty;
// 参数验证
$validator = new Validator($f3->get('GET'));
$suppliers_id = $validator->digits()->min(1)->validate('suppliers_id');
$suppliers_id = $suppliers_id > 0 ? $suppliers_id : 0;
if (!$this->validate($validator)) {
goto out;
}
// 查询供货商信息
$supplierUserService = new SupplierUserService();
$supplier = $supplierUserService->loadSupplierById($suppliers_id);
if (0 != $suppliers_id && $supplier->isEmpty()) {
// 不存在的供货商
$this->addFlashMessage('供货商不存在');
goto out;
}
if ($supplier->isEmpty()) {
// 新建供货商账号,权限检查
$this->requirePrivilege('manage_account_supplier_create');
}
if (!$f3->get('POST')) {
// 没有 post ,只是普通的显示
goto out_display;
}
// 用户提交了更新请求,这里做供货商信息更新
// 权限检查
$this->requirePrivilege('manage_account_supplier_edit_post');
// 参数验证
$inputArray = array();
$validator = new Validator($f3->get('POST'));
$inputArray['suppliers_account'] = $validator->required()->minlength(4)->validate('suppliers_account');
$inputArray['suppliers_name'] = $validator->required()->minlength(4)->validate('suppliers_name');
$inputArray['phone'] = $validator->validate('phone');
$inputArray['address'] = $validator->validate('address');
$inputArray['suppliers_desc'] = $validator->validate('suppliers_desc');
$password = $validator->validate('password');
if (!Utils::isBlank($password)) {
// 权限检查
$this->requirePrivilege('manage_account_supplier_edit_change_account_password');
$inputArray['password'] = $password;
}
if (!$this->validate($validator)) {
goto out;
}
// 确认供货商账号没有重复
if (!empty($inputArray['suppliers_account'])) {
$tmpSupplierUser = $supplierUserService->loadSupplierBySupplierAccount($inputArray['suppliers_account']);
if (0 == $suppliers_id && !$tmpSupplierUser->isEmpty() || !$tmpSupplierUser->isEmpty() && $tmpSupplierUser['suppliers_id'] != $suppliers_id) {
$this->addFlashMessage('供货商账号 ' . $inputArray['suppliers_account'] . ' 已经存在');
goto out;
}
}
// 如果供货商账号发生了变化
if ($supplier['suppliers_account'] != $inputArray['suppliers_account']) {
// 权限检查
$this->requirePrivilege('manage_account_supplier_edit_change_account_password');
}
// 更新供货商信息
$supplierUserService->updateSupplier($supplier, $inputArray);
$this->addFlashMessage('供货商信息更新成功');
out_display:
//给 smarty 模板赋值
$smarty->assign($supplier->toArray());
out:
$smarty->display('account_supplier_edit.tpl');
}
public function post($f3)
{
// 权限检查
$this->requirePrivilege('manage_order_settle');
// 参数验证
$validator = new Validator($f3->get('POST'));
$payTimeStart = $validator->required()->digits()->validate('payTimeStart');
$payTimeEnd = $validator->required()->digits()->validate('payTimeEnd');
$suppliers_id = $validator->required()->digits()->validate('suppliers_id');
if (!$this->validate($validator)) {
goto out;
}
$orderGoodsIdArray = $validator->validate('orderGoodsIdArray');
$memo = $validator->validate('memo');
if (empty($orderGoodsIdArray) || !is_array($orderGoodsIdArray)) {
$this->addFlashMessage('没有订单需要结算');
goto out;
}
// 取得供货商的信息
$userSupplierService = new UserSupplierService();
$supplier = $userSupplierService->loadSupplierById($suppliers_id);
if ($supplier->isEmpty()) {
$this->addFlashMessage('供货商不存在');
goto out;
}
// 取得所有 order_goods 记录
$orderGoodsService = new OrderGoodsService();
$orderGoodsArray = $orderGoodsService->_fetchArray('order_goods', 'rec_id, order_goods_status, goods_number,suppliers_id, suppliers_price, suppliers_shipping_fee, suppliers_refund, shipping_id', array(array(QueryBuilder::buildInCondition('rec_id', $orderGoodsIdArray))), array('order' => 'rec_id asc'), 0, $f3->get('sysConfig[max_query_record_count]'), 0);
//最多限制 max_query_record_count 条记录
if (empty($orderGoodsArray)) {
$this->addFlashMessage('没有订单需要结算');
goto out;
}
// 检查订单,计算订单结算金额
$totalGoodsPrice = 0;
$totalShippingFee = 0;
$totalRefund = 0;
$totalOrderGoodsCount = 0;
//剔除非法的 orderGoodsId
$invalidOrderGoodsIdArray = array();
foreach ($orderGoodsArray as $orderGoodsItem) {
if (OrderGoodsService::OGS_UNPAY == $orderGoodsItem['order_goods_status'] || $orderGoodsItem['suppliers_id'] != $suppliers_id || $orderGoodsItem['shipping_id'] <= 0) {
// 非法订单,剔除掉
$invalidOrderGoodsIdArray[] = $orderGoodsItem['rec_id'];
continue;
}
$totalGoodsPrice += $orderGoodsItem['goods_number'] * $orderGoodsItem['suppliers_price'];
$totalShippingFee += $orderGoodsItem['suppliers_shipping_fee'];
$totalRefund += $orderGoodsItem['suppliers_refund'];
$totalOrderGoodsCount++;
}
//剔除非法的 orderGoodsId
$orderGoodsIdArray = array_diff($orderGoodsIdArray, $invalidOrderGoodsIdArray);
if (empty($orderGoodsIdArray)) {
$this->addFlashMessage('没有订单需要结算');
goto out;
}
// 取得当前结算的管理员
$authAdminUser = AuthHelper::getAuthUser();
$dbEngine = DataMapper::getDbEngine();
try {
// 我们这里需要事务保障
$dbEngine->begin();
//创建 order_settle 记录
$orderSettleService = new OrderSettleService();
$orderSettle = $orderSettleService->loadOrderSettleBySettleId(0);
$orderSettle->user_id = $authAdminUser['user_id'];
$orderSettle->user_name = $authAdminUser['user_name'];
$orderSettle->settle_start_time = $payTimeStart;
$orderSettle->settle_end_time = $payTimeEnd;
$orderSettle->suppliers_id = $suppliers_id;
$orderSettle->suppliers_name = $supplier['suppliers_name'];
$orderSettle->suppliers_goods_price = $totalGoodsPrice;
$orderSettle->suppliers_shipping_fee = $totalShippingFee;
$orderSettle->suppliers_refund = $totalRefund;
$orderSettle->create_time = Time::gmTime();
$orderSettle->memo = $memo;
$orderSettle->save();
// 更新 order_goods ,设置上 settle_id
$sql = "update " . DataMapper::tableName('order_goods') . ' set settle_id = ? where ' . QueryBuilder::buildInCondition('rec_id', $orderGoodsIdArray);
$dbEngine->exec($sql, $orderSettle->settle_id);
$dbEngine->commit();
$this->addFlashMessage('成功创建结算记录');
} catch (\Exception $e) {
$dbEngine->rollback();
$this->addFlashMessage('数据库读写错误');
}
out:
// 回到结算页面
RouteHelper::reRoute($this, RouteHelper::getRefer(), false);
}
