public function get($f3) { AuthHelper::removeAuthUser(); $f3->clear('SESSION'); $this->addFlashMessage('成功退出登陆'); // 返回首页 RouteHelper::reRoute($this, '/', false); }
public function beforeRoute($f3) { parent::beforeRoute($f3); // 用户没有登陆,让用户去登陆 if (!AuthHelper::isAuthUser()) { // 如果已经记录了一个回跳 URL ,则不要再覆盖这个记录了 RouteHelper::reRoute($this, '/User/Login', !RouteHelper::hasRememberUrl()); } }
public function post($f3) { global $smarty; // 首先做参数合法性验证 $validator = new Validator($f3->get('POST')); $input = array(); $input['user_name'] = $validator->required('用户名不能为空')->minLength(2, '用户名最短为2个字符')->validate('user_name'); $input['password'] = $validator->required('密码不能为空')->minLength(6, '密码最短为6个非空字符')->validate('password'); $input['email'] = $validator->validate('email'); $input['mobile_phone'] = $validator->digits('手机号格式不对')->validate('mobile_phone'); $p_captcha = $validator->required('验证码不能为空')->validate('captcha'); // 手机输入,输入法经常无故添加空格,我们需要去除所有的空额,防止出错 $p_captcha = Utils::filterAlnumStr($p_captcha); // 需要跳转回去的地址 $returnUrl = $validator->validate('returnUrl'); if (!$this->validate($validator)) { goto out_fail; } // 检查验证码是否有效 $captchaController = new \Controller\Image\Captcha(); if (!$captchaController->validateCaptcha($p_captcha)) { $this->addFlashMessage('验证码错误[' . $p_captcha . '][' . $captchaController->getCaptcha() . ']'); goto out_fail; } $userService = new UserService(); // 检查用户是否已经注册 $isUserExist = $userService->isUserExist($input['user_name'], $input['email']); if ($isUserExist) { $this->addFlashMessage($isUserExist . '已经存在'); goto out_fail; } // 注册用户 $user = $userService->registerUser($input); if (!$user) { $this->addFlashMessage('用户注册失败,请稍后刷新页面重试'); goto out_fail; } // 记录用户的登陆信息 $userInfo = $user->toArray(); unset($userInfo['password']); // 不要记录密码 AuthHelper::saveAuthUser($userInfo, 'normal'); $this->addFlashMessage("注册成功"); if ($returnUrl) { header('Location:' . $returnUrl); return; } else { // 跳转到用户之前看的页面,如果之前没有看过的页面那就回到首页 RouteHelper::jumpBack($this, '/', true); } return; // 这里正常返回 out_fail: // 失败,从这里出口 $smarty->assign('captchaUrl', RouteHelper::makeUrl('/Image/Captcha', array('hash' => time()))); $smarty->display('user_register.tpl', 'User|Register|post'); }
public function get($f3) { AdminLog::logAdminOperate('user.logout', '用户退出', 'IP:' . $f3->get('IP')); AuthHelper::removeAuthUser(); $f3->clear('SESSION'); $this->addFlashMessage('成功退出登陆'); // 刷新当前页面 RouteHelper::reRoute($this, '/', false); }
public function post($f3) { global $smarty; // 首先做参数合法性验证 $validator = new Validator($f3->get('POST')); $input = array(); $input['user_name'] = $validator->required('用户名不能为空')->validate('user_name'); $input['password'] = $validator->required('密码不能为空')->validate('password'); $p_captcha = $validator->required('验证码不能为空')->validate('captcha'); if (!$this->validate($validator)) { goto out_fail; } // 检查验证码是否有效 $captchaController = new \Controller\Image\Captcha(); if (!$captchaController->validateCaptcha($p_captcha)) { $this->addFlashMessage("验证码错误"); goto out_fail; } $adminService = new AdminUserService(); // 验证用户登陆 $admin = $adminService->doAuthAdmin($input['user_name'], $input['user_name'], $input['password']); if (!$admin) { $this->addFlashMessage("登陆失败,用户名、密码错误"); goto out_fail; } // 记录用户的登陆信息 $adminUserInfo = $admin->toArray(); unset($adminUserInfo['password']); // 不要记录密码 // 取得用户的角色权限 $adminUserInfo['role_action_list'] = ''; if ($adminUserInfo['role_id'] > 0) { $metaRoleService = new MetaRoleService(); $role = $metaRoleService->loadRoleById($adminUserInfo['role_id']); if (!$role->isEmpty()) { // 赋值角色权限 $adminUserInfo['role_action_list'] = $role['meta_data']; } } AuthHelper::saveAuthUser($adminUserInfo); try { // 记录用户登录日志 AdminLog::logAdminOperate('user.login', '用户登录', 'IP:' . $f3->get('IP')); } catch (\Exception $e) { // do nothing } $this->addFlashMessage("登陆成功"); // 跳转到用户之前看的页面,如果之前没有看过的页面那就回到首页 RouteHelper::jumpBack($this, '/', true); return; // 这里正常返回 out_fail: // 失败从这里入口 $smarty->display('user_login.tpl', 'User|Login|post'); }
public function beforeRoute($f3) { global $smarty; parent::beforeRoute($f3); // 用户没有登陆,让用户去登陆 if (!AuthHelper::isAuthUser()) { // 如果已经记录了一个回跳 URL ,则不要再覆盖这个记录了 RouteHelper::reRoute($this, '/User/Login', !RouteHelper::hasRememberUrl()); return; } //把认证用户放入到 smarty 中 $smarty->assign('authSupplierUser', AuthHelper::getAuthUser()); }
/** * 记录管理员的操作日志 * * @param string $operate 操作 * @param string $operate_desc 操作描述 * @param string $operate_data 操作数据,用于记录一些重要数据 */ public static function logAdminOperate($operate, $operate_desc, $operate_data) { $dataMapper = new DataMapper('admin_log'); $authAdminUser = AuthHelper::getAuthUser(); $dataMapper->user_id = $authAdminUser['user_id']; $dataMapper->user_name = $authAdminUser['user_name']; $dataMapper->operate = $operate; $dataMapper->operate_desc = $operate_desc; $dataMapper->operate_time = Time::gmTime(); $dataMapper->operate_data = $operate_data; $dataMapper->save(); unset($dataMapper); }
public function post($f3) { global $smarty; // 首先做参数合法性验证 $validator = new Validator($f3->get('POST')); $input = array(); $input['user_name'] = $validator->required('用户名不能为空')->minLength(2, '用户名最短为2个字符')->validate('user_name'); $input['password'] = $validator->required('密码不能为空')->minLength(6, '密码最短为6个非空字符')->validate('password'); $input['email'] = $validator->validate('email'); $input['mobile_phone'] = $validator->digits('手机号格式不对')->validate('mobile_phone'); $p_captcha = $validator->required('验证码不能为空')->validate('captcha'); if (!$this->validate($validator)) { goto out_fail; } // 检查验证码是否有效 $captchaController = new \Controller\Image\Captcha(); if (!$captchaController->validateCaptcha($p_captcha)) { $this->addFlashMessage("验证码错误"); goto out_fail; } $userService = new UserService(); // 检查用户是否已经注册 $isUserExist = $userService->isUserExist($input['user_name'], $input['email']); if ($isUserExist) { $this->addFlashMessage($isUserExist . '已经存在'); goto out_fail; } // 注册用户 $user = $userService->registerUser($input); if (!$user) { $this->addFlashMessage('用户注册失败,请稍后刷新页面重试'); goto out_fail; } // 记录用户的登陆信息 $userInfo = $user->toArray(); unset($userInfo['password']); // 不要记录密码 AuthHelper::saveAuthUser($userInfo, 'normal'); // 设置用户名在网页显示 ClientData::saveClientData(Login::$clientDataIsUserLoginKey, true); ClientData::saveClientData(Login::$clientDataUserNameDisplayKey, $user->user_name); $this->addFlashMessage("注册成功"); // 跳转到用户之前看的页面,如果之前没有看过的页面那就回到首页 RouteHelper::jumpBack($this, '/', true); return; // 这里正常返回 out_fail: // 失败,从这里出口 $smarty->display('user_login.tpl', 'User|Register|post'); }
/** * 判断当前用户是否有某个权限 * * @param string $needPrivilege * * @return bool */ protected function hasPrivilege($needPrivilege) { $authAdminUser = AuthHelper::getAuthUser(); if (empty($authAdminUser)) { goto out_fail; } // 检查权限 if (!AdminUserService::verifyPrivilege($needPrivilege, $authAdminUser['action_list'] . ',' . $authAdminUser['role_action_list'])) { goto out_fail; } return true; out_fail: return false; }
public function post($f3) { global $smarty; // 首先做参数合法性验证 $validator = new Validator($f3->get('POST')); $input = array(); $input['user_name'] = $validator->required('用户名不能为空')->validate('user_name'); $input['password'] = $validator->required('密码不能为空')->validate('password'); $p_captcha = $validator->required('验证码不能为空')->validate('captcha'); // 手机输入,输入法经常无故添加空格,我们需要去除所有的空额,防止出错 $p_captcha = Utils::filterAlnumStr($p_captcha); // 需要跳转回去的地址 $returnUrl = $validator->validate('returnUrl'); if (!$this->validate($validator)) { goto out_fail; } // 检查验证码是否有效 $captchaController = new \Controller\Image\Captcha(); if (!$captchaController->validateCaptcha($p_captcha)) { $this->addFlashMessage('验证码错误[' . $p_captcha . '][' . $captchaController->getCaptcha() . ']'); goto out_fail; } $userService = new UserService(); // 验证用户登陆 $user = $userService->doAuthUser($input['user_name'], $input['user_name'], $input['password']); if (!$user) { $this->addFlashMessage("登陆失败,用户名、密码错误"); goto out_fail; } // 记录用户的登陆信息 $userInfo = $user->toArray(); unset($userInfo['password']); // 不要记录密码 AuthHelper::saveAuthUser($userInfo, 'normal'); $this->addFlashMessage("登陆成功"); if ($returnUrl) { header('Location:' . $returnUrl); return; } else { // 跳转到用户之前看的页面,如果之前没有看过的页面那就回到首页 RouteHelper::jumpBack($this, '/', true); } return; // 这里正常返回 out_fail: // 失败从这里出口 $smarty->assign('captchaUrl', RouteHelper::makeUrl('/Image/Captcha', array('hash' => time()))); $smarty->display('user_login.tpl', 'User|Login|post'); }
public function post($f3) { global $smarty; // 首先做参数合法性验证 $validator = new Validator($f3->get('POST')); $input = array(); $input['oldpassword'] = $validator->validate('oldpassword'); $input['password'] = $validator->validate('password'); $input['email'] = $validator->validate('email'); $input['mobile_phone'] = $validator->digits('手机号格式不对')->validate('mobile_phone'); // 用户打算修改密码 if (!Utils::isBlank($input['password'])) { $validator->required('必须提供旧密码才能修改密码')->validate('oldpassword'); } // 提供的旧密码,但是新密码为空 if (!Utils::isBlank($input['oldpassword'])) { $validator->required('新密码不能为空')->validate('password'); } if (!$this->validate($validator)) { goto out_fail; } $userInfo = AuthHelper::getAuthUser(); $userService = new UserService(); $user = $userService->loadUserById($userInfo['user_id']); if (!$user) { // 非法用户,应该让它自动登陆出去 $this->addFlashMessage('非法登陆用户'); RouteHelper::reRoute($this, '/User/Logout', false); } // 用户打算修改密码,但是旧密码不对 if (!empty($input['password']) && !$userService->verifyPassword($userInfo['user_id'], $input['oldpassword'])) { $this->addFlashMessage('旧密码不对'); goto out_fail; } // 更新数据 unset($input['oldpassword']); $userService->updateUser($user, $input); // 更新认证记录 AuthHelper::removeAuthUser(); AuthHelper::saveAuthUser($user->toArray()); $this->addFlashMessage('资料更新成功'); RouteHelper::reRoute($this, '/My/Profile'); return; // 这里正常返回 out_fail: // 失败返回 $smarty->display('my_profile.tpl', 'post'); }
public function post($f3) { global $smarty; // 首先做参数合法性验证 $validator = new Validator($f3->get('POST')); $input = array(); $input['phone'] = $validator->validate('phone'); $input['address'] = $validator->validate('address'); $input['oldpassword'] = $validator->validate('oldpassword'); $input['password'] = $validator->validate('password'); // 用户打算修改密码 if (!Utils::isBlank($input['password'])) { $validator->required('必须提供旧密码才能修改密码')->validate('oldpassword'); } // 提供的旧密码,但是新密码为空 if (!Utils::isBlank($input['oldpassword'])) { $validator->required('新密码不能为空')->validate('password'); } if (!$this->validate($validator)) { goto out; } $authSupplierUser = AuthHelper::getAuthUser(); $supplierUserService = new SupplierUserService(); // 验证用户登陆 $supplierUser = $supplierUserService->loadSupplierById($authSupplierUser['suppliers_id']); if ($supplierUser->isEmpty()) { $this->addFlashMessage("非法登陆用户"); RouteHelper::reRoute($this, '/User/Logout', false); } // 用户打算修改密码,但是旧密码不对 if (!empty($input['password']) && !$supplierUserService->verifyPassword($authSupplierUser['suppliers_id'], $input['oldpassword'])) { $this->addFlashMessage('旧密码不对'); goto out; } // 更新数据 unset($input['oldpassword']); $supplierUserService->updateSupplier($supplierUser, $input); // 记录用户的登陆信息 $supplierUserInfo = $supplierUser->toArray(); unset($supplierUserInfo['password']); // 不要记录密码 AuthHelper::saveAuthUser($supplierUserInfo); $this->addFlashMessage("修改资料成功"); $smarty->assign($supplierUserInfo); out: // 从这里出去 $smarty->display('my_profile.tpl'); }
public function get($f3) { // 清除客户端所有数据 ClientData::clearClientData(); // 清除服务器端数据 AuthHelper::removeAuthUser(); $f3->clear('SESSION'); $this->addFlashMessage('成功退出登陆'); $backUrl = RouteHelper::getRefer(); if (Utils::isBlank($backUrl)) { // 没有来路域名则返回首页 $backUrl = '/'; } // 刷新当前页面 RouteHelper::reRoute($this, $backUrl, false); }
public function get($f3) { global $smarty; // 参数验证 $validator = new Validator($f3->get('GET')); $pageNo = $validator->digits()->min(0)->validate('pageNo'); $pageSize = $validator->digits()->min(0)->validate('pageSize'); // 设置缺省值 $pageNo = isset($pageNo) && $pageNo > 0 ? $pageNo : 0; $pageSize = isset($pageSize) && $pageSize > 0 ? $pageSize : 10; if (!$this->validate($validator)) { goto out_display; } $userInfo = AuthHelper::getAuthUser(); // 构造查询条件 $searchFormQuery = array(); $searchFormQuery['oi.user_id'] = $userInfo['user_id']; // 合并查询参数 $searchParamArray = array_merge(QueryBuilder::buildSearchParamArray($searchFormQuery), $this->searchExtraCondArray); // 查询订单 $totalCount = SearchHelper::count(SearchHelper::Module_OrderGoodsOrderInfo, $searchParamArray); if ($totalCount <= 0) { // 没订单,可以直接退出了 goto out_display; } // 页数超过最大值,返回第一页 if ($pageNo * $pageSize >= $totalCount) { RouteHelper::reRoute($this, '/My/Order'); } // 订单排序 $orderByParam = array(); $orderByParam[] = array('og.rec_id', 'desc'); // 订单列表 $orderGoodsArray = SearchHelper::search(SearchHelper::Module_OrderGoodsOrderInfo, 'og.order_id, og.goods_id, og.goods_attr, og.goods_number, og.goods_price, og.shipping_fee' . ', og.create_time, og.order_goods_status, oi.order_sn, oi.pay_time', $searchParamArray, $orderByParam, $pageNo * $pageSize, $pageSize); foreach ($orderGoodsArray as &$orderGoodsItem) { $orderGoodsItem['order_goods_status_desc'] = OrderGoodsService::$orderGoodsStatusDesc[$orderGoodsItem['order_goods_status']]; } unset($orderGoodsItem); // 给模板赋值 $smarty->assign('totalCount', $totalCount); $smarty->assign('pageNo', $pageNo); $smarty->assign('pageSize', $pageSize); $smarty->assign('orderGoodsArray', $orderGoodsArray); out_display: $smarty->display('my_order.tpl', 'get'); }
public function get($f3) { global $smarty; // 参数验证 $validator = new Validator($f3->get('GET')); $pageNo = $validator->digits()->min(0)->validate('pageNo'); $pageSize = $validator->digits()->min(0)->validate('pageSize'); // 设置缺省值 $pageNo = isset($pageNo) && $pageNo > 0 ? $pageNo : 0; $pageSize = isset($pageSize) && $pageSize > 0 ? $pageSize : 10; if (!$this->validate($validator)) { goto out_display; } $userInfo = AuthHelper::getAuthUser(); $userBasicService = new UserBasicService(); $userInfo = $userBasicService->loadUserById($userInfo['user_id']); // 用户总共有资金余额 $smarty->assign('userMoney', $userInfo['user_money']); $accountLog = new AccountLogService(); // 用户总共有多少account_log $totalCount = $accountLog->countUserMoneyArray($userInfo['user_id'], 10); //缓存 10 秒钟 if ($totalCount <= 0) { // 没资金变动记录,可以直接退出了 goto out_display; } $smarty->assign('totalCount', $totalCount); // 页数超过最大值,返回第一页 if ($pageNo * $pageSize >= $totalCount) { RouteHelper::reRoute($this, '/My/Money'); } // 传递分页的变量 $smarty->assign('pageNo', $pageNo); $smarty->assign('pageSize', $pageSize); // account_log 列表 $accountLogArray = $accountLog->fetchUserMoneyArray($userInfo['user_id'], $pageNo * $pageSize, $pageSize, 10); //缓存 10 秒钟 foreach ($accountLogArray as &$accountLogItem) { $accountLogItem['change_type_desc'] = AccountLogService::$changeTypeDesc[$accountLogItem['change_type']]; } unset($accountLogItem); $smarty->assign('accountLogArray', $accountLogArray); out_display: $smarty->display('my_money.tpl', 'get'); }
/** * 判断用户是否有某种权限 * * @param $params * @param $content * @param Smarty_Internal_Template $template * @param $repeat */ function smarty_helper_block_verify_privilege($params, $content, Smarty_Internal_Template $template, &$repeat) { if ($repeat) { return ''; } if (array_key_exists('privilege', $params) && !empty($params['privilege'])) { $authAdminUser = AuthHelper::getAuthUser(); if (empty($authAdminUser)) { return ''; } // 检查权限 if (!AdminUserService::verifyPrivilege($params['privilege'], $authAdminUser['action_list'] . ',' . $authAdminUser['role_action_list'])) { return ''; } return $content; // 成功从这里返回 } }
public function beforeRoute($f3) { parent::beforeRoute($f3); //设置 SEO 信息 global $smarty; $smarty->assign('seo_title', MobileThemePlugin::getOptionValue('seo_title')); $smarty->assign('seo_description', MobileThemePlugin::getOptionValue('seo_description')); $smarty->assign('seo_keywords', MobileThemePlugin::getOptionValue('seo_keywords')); // 设置页面显示用户名 if (AuthHelper::isAuthUser()) { global $smarty; $authUser = AuthHelper::getAuthUser(); $smarty->assign('USER_NAME_DISPLAY', $authUser['user_name']); } // 记录用户从什么来源到达网站的 ReferHelper::setOrderRefer($f3); //设置 order_refer 信息 }
public function post($f3) { // 权限检查 $this->requirePrivilege('manage_goods_edit_edit_post'); global $smarty; // 参数验证 $validator = new Validator($f3->get('GET')); $goods_id = $validator->required('商品ID不能为空')->digits()->min(1)->validate('goods_id'); if (!$this->validate($validator)) { goto out_fail_list_goods; } unset($validator); // 用户提交的商品信息做验证 $goodsPromoteInfo = $f3->get('POST.goods_promote'); if (empty($goodsPromoteInfo)) { goto out_fail_validate; } //安全性处理 unset($goodsPromoteInfo['promote_id']); $goodsPromoteInfo['goods_id'] = $goods_id; // 写入到数据库 $goodsBasicService = new GoodsBasicService(); $goodsPromote = $goodsBasicService->loadGoodsPromoteByGoodsId($goods_id); $goodsPromote->copyFrom($goodsPromoteInfo); $goodsPromote->save(); // 记录商品编辑日志 $goodsLogContent = '360分类:' . $goodsPromote['360tuan_category'] . ',' . $goodsPromote['360tuan_category_end'] . "\n" . "360排序:" . $goodsPromote['360tuan_sort_order']; $authAdminUser = AuthHelper::getAuthUser(); $goodsLogService = new GoodsLogService(); $goodsLogService->addGoodsLog($goods_id, $authAdminUser['user_id'], $authAdminUser['user_name'], static::$goodsLogDesc, $goodsLogContent); // 成功,显示商品详情 $this->addFlashMessage('商品推广渠道保存成功'); //清除缓存,确保商品显示正确 ClearHelper::clearGoodsCacheById($goods_id); RouteHelper::reRoute($this, RouteHelper::makeUrl('/Goods/Edit/Promote', array('goods_id' => $goods_id), true)); return; // 参数验证失败 out_fail_validate: $smarty->display('goods_edit_promote.tpl'); return; out_fail_list_goods: RouteHelper::reRoute($this, '/Goods/Search'); }
public function post($f3) { global $smarty; // 首先做参数合法性验证 $validator = new Validator($f3->get('POST')); $input = array(); $input['user_name'] = $validator->required('用户名不能为空')->validate('user_name'); $input['password'] = $validator->required('密码不能为空')->validate('password'); $p_captcha = $validator->required('验证码不能为空')->validate('captcha'); if (!$this->validate($validator)) { goto out_fail; } // 检查验证码是否有效 $captchaController = new \Controller\Image\Captcha(); if (!$captchaController->validateCaptcha($p_captcha)) { $this->addFlashMessage("验证码错误"); goto out_fail; } $userService = new UserService(); // 验证用户登陆 $user = $userService->doAuthUser($input['user_name'], $input['user_name'], $input['password']); if (!$user) { $this->addFlashMessage("登陆失败,用户名、密码错误"); goto out_fail; } // 记录用户的登陆信息 $userInfo = $user->toArray(); unset($userInfo['password']); // 不要记录密码 AuthHelper::saveAuthUser($userInfo, 'normal'); // 设置用户名在网页显示 ClientData::saveClientData(Login::$clientDataIsUserLoginKey, true); ClientData::saveClientData(Login::$clientDataUserNameDisplayKey, $user->user_name); $this->addFlashMessage("登陆成功"); // 跳转到用户之前看的页面,如果之前没有看过的页面那就回到首页 RouteHelper::jumpBack($this, '/', true); return; // 这里正常返回 out_fail: // 失败从这里入口 $smarty->display('user_login.tpl', 'User|Login|post'); }
public function post($f3) { // 权限检查 $this->requirePrivilege('manage_goods_edit_edit_get'); // 参数验证 $validator = new Validator($f3->get('POST')); $goods_id = $validator->required('商品ID不能为空')->validate('goods_id'); $action = $validator->required('操作不能为空')->validate('action'); //任务时间 $taskTimeStr = $validator->required('必须选择时间')->validate('task_time'); $taskTime = Time::gmStrToTime($taskTimeStr) ?: null; if (!$this->validate($validator)) { goto out; } $authAdminUser = AuthHelper::getAuthUser(); // 添加 Cron 任务 CronHelper::addCronTask($authAdminUser['user_name'] . '[' . $authAdminUser['user_id'] . ']', GoodsCronTask::$task_name, @GoodsCronTask::$actionDesc[$action] . '[' . $goods_id . ']', '\\Core\\Cron\\GoodsCronTask', $taskTime, $f3->get('POST'), $goods_id); $this->addFlashMessage('成功添加定时任务'); out: RouteHelper::reRoute($this, RouteHelper::makeUrl('/Goods/Edit/Cron', array('goods_id' => $goods_id), true)); }
public function beforeRoute($f3) { parent::beforeRoute($f3); // 由于我们使用 GET 来传递 session id,出于安全性考虑,我们需要检查来源 IP $userSessionIP = $f3->get('SESSION[user_session_ip]'); if (empty($userSessionIP)) { $f3->set('SESSION[user_session_ip]', $f3->get('IP')); } else { if ($userSessionIP !== $f3->get('IP')) { // IP 非法,清空当前 session 数据 $f3->clear('SESSION'); session_destroy(); session_write_close(); } } // 用户没有登陆,让用户去登陆 if (!AuthHelper::isAuthUser()) { // 如果已经记录了一个回跳 URL ,则不要再覆盖这个记录了 RouteHelper::reRoute($this, '/User/Login', !RouteHelper::hasRememberUrl()); } }
public function post($f3) { global $smarty; // 首先做参数合法性验证 $validator = new Validator($f3->get('POST')); $addressInfo = array(); $addressInfo['consignee'] = $validator->required('姓名不能为空')->validate('consignee'); $addressInfo['address'] = $validator->required('地址不能为空')->validate('address'); $addressInfo['mobile'] = $validator->required('手机号码不能为空')->digits('手机号码格式不正确')->validate('mobile'); $addressInfo['tel'] = $validator->validate('tel'); $addressInfo['zipcode'] = $validator->digits('邮编格式不正确')->validate('zipcode'); if (!$this->validate($validator)) { goto out_fail; } $userInfo = AuthHelper::getAuthUser(); $userAddressService = new UserAddressService(); $userAddressService->updateUserFirstAddress($userInfo['user_id'], $addressInfo); $this->addFlashMessage('地址更新成功'); RouteHelper::reRoute($this, '/My/Address'); return; out_fail: // 失败返回 $smarty->display('my_address.tpl', 'post'); }
public function Edit($f3) { global $smarty; // 参数验证 $validator = new Validator($f3->get('GET')); $article_id = $validator->digits()->min(0)->filter('ValidatorIntValue')->validate('article_id'); if (!$this->validate($validator)) { goto out_fail; } // 取得文章 $articleService = new ArticleService(); $article = $articleService->loadArticleById($article_id); if ($article_id > 0 && $article->isEmpty()) { $this->addFlashMessage('文章ID[' . $article_id . ']非法'); goto out_fail; } // 只是显示文章内容而已 if (Request::isRequestGet()) { $smarty->assign('article', $article->toArray()); goto out_get; } // 权限检查 $this->requirePrivilege('manage_article_article_edit'); // 从这里开始是修改文章内容 unset($validator); $articleInfoArray = $f3->get('POST[article]'); $validator = new Validator($articleInfoArray); // 获得修改数据 $inputArray = array(); $inputArray['title'] = $validator->required()->validate('title'); $inputArray['seo_keyword'] = $validator->validate('seo_keyword'); $inputArray['cat_id'] = $validator->validate('cat_id'); $inputArray['is_open'] = $validator->validate('is_open'); $inputArray['description'] = $validator->validate('description'); $inputArray['content'] = $articleInfoArray['content']; // 不要过滤 html if (!$this->validate($validator)) { goto out_get; } $authAdminUser = AuthHelper::getAuthUser(); // 新建文章 if ($article_id <= 0) { $inputArray['admin_user_id'] = $authAdminUser['user_id']; $inputArray['admin_user_name'] = $authAdminUser['user_name']; $inputArray['add_time'] = Time::gmTime(); } // 文章更新 $inputArray['update_user_id'] = $authAdminUser['user_id']; $inputArray['update_user_name'] = $authAdminUser['user_name']; $inputArray['update_time'] = Time::gmTime(); // 保存修改 $article->copyFrom($inputArray); $article->save(); // 清除文章缓存 ClearHelper::clearArticleCacheById($article->article_id); $this->addFlashMessage('文章保存成功'); RouteHelper::reRoute($this, RouteHelper::makeUrl('/Article/Article/Edit', array('article_id' => $article->article_id), true)); return; // POST 从这里退出 out_get: // GET 从这里退出 $smarty->display('article_article_edit.tpl'); return; out_fail: // 失败从这里退出 RouteHelper::reRoute($this, '/Article/Article/Search'); }
/** * 设置订单为 退款中 状态 * * 即:确认已经收到用户的退货了,告知财务这个订单可以给用户退款了 * * @param $f3 */ public function SetRefund($f3) { // 参数验证 $validator = new Validator($f3->get('GET')); $rec_id = $validator->required()->digits()->min(1)->validate('rec_id'); if (!$this->validate($validator)) { goto out; } // 取得当前供货商 $authSupplierUser = AuthHelper::getAuthUser(); $orderBasicService = new OrderBasicService(); $orderGoods = $orderBasicService->loadOrderGoodsById($rec_id); if ($orderGoods->isEmpty() || OrderGoodsService::OGS_ASKREFUND != $orderGoods->order_goods_status || $orderGoods['suppliers_id'] != $authSupplierUser['suppliers_id']) { $this->addFlashMessage('订单ID非法'); goto out; } $orderInfo = $orderBasicService->loadOrderInfoById($orderGoods['order_id']); if ($orderInfo->isEmpty() || $orderInfo->pay_status != OrderBasicService::PS_PAYED) { $this->addFlashMessage('订单ID非法'); goto out; } // 设置订单状态为 退款中 $orderGoods->order_goods_status = OrderGoodsService::OGS_REFUNDING; $orderGoods->save(); // 更新 order_info 的 update_time 字段 $orderInfo->update_time = Time::gmTime(); $orderInfo->save(); $action_note = '设置为退款中' . "\n"; $action_note .= '操作人:[' . $authSupplierUser['suppliers_id'] . ']' . $authSupplierUser['suppliers_name'] . "\n"; // 添加订单操作日志 $orderActionService = new OrderActionService(); $orderActionService->logOrderAction($orderGoods['order_id'], $orderGoods['rec_id'], $orderInfo['order_status'], $orderInfo['pay_status'], $orderGoods['order_goods_status'], $action_note, $authSupplierUser['suppliers_name'], 0, $orderInfo['shipping_status']); $this->addFlashMessage('订单状态设置为[退款中]'); out: RouteHelper::reRoute($this, RouteHelper::getRefer(), false); }
/** * 设置订单的信息,注意:这个方法里面糅合了很多功能,通过 action="xxxx" 来区分 * * @param $f3 */ public function Update($f3) { // 验证 action $validator = new Validator($f3->get('GET')); $action = $validator->required()->oneOf(array('set_extra_discount', 'set_suppliers_price', 'set_shipping_no', 'set_memo', 'set_refund', 'set_extra_refund'), '非法操作')->validate('action'); if (!$this->validate($validator)) { goto out; } // 验证提交上来的参数 $validator = new Validator($f3->get('POST')); $updateValueArray = array(); $rec_id = $validator->required()->digits()->min(1)->validate('rec_id'); // 针对不同的 action 做不同的验证 switch ($action) { case 'set_extra_discount': // 权限检查 $this->requirePrivilege('manage_order_goods_update_set_extra_discount'); $updateValueArray['extra_discount'] = Money::toStorage($validator->validate('extra_discount')); $updateValueArray['extra_discount_note'] = $validator->required()->validate('extra_discount_note'); break; case 'set_suppliers_price': // 权限检查 $this->requirePrivilege('manage_order_goods_update_set_suppliers_price'); $updateValueArray['suppliers_price'] = Money::toStorage($validator->validate('suppliers_price')); $updateValueArray['suppliers_shipping_fee'] = Money::toStorage($validator->validate('suppliers_shipping_fee')); break; case 'set_shipping_no': // 权限检查 $this->requirePrivilege('manage_order_goods_update_set_shipping_no'); $updateValueArray['shipping_id'] = $validator->digits()->min(1)->validate('shipping_id'); $updateValueArray['shipping_no'] = $validator->validate('shipping_no'); break; case 'set_memo': // 权限检查 $this->requirePrivilege('manage_order_goods_update_set_memo'); $updateValueArray['memo'] = $validator->validate('memo'); break; case 'set_refund': // 权限检查 $this->requirePrivilege('manage_order_goods_update_set_refund'); $updateValueArray['refund'] = Money::toStorage($validator->validate('refund')); $updateValueArray['refund_note'] = $validator->required()->validate('refund_note'); $updateValueArray['refund_time'] = Time::gmTime(); $updateValueArray['suppliers_refund'] = Money::toStorage($validator->validate('suppliers_refund')); $updateValueArray['suppliers_refund_note'] = $validator->required()->validate('suppliers_refund_note'); break; case 'set_extra_refund': // 权限检查 $this->requirePrivilege('manage_order_goods_update_set_extra_refund'); $updateValueArray['extra_refund'] = Money::toStorage($validator->validate('extra_refund')); $updateValueArray['extra_refund_note'] = $validator->required()->validate('extra_refund_note'); $updateValueArray['extra_refund_time'] = Time::gmTime(); break; default: // 非法的 action goto out; } if (!$this->validate($validator)) { goto out; } // 取 order_goods $orderBasicService = new OrderBasicService(); $orderGoods = $orderBasicService->loadOrderGoodsById($rec_id); if ($orderGoods->isEmpty()) { $this->addFlashMessage('非法订单'); goto out_fail; } // 取得 orderInfo $orderInfo = $orderBasicService->loadOrderInfoById($orderGoods['order_id']); // 针对不同的 action 做额外不同的工作 $action_note = ''; switch ($action) { case 'set_extra_discount': // 商品只有是未付款状态才可以设置额外优惠 if (OrderGoodsService::OGS_UNPAY != $orderGoods['order_goods_status']) { $this->addFlashMessage('只有未付款订单才可以给予额外优惠'); goto out; } // 额外优惠允许的最大金额 $allowExtraDiscount = $orderGoods['goods_price'] + $orderGoods['shipping_fee'] - $orderGoods['discount']; $maxExtraDiscount = intval($allowExtraDiscount * $f3->get('sysConfig[max_order_goods_extra_discount_rate]')); $maxExtraDiscount = max($maxExtraDiscount, $f3->get('sysConfig[max_order_goods_extra_discount_value]')); $maxExtraDiscount = min($maxExtraDiscount, $allowExtraDiscount); // 额外优惠不能超过商品本身的金额 if ($updateValueArray['extra_discount'] > $maxExtraDiscount) { $this->addFlashMessage('额外优惠不能超过商品总金额 ' . $maxExtraDiscount); goto out; } // 设置额外余额,需要重新计算 order_info 中的值 $diffDiscount = 0; if ($orderGoods->extra_discount != $updateValueArray['extra_discount']) { $diffDiscount = $updateValueArray['extra_discount'] - $orderGoods->extra_discount; } $orderInfo->extra_discount += $diffDiscount; $orderInfo->order_amount -= $diffDiscount; $action_note .= '额外优惠:' . Money::toSmartyDisplay($updateValueArray['extra_discount']) . ","; $action_note .= '优惠说明:' . $updateValueArray['extra_discount_note'] . "\n"; break; case 'set_suppliers_price': $action_note .= '供货价:' . Money::toSmartyDisplay($updateValueArray['suppliers_price']) . ","; $action_note .= '供货快递费:' . Money::toSmartyDisplay($updateValueArray['suppliers_shipping_fee']) . "\n"; break; case 'set_shipping_no': if ($updateValueArray['shipping_id'] > 0) { //取得快递信息 $expressService = new ExpressService(); $expressInfo = $expressService->loadMetaById($updateValueArray['shipping_id']); if ($expressInfo->isEmpty() || ExpressService::META_TYPE != $expressInfo['meta_type']) { $this->addFlashMessage('快递ID非法'); goto out; } $updateValueArray['shipping_name'] = $expressInfo['meta_name']; } else { $updateValueArray['shipping_name'] = null; } $action_note .= '快递公司:' . $updateValueArray['shipping_name'] . "\n"; $action_note .= '快递单号:' . $updateValueArray['shipping_no'] . "\n"; break; case 'set_memo': $action_note .= '客服备注:' . $updateValueArray['memo'] . "\n"; break; case 'set_refund': // 检查订单状态 if (!in_array($orderGoods['order_goods_status'], array(OrderGoodsService::OGS_PAY, OrderGoodsService::OGS_ASKREFUND))) { $this->addFlashMessage('订单状态非法,不能退款'); goto out; } if ($orderGoods['settle_id'] > 0) { $this->addFlashMessage('已经结算的订单不能退款'); goto out; } // 订单设置为 申请退款 $updateValueArray['order_goods_status'] = OrderGoodsService::OGS_ASKREFUND; // 同步更新 order_info 中的 refund 字段 $diffRefund = 0; if ($orderGoods->refund != $updateValueArray['refund']) { $diffRefund = $updateValueArray['refund'] - $orderGoods->refund; } $orderInfo->refund += $diffRefund; // 检查金额,对一些常见错误提出警告 if (0 == $updateValueArray['refund']) { $this->addFlashMessage('警告:你确定给顾客退款金额设置为 ' . Money::toSmartyDisplay($updateValueArray['refund']) . ' ?'); } if (0 == $updateValueArray['suppliers_refund']) { $this->addFlashMessage('警告:你确定供货商给我们退款金额为 ' . Money::toSmartyDisplay($updateValueArray['refund']) . ' ?'); } if ($updateValueArray['refund'] <= $updateValueArray['suppliers_refund']) { $this->addFlashMessage('警告:给顾客退款金额 <= 供货商给我们的退款金额'); } // 日志信息记录 $action_note .= '申请退款' . "\n"; $action_note .= '顾客金额:' . Money::toSmartyDisplay($updateValueArray['refund']) . ","; $action_note .= '顾客说明:' . $updateValueArray['refund_note'] . "\n"; $action_note .= '供货商金额:' . Money::toSmartyDisplay($updateValueArray['suppliers_refund']) . ","; $action_note .= '供货商说明:' . $updateValueArray['suppliers_refund_note'] . "\n"; break; case 'set_extra_refund': // 检查订单状态 if (OrderGoodsService::OGS_UNPAY == $orderGoods['order_goods_status']) { $this->addFlashMessage('订单状态非法,不能退款'); goto out; } $action_note .= '额外退款:' . Money::toSmartyDisplay($updateValueArray['extra_refund']) . ","; $action_note .= '退款说明:' . $updateValueArray['extra_refund_note'] . "\n"; break; default: // 非法的 action goto out; } // 更新订单信息 $orderGoods->copyFrom($updateValueArray); $orderGoods->update_time = Time::gmTime(); $orderGoods->save(); // 更新 order_info 的 update_time 字段 $orderInfo->update_time = Time::gmTime(); $orderInfo->save(); // 添加订单操作日志 $authAdminUser = AuthHelper::getAuthUser(); $orderActionService = new OrderActionService(); $orderActionService->logOrderAction($orderGoods['order_id'], $orderGoods['rec_id'], $orderInfo['order_status'], $orderInfo['pay_status'], $orderGoods['order_goods_status'], $action_note, $authAdminUser['user_name'], 0, $orderInfo['shipping_status']); $this->addFlashMessage('订单信息保存成功'); out: RouteHelper::reRoute($this, RouteHelper::makeUrl('/Order/Goods/Detail', array('rec_id' => $rec_id), true)); return; out_fail: // 失败从这里退出 RouteHelper::reRoute($this, '/Order/Goods/Search', false); }
public function post($f3) { // 权限检查 $this->requirePrivilege('manage_goods_edit_edit_post'); global $smarty; $isCreateGoods = false; // 是否是创建新商品 // 参数验证 $validator = new Validator($f3->get('GET')); $goods_id = $validator->digits()->filter('ValidatorIntValue')->validate('goods_id'); if (!$this->validate($validator)) { goto out_fail_list_goods; } unset($validator); // 用户提交的商品信息做验证 $goods = $f3->get('POST[goods]'); if (empty($goods)) { goto out_fail_validate; } $validator = new Validator($goods); $goodsInfo = array(); //表单数据验证、过滤 $goodsInfo['goods_name'] = $validator->required('商品名不能为空')->validate('goods_name'); $goodsInfo['goods_name_short'] = $validator->required('商品短标题不能为空')->validate('goods_name_short'); $goodsInfo['keywords'] = $validator->validate('keywords'); $goodsInfo['seo_title'] = $validator->validate('seo_title'); $goodsInfo['seo_keyword'] = $validator->validate('seo_keyword'); $goodsInfo['seo_description'] = $validator->validate('seo_description'); $goodsInfo['goods_sn'] = $validator->validate('goods_sn'); $goodsInfo['warehouse'] = $validator->validate('warehouse'); $goodsInfo['shelf'] = $validator->validate('shelf'); $goodsInfo['cat_id'] = $validator->required('商品分类不能为空')->filter('ValidatorIntValue')->validate('cat_id'); // 记录管理员 $authAdminUser = AuthHelper::getAuthUser(); $goodsInfo['admin_user_id'] = $validator->filter('ValidatorIntValue')->validate('admin_user_id'); // 如果没有选择管理员,就用当前管理员 if (empty($goodsInfo['admin_user_id'])) { $goodsInfo['admin_user_id'] = $authAdminUser['user_id']; $goodsInfo['admin_user_name'] = $authAdminUser['user_name']; } else { $adminUserService = new AdminUserService(); $adminUser = $adminUserService->loadAdminById($goodsInfo['admin_user_id']); if ($adminUser->isEmpty()) { $this->addFlashMessage('管理员[' . $goodsInfo['admin_user_id'] . ']不存在'); goto out_fail_validate; } $goodsInfo['admin_user_name'] = $adminUser['user_name']; unset($adminUser); unset($adminUserService); } $goodsInfo['brand_id'] = $validator->filter('ValidatorIntValue')->validate('brand_id'); $goodsInfo['suppliers_id'] = $validator->required('供货商不能为空')->filter('ValidatorIntValue')->validate('suppliers_id'); $goodsInfo['is_alone_sale'] = $validator->filter('ValidatorIntValue')->validate('is_alone_sale'); $goodsInfo['is_best'] = $validator->filter('ValidatorIntValue')->validate('is_best'); $goodsInfo['is_new'] = $validator->filter('ValidatorIntValue')->validate('is_new'); $goodsInfo['is_hot'] = $validator->filter('ValidatorIntValue')->validate('is_hot'); $goodsInfo['is_on_sale'] = $validator->filter('ValidatorIntValue')->validate('is_on_sale'); $goodsInfo['market_price'] = Money::toStorage($validator->validate('market_price')); $goodsInfo['shop_price'] = Money::toStorage($validator->validate('shop_price')); $goodsInfo['shipping_fee'] = Money::toStorage($validator->validate('shipping_fee')); $goodsInfo['shipping_free_number'] = $validator->validate('shipping_free_number'); $goodsInfo['goods_number'] = abs($validator->filter('ValidatorIntValue')->validate('goods_number')); $goodsInfo['virtual_buy_number'] = $validator->filter('ValidatorIntValue')->validate('virtual_buy_number'); $goodsInfo['suppliers_price'] = Money::toStorage($validator->validate('suppliers_price')); $goodsInfo['suppliers_shipping_fee'] = Money::toStorage($validator->validate('suppliers_shipping_fee')); $goodsInfo['sort_order'] = $validator->validate('sort_order'); $goodsInfo['warn_number'] = $validator->filter('ValidatorIntValue')->validate('warn_number'); $goodsInfo['goods_brief'] = @$goods['goods_brief']; //不需要过滤 html $goodsInfo['goods_notice'] = @$goods['goods_notice']; //不需要过滤 html $goodsInfo['goods_after_service'] = @$goods['goods_after_service']; //不需要过滤 html $goodsInfo['seller_note'] = $validator->validate('seller_note'); $goodsInfo['system_tag_list'] = Utils::makeTagString(@$goods['system_tag_list']); // 生成系统的 tag string $goodsInfo['update_time'] = Time::gmTime(); // 商品的更新时间 $goodsInfo['goods_desc'] = @$goods['goods_desc']; //不需要过滤 html if (!$this->validate($validator)) { goto out_fail_validate; } // 某些时候,我们不允许编辑直接粘贴别人网站的图片上来,所以我们需要过滤图片的域名 $goodsDescAllowImageDomainArray = $f3->get('sysConfig[goods_desc_allow_image_domain_array]'); if ($goodsDescAllowImageDomainArray && is_array($goodsDescAllowImageDomainArray) && !empty($goodsDescAllowImageDomainArray)) { $patternMatch = array(); preg_match_all('/<img(.*?)src="(.*?)"(.*?)\\/?>/', $goodsInfo['goods_desc'], $patternMatch, PREG_SET_ORDER); // 检查每一个图片 foreach ($patternMatch as $matchItem) { $imageUrl = $matchItem[2]; $urlInfo = parse_url($imageUrl); if (!in_array(@$urlInfo['host'], $goodsDescAllowImageDomainArray)) { $this->addFlashMessage('商品详情非法图片 ' . $imageUrl); goto out_fail_validate; } } } // 写入到数据库 unset($goods); $goodsBasicService = new GoodsBasicService(); $goods = $goodsBasicService->loadGoodsById($goods_id); // 判断是否是新建商品 $isCreateGoods = $goods->isEmpty(); if ($isCreateGoods) { // 权限检查 $this->requirePrivilege('manage_goods_create'); $goodsInfo['add_time'] = Time::gmTime(); } $post_goods_sn = $validator->validate('goods_sn'); if ($isCreateGoods && !Utils::isBlank($post_goods_sn)) { $goodsInfo['goods_sn'] = $post_goods_sn; } $goods->copyFrom($goodsInfo); $goods->save(); // 新商品需要自动生成 goods_sn if ($isCreateGoods && Utils::isBlank($post_goods_sn)) { $goods->goods_sn = $f3->get('sysConfig[goods_sn_prefix]') . $goods['goods_id']; $goods->save(); } // 取得供货商信息 $supplierName = ''; if (!empty($goods['suppliers_id'])) { $supplierUserService = new SupplierUserService(); $supplierInfo = $supplierUserService->loadSupplierById($goods['suppliers_id']); if (!$supplierInfo->isEmpty()) { $supplierName = $supplierInfo['suppliers_name']; } } // 记录商品编辑日志 $goodsLogContent = '商品编辑:[' . $goods['admin_user_id'] . ']' . $goods['admin_user_name'] . "\n" . '上架状态:' . ($goods['is_on_sale'] > 0 ? '已上架' : '未上架') . "\n" . '销售价:' . Money::toSmartyDisplay($goods['shop_price']) . ' 供货价:' . Money::toSmartyDisplay($goods['suppliers_price']) . "\n" . '快递费:' . Money::toSmartyDisplay($goods['shipping_fee']) . ' 供货快递费:' . Money::toSmartyDisplay($goods['suppliers_shipping_fee']) . "\n" . ($goods['shipping_free_number'] > 0 ? '' . $goods['shipping_free_number'] . "件免邮\n" : '') . '商品排序:' . $goods['sort_order'] . "\n" . '系统Tag:' . $goods['system_tag_list'] . "\n" . '供货商:[' . $goods['suppliers_id'] . ']' . $supplierName; $goodsLogService = new GoodsLogService(); $goodsLogService->addGoodsLog($goods['goods_id'], $authAdminUser['user_id'], $authAdminUser['user_name'], $isCreateGoods ? '新建商品' : static::$goodsLogDesc, $goodsLogContent); // 成功,显示商品详情 $this->addFlashMessage('商品信息保存成功'); //清除缓存,确保商品显示正确 ClearHelper::clearGoodsCacheById($goods->goods_id); RouteHelper::reRoute($this, RouteHelper::makeUrl('/Goods/Edit/Edit', array('goods_id' => $goods->goods_id), true)); return; // 参数验证失败 out_fail_validate: if (!$goods_id) { // 新建商品验证失败 RouteHelper::reRoute($this, '/Goods/Create'); return; } $smarty->assign('goods', $goodsInfo); $smarty->display('goods_edit_edit.tpl'); return; out_fail_list_goods: RouteHelper::reRoute($this, '/Goods/Search'); }
/** * 把购物车中的信息保存到数据库订单中,如果订单已经存在,则更新订单数据, * 注意:这个方法必须在购物车计算完成之后调用,否则无法正确保存计算之后的数据 * * @return mixed 失败返回 false,成功返回订单记录 * * @param int $userId 用户的数字 ID * @param string $username 用户名 */ public function saveOrder($userId, $username) { // 参数验证 $validator = new Validator(array('userId' => $userId)); $userId = $validator->required()->digits()->min(1)->validate('userId'); $this->validate($validator); $orderBasicService = new OrderBasicService(); $orderId = isset($this->cartContext->orderInfo) ? $this->cartContext->orderInfo['order_id'] : null; // 不允许创建空订单 if (!$orderId && $this->cartContext->isEmpty()) { return false; } // 是否需要新建订单 $isNewOrder = false; //检查这个 order_info 是否合法 if ($orderId) { $orderInfo = $orderBasicService->loadOrderInfoById($orderId); // 不存在的 order_info 或者 已经付款了的订单不能再用了 if ($orderInfo->isEmpty() || OrderBasicService::PS_UNPAYED != $orderInfo->pay_status) { $orderId = null; $isNewOrder = true; } } else { $isNewOrder = true; } // 创建 order_info 记录 $orderInfoArray = $this->cartContext->orderInfoValue; $orderInfoArray['user_id'] = $userId; $orderInfoArray['order_status'] = OrderBasicService::OS_UNCONFIRMED; $orderInfoArray['pay_status'] = OrderBasicService::PS_UNPAYED; if (!$orderId) { // 新订单,生成 add_time 和 order_sn $orderInfoArray['add_time'] = Time::gmTime(); $orderInfoArray['order_sn'] = OrderBasicService::generateOrderSn(); $orderInfoArray['system_id'] = Cart::$cartSystemId; // 记录订单来自于哪个系统 } elseif ($this->cartContext->isOrderAmountChange()) { // 去支付网关支付,如果订单金额发生变化都需要重新生成一次 order_sn ,因为订单金额如果发生变化,支付网关会拒绝支付 $orderInfoArray['order_sn'] = OrderBasicService::generateOrderSn(); } else { // do nothing } // 我们需要数据库事务的保障 $dbEngine = DataMapper::getDbEngine(); $dbEngine->begin(); // 记录余额支付 $oldSurplus = $this->cartContext->orderInfo ? $this->cartContext->orderInfo['surplus'] : 0; $newSurplus = $this->cartContext->getValue('surplus') > 0 ? $this->cartContext->getValue('surplus') : 0; // 记录使用红包 $oldBonusId = $this->cartContext->orderInfo ? $this->cartContext->orderInfo['bonus_id'] : 0; $newBonusId = $this->cartContext->getValue('bonus_id') > 0 ? $this->cartContext->getValue('bonus_id') : 0; // 创建订单或者更新 order_info $orderInfo = $orderBasicService->saveOrderInfo($orderId, $orderInfoArray); // 创建订单失败,返回 false if ($orderInfo->isEmpty()) { goto out_fail; } // 处理余额支付 if ($oldSurplus != $newSurplus) { // 前后发生了支付余额的改变 $accountLog = new AccountLog(); if ($oldSurplus > 0) { // 把之前的余额退还 $accountLog->logChange($userId, $oldSurplus, 0, 0, 0, '退还余额,订单:' . $orderInfo['order_id'], AccountLog::ACT_OTHER); } if ($newSurplus > 0) { // 使用余额 $accountLog->logChange($userId, -1 * $newSurplus, 0, 0, 0, '使用余额,订单:' . $orderInfo['order_id'], AccountLog::ACT_OTHER); } // 由于修改了用户信息,需要 reload 用户数据 AuthHelper::reloadAuthUser(); } // 处理红包支付 if ($oldBonusId != $newBonusId) { // 红包支付前后发生了变化 $bonusService = new Bonus(); if ($oldBonusId > 0) { //退还之前使用的红包 $bonusService->unUseBonus($oldBonusId); } if ($newBonusId > 0) { // 使用新的红包 $bonusService->useBonus($newBonusId, $orderInfo['order_id']); } } // 创建 orderRefer 对象,记录订单的来源 $orderReferService = new OrderReferService(); $orderRefer = $orderReferService->loadOrderReferByOrderId($orderInfo['order_id']); // order_refer 记录创建一次之后就不会再修改了 if ($orderRefer->isEmpty()) { // 新的 order_refer 记录,设置 order_id 值 $orderRefer->order_id = $orderInfo['order_id']; $orderRefer->create_time = Time::gmTime(); $orderRefer->login_type = AuthHelper::getLoginType(); global $f3; $orderReferArray = ReferHelper::parseOrderRefer($f3); if (!empty($orderReferArray)) { unset($orderReferArray['refer_id']); //清除掉危险字段 unset($orderReferArray['order_id']); //清除掉危险字段 $orderRefer->copyFrom($orderReferArray); } $orderRefer->save(); // 保存 order_refer 记录 } // 取得数据库中已经存在的 order_goods 列表 $dbOrderGoodsArray = array(); if ($orderId > 0) { $dbOrderGoodsArray = $orderBasicService->fetchOrderGoodsArray($orderId); } $stillExistOrderGoodsIdArray = array(); // 在购物车中仍然存在的 orderGoods 对象 // 创建 orderInfo 对应的 order_goods 对象 foreach ($this->cartContext->orderGoodsArray as $orderGoodsItem) { $orderGoodsValueArray = array(); $orderGoodsValueArray['order_id'] = $orderInfo['order_id']; //从 goods 中复制属性 $orderGoodsValueArray['goods_id'] = $orderGoodsItem->goods['goods_id']; $orderGoodsValueArray['goods_admin_user_id'] = $orderGoodsItem->goods['admin_user_id']; $orderGoodsValueArray['goods_admin_user_name'] = $orderGoodsItem->goods['admin_user_name']; $orderGoodsValueArray['goods_name'] = $orderGoodsItem->goods['goods_name_short']; $orderGoodsValueArray['goods_sn'] = $orderGoodsItem->goods['goods_sn']; $orderGoodsValueArray['warehouse'] = $orderGoodsItem->goods['warehouse']; $orderGoodsValueArray['shelf'] = $orderGoodsItem->goods['shelf']; $orderGoodsValueArray['market_price'] = $orderGoodsItem->goods['market_price']; $orderGoodsValueArray['shop_price'] = $orderGoodsItem->goods['shop_price']; $orderGoodsValueArray['shipping_fee'] = $orderGoodsItem->goods['shipping_fee']; $orderGoodsValueArray['is_real'] = $orderGoodsItem->goods['is_real']; $orderGoodsValueArray['extension_code'] = $orderGoodsItem->goods['extension_code']; $orderGoodsValueArray['suppliers_id'] = $orderGoodsItem->goods['suppliers_id']; $orderGoodsValueArray['suppliers_price'] = $orderGoodsItem->goods['suppliers_price']; $orderGoodsValueArray['suppliers_shipping_fee'] = $orderGoodsItem->goods['suppliers_shipping_fee']; // 合并一些因为计算而覆盖的值 $orderGoodsValueArray = array_merge($orderGoodsValueArray, $orderGoodsItem->orderGoodsValue); $orderGoodsId = null; if (!$isNewOrder && $orderGoodsItem->orderGoods) { // 如果不是新订单,并且已经存在的 order_goods,做更新 $orderGoodsId = $orderGoodsItem->orderGoods['rec_id']; $stillExistOrderGoodsIdArray[] = $orderGoodsId; } else { // 新建的 order_goods,我们需要取得它的 CPS 信息,CPS 信息只在一开始加入,后面不会再被修改了 $cpsArray = ReferHelper::getCpsParam($orderRefer, $orderInfo, $orderGoodsValueArray); if (!empty($cpsArray)) { $orderGoodsValueArray['cps_rate'] = isset($cpsArray['cps_rate']) ? $cpsArray['cps_rate'] : 0; $orderGoodsValueArray['cps_fix_fee'] = isset($cpsArray['cps_fix_fee']) ? $cpsArray['cps_fix_fee'] : 0; } } $orderGoods = $orderBasicService->saveOrderGoods($orderGoodsId, $orderInfo['order_id'], $orderGoodsValueArray); if ($orderGoods->isEmpty()) { //创建失败 goto out_fail; } } // 删除已经被用户删除的 order_goods foreach ($dbOrderGoodsArray as $dbOrderGoodsItem) { // 这个 order_goods 已经不存在了,删除它 if (!in_array($dbOrderGoodsItem['rec_id'], $stillExistOrderGoodsIdArray)) { $orderBasicService->removeOrderGoods($dbOrderGoodsItem['rec_id']); } } // 记录订单操作日志 $orderActionService = new OrderActionService(); $orderActionService->logOrderAction($orderInfo['order_id'], 0, OrderBasicService::OS_UNCONFIRMED, OrderBasicService::PS_UNPAYED, OrderGoodsService::OGS_UNPAY, '订单创建或更新', $username, 0, 0); $dbEngine->commit(); return $orderInfo; // 返回创建的订单 out_fail: $dbEngine->rollback(); return false; }
/** * 批量上传快递单号,必须上传配货单 * * @param $f3 */ public function Upload($f3) { $recIdColumnIndex = 5; // 子订单 ID 列号 $shippingIdColumnIndex = 23; // 快递公司 ID 列号 $shippingNoColumnIndex = 24; // 快递单号列 if (empty($_FILES) || !array_key_exists('uploadfile', $_FILES)) { $this->addFlashMessage('没有上传文件'); goto out; } if ($_FILES['uploadfile']['error'] > 0) { $this->addFlashMessage('上传文件错误:' . $_FILES['uploadfile']['error']); goto out; } // 解析上传的文件名 $pathInfoArray = pathinfo($_FILES['uploadfile']['name']); $fileExt = strtolower($pathInfoArray['extension']); if ('xls' != $fileExt) { $this->addFlashMessage('文件格式错误,必须是 Excel xls 文件'); goto out; } $targetFile = $f3->get('TEMP') . time() . $fileExt; move_uploaded_file($_FILES['uploadfile']['tmp_name'], $targetFile); require_once PROTECTED_PATH . '/Vendor/PHPExcel/Settings.php'; // 设置Excel缓存,防止数据太多拖死了程序 \PHPExcel_Settings::setCacheStorageMethod(\PHPExcel_CachedObjectStorageFactory::cache_to_phpTemp); try { $objPHPExcel = \PHPExcel_IOFactory::load($targetFile); } catch (\Exception $e) { $this->addFlashMessage('上传的文件格式错误,请注意不要修改批量下载订单文件的格式'); goto out; } // 取得快递公司列表 $expressService = new ExpressService(); $expressArray = $expressService->fetchExpressArray(); // 构建 shipping_id --> express 的反查表 $shippingIdExpressArray = array(); foreach ($expressArray as $expressItem) { $shippingIdExpressArray[$expressItem['meta_id']] = $expressItem; } unset($expressArray); unset($expressService); // 释放内存 $activeSheet = $objPHPExcel->setActiveSheetIndex(0); $maxRow = $activeSheet->getHighestRow(); $expressSetCount = 0; // 成功设置计数 // 当前登录用户 $authSupplierUser = AuthHelper::getAuthUser(); $orderBasicService = new OrderBasicService(); // 一行一行的读取数据 for ($currentRow = 1; $currentRow <= $maxRow; $currentRow++) { // 取得子订单 ID $recIdStr = trim($activeSheet->getCellByColumnAndRow($recIdColumnIndex, $currentRow)->getValue()); if (!ctype_digit($recIdStr)) { // 如果不全是数字,说明这列不对 continue; } $orderGoods = $orderBasicService->loadOrderGoodsById(intval($recIdStr)); if ($orderGoods->isEmpty() || OrderGoodsService::OGS_PAY != $orderGoods->order_goods_status || $orderGoods['suppliers_id'] != $authSupplierUser['suppliers_id']) { $this->addFlashMessage('子订单[' . $recIdStr . ']非法'); continue; } //取得快递公司 ID 设置 $shippingIdStr = trim($activeSheet->getCellByColumnAndRow($shippingIdColumnIndex, $currentRow)->getValue()); if (!ctype_digit($shippingIdStr) || intval($shippingIdStr) <= 0) { $this->addFlashMessage('子订单[' . $recIdStr . '] 对应的 快递ID 错误'); continue; } $shipping_id = intval($shippingIdStr); if (!isset($shippingIdExpressArray[$shipping_id])) { $this->addFlashMessage('子订单[' . $recIdStr . '] 对应的 快递ID[' . $shipping_id . '] 非法'); continue; } if ($orderGoods->shipping_id > 0) { $this->addFlashMessage('子订单[' . $recIdStr . '] 覆盖了之前已有的快递信息 [' . $orderGoods->shipping_name . ':' . $orderGoods->shipping_no . ']'); } //取得快递单号 $shippingNoStr = trim($activeSheet->getCellByColumnAndRow($shippingNoColumnIndex, $currentRow)->getValue()); //设置快递信息 $orderGoods->shipping_id = $shipping_id; $orderGoods->shipping_name = $shippingIdExpressArray[$shipping_id]['meta_name']; $orderGoods->shipping_no = $shippingNoStr; $orderGoods->save(); $expressSetCount++; // 更新 order_info 的 update_time 字段 $orderInfo = $orderBasicService->loadOrderInfoById($orderGoods['order_id'], 1); //缓存1秒 $orderInfo->update_time = Time::gmTime(); $orderInfo->save(); // 添加订单操作日志 $action_note = '' . $shipping_id . ',' . $shippingIdExpressArray[$shipping_id]['meta_name'] . ',' . $shippingNoStr; $orderActionService = new OrderActionService(); $orderActionService->logOrderAction($orderGoods['order_id'], $orderGoods['rec_id'], $orderInfo['order_status'], $orderInfo['pay_status'], $orderGoods['order_goods_status'], $action_note, '供货商:[' . $authSupplierUser['suppliers_id'] . ']' . $authSupplierUser['suppliers_name'], 0, $orderInfo['shipping_status']); } $this->addFlashMessage('一共更新了 ' . $expressSetCount . ' 个快递信息'); out: // 删除上传文件 if (!empty($targetFile)) { @unlink($targetFile); } // 回到批量下载界面 RouteHelper::reRoute($this, '/Order/Excel'); }
/** * 管理员权限管理 * * @param $f3 */ public function Privilege($f3) { // 权限检查 $this->requirePrivilege('manage_account_admin_privilege_get'); global $smarty; // 参数验证 $validator = new Validator($f3->get('GET')); $user_id = $validator->required()->digits()->min(1)->validate('user_id'); if (!$this->validate($validator)) { goto out_fail; } // 查询管理员信息 $adminUserService = new AdminUserService(); $adminUser = $adminUserService->loadAdminById($user_id); if ($adminUser->isEmpty()) { // 不存在的管理员 $this->addFlashMessage('管理员不存在'); goto out_fail; } else { if (AdminUserService::verifyPrivilege(AdminUserService::privilegeAll, $adminUser['action_list'])) { // 拥有最高权限的管理员只有他自己能编辑自己 $authAdminUser = AuthHelper::getAuthUser(); if ($authAdminUser['user_id'] != $adminUser['user_id']) { $this->addFlashMessage('超级管理员只有他自己能操作自己的信息'); RouteHelper::reRoute($this, '/Account/Admin/ListUser'); } } } if (!Request::isRequestPost()) { // 没有 post ,只是普通的显示 goto out_display; } // 权限检查 $this->requirePrivilege('manage_account_admin_privilege_post'); $action_list_str = ''; $actionCodeArray = $f3->get('POST[action_code]'); if (empty($actionCodeArray)) { // 清空了所有权限 $action_list_str = ''; goto update_privilege; } if (in_array(AdminUserService::privilegeAll, $actionCodeArray)) { // 权限检查,只有自身拥有 privilegeAll 权限的人才能给别人授权 privilegeAll $this->requirePrivilege(AdminUserService::privilegeAll); // 用户有所有的权限 $action_list_str = AdminUserService::privilegeAll; goto update_privilege; } // 生成权限字符串 $action_list_str = implode(',', $actionCodeArray); update_privilege: $adminUser->role_id = $f3->get('POST[role_id]'); $adminUser->action_list = $action_list_str; $adminUser->save(); $this->addFlashMessage('管理员权限保存成功'); out_display: $smarty->assign($adminUser->toArray()); // 取得权限显示列表 $metaPrivilegeService = new MetaPrivilegeService(); $smarty->assign('privilegeArray', $metaPrivilegeService->fetchPrivilegeArray()); $smarty->display('account_admin_privilege.tpl'); return; // 正常从这里返回 out_fail: // 失败,返回管理员列表 RouteHelper::reRoute($this, RouteHelper::makeUrl('/Account/Admin/ListUser', array('user_id' => $user_id), true)); }
/** * * 为 mobile 系统设置运行环境 * * @return bool */ private function doMobileAction() { global $f3; // 获取当前插件的根地址 $currentThemeBasePath = dirname(__FILE__); // 通用的加载 $this->doOtherAction(); // mobile 目录加入到 auto load 的路径中,这样系统就能自动做 class 加载 SystemHelper::addAutoloadPath($currentThemeBasePath . '/mobile/Code', true); // 设置路由,这样用户就能访问到我们的程序了 $f3->config($currentThemeBasePath . '/mobile/route.cfg'); $f3->config($currentThemeBasePath . '/mobile/route-rewrite.cfg'); // 记录用户从什么来源到达网站的 ReferHelper::addReferItem('HostRefer', new HostRefer()); // 记录来源的 refer_host 和 refer_url // 注册 Asset 模块 \Core\Asset\ManagerHelper::registerModule(MobileThemePlugin::pluginGetUniqueId(), $this->pluginGetVersion(), $currentThemeBasePath . '/mobile/Asset'); // 发布必要的资源文件 \Core\Asset\ManagerHelper::publishAsset(MobileThemePlugin::pluginGetUniqueId(), 'jquery-mobile'); \Core\Asset\ManagerHelper::publishAsset(MobileThemePlugin::pluginGetUniqueId(), 'css'); \Core\Asset\ManagerHelper::publishAsset(MobileThemePlugin::pluginGetUniqueId(), 'js'); \Core\Asset\ManagerHelper::publishAsset(MobileThemePlugin::pluginGetUniqueId(), 'img'); // 增加 smarty 模板搜索路径 global $smarty; $smarty->addTemplateDir($currentThemeBasePath . '/mobile/Tpl/'); // 加载 smarty 的扩展,里面有一些我们需要用到的函数 require_once $currentThemeBasePath . '/mobile/Code/smarty_helper.php'; // 注册 smarty 函数 smarty_helper_register($smarty); global $f3; // 设置网站的 Base 路径,给 JavaScript 使用 $smarty->assign("WEB_ROOT_HOST", $f3->get('sysConfig[webroot_schema_host]')); $smarty->assign("WEB_ROOT_BASE", $f3->get('BASE')); $smarty->assign("WEB_ROOT_BASE_RES", smarty_helper_function_get_asset_url(array('asset' => ''), null)); $smarty->assign("IS_USER_AUTH", \Core\Helper\Utility\Auth::isAuthUser()); // jQuery Mobile 根据当前页面的 URL 来决定是否缓存,我们对某些不希望缓存的页面在这里需要特殊处理, // 确保它的 url 是一直变化的 $currentPageUrl = \Core\Helper\Utility\Route::getRequestURL(); // 下面的操作页面不要缓存,因为每次可能都不一样,比如有验证码,或者有新订单 if (false !== strpos($currentPageUrl, '/User/') || false !== strpos($currentPageUrl, '/My/') || false !== strpos($currentPageUrl, '/Cart/')) { $currentPageUrl = \Core\Helper\Utility\Route::addParam($currentPageUrl, array('_no_cache_page' => time())); } $smarty->assign("CURRENT_PAGE_URL", $currentPageUrl); return true; }