/**
* 在XxxxAction模块或方法调用之前,执行绑定的过滤器(如果有)
* 参数:Action名称,如'Test';方法名,如'test'.
* 该方法仅供ActionUtil::invokeAction()、XxxxAction__call()、ActionUtil::__call()调用,以实现调用前先过滤的功能。
*/
public static function doFilterIfHasIt($action, $method)
{
//获取XxxxAction通过实现Filter而绑定的所有过滤器方法
$filters = get_class_methods($action . 'Action');
if (!$filters) {
return;
}
//第一步、执行内置过滤器方法(绑定在XxxxAction模块的默认过滤器),如果有
if ($filters && in_array('doFilter', $filters)) {
ActionUtil::action($action)->doFilter();
}
//获取XxxxAction通过定义XxxxFilter而绑定的所有过滤器方法
$filters = get_class_methods($action . 'Filter');
if (!$filters) {
return;
}
//第二步、再执行绑定在Action模块的后续过滤器链,如果有
$i = 0;
while ($filters && ++$i <= count($filters) && in_array('doFilter_' . $i, $filters)) {
eval('FilterUtil::filter($action)->doFilter_' . $i . '();');
}
//第三步、执行Action方法绑定的单过滤器(与方法名同名),如果有
if (in_array($method, $filters)) {
FilterUtil::filter($action)->{$method}();
}
//第四步、再执行绑定在Action方法的后续过滤器链,如果有
$i = 0;
while ($filters && ++$i <= count($filters) && in_array($method . '_' . $i, $filters)) {
eval('FilterUtil::filter($action)->' . $method . '_' . $i . '();');
}
}
public function getAllLogs()
{
$conn = self::$db->getConnection();
$query = FilterUtil::applyFilter(self::$SELECT_ALL);
$stmt = $conn->prepare($query);
$stmt->execute();
$error = $stmt->errorInfo();
$rows = $stmt->fetchAll();
$mainArray = array();
foreach ($rows as $row) {
$array = array();
$array["timestamp"] = $row["timestamp"];
$array["message"] = $row["message"];
$array["level"] = $row["level"];
$array["file"] = $row["file"];
$array["line"] = $row["line"];
array_push($mainArray, $array);
}
return $mainArray;
}
/**
* A catch all page for roles.
*
* This action renders a page with forms for the creation, editing, and deletion
* of roles. It also displays a grid with all user created roles (default
* roles are not included and cannot be edited this way).
*/
public function actionManageRoles()
{
$dataProvider = new CActiveDataProvider('Roles');
$roles = Yii::app()->db->createCommand()->select('id, name')->from('x2_roles')->queryAll();
$model = new Roles();
$model->timeout = 60;
$roleInput = FilterUtil::filterArrayInput($_POST, 'Roles');
if (!empty($roleInput)) {
$model->attributes = $roleInput;
$model->users = '';
$viewPermissions = FilterUtil::filterArrayInput($_POST, 'viewPermissions');
$editPermissions = FilterUtil::filterArrayInput($_POST, 'editPermissions');
$users = FilterUtil::filterArrayInput($roleInput, 'users');
$model->timeout *= 60;
if ($model->timeout === 0) {
$model->timeout = null;
}
$model->setUsers($users);
$model->setViewPermissions($viewPermissions);
$model->setEditPermissions($editPermissions);
if ($model->save()) {
} else {
foreach ($model->getErrors() as $err) {
$errors = $err;
}
$errors = implode(',', $errors);
Yii::app()->user->setFlash('error', Yii::t('admin', "Unable to save role: {errors}", array('{errors}' => $errors)));
}
$this->redirect('manageRoles');
}
$this->render('manageRoles', array('dataProvider' => $dataProvider, 'model' => $model, 'roles' => $roles));
}
*/
if (UrlUtil::URIInterceptor($_SERVER['REQUEST_URI'])) {
echo $_SERVER['REQUEST_URI'];
require_once APPROOT . PAGE_403;
die;
}
/*
* 分析URL参数
*/
$urlInfo = UrlUtil::analyseUrlParam($_GET);
// var_dump($urlInfo);
$_SESSION['urlInfo'] = $urlInfo;
/*
* 选择性地执行全局过滤器
*/
FilterUtil::globalFilter($urlInfo);
/*
* 根据URL信息调度 到 对应的[模块——操作]中
*/
if (!ActionUtil::invokeAction($urlInfo)) {
// echo ("<hr/>如果你看到这一行提示,则说明没有被调度到ActionUtil : : numOfShellArgs(){}所注册的Action方法。<hr/>");
// var_dump($urlInfo);
/* 这里可再添加其它调度方式的代码【已被常规调度的有:0,1,3,4。剩余的参数状态有:2,5和 [没有注册shell或shell参数个数不符] 的状态3】。
* 一般人没必要利用这个地方,你要是读懂了源代码,就任你用!
* 本框架的设计者对源码很熟悉,所以就把这个分支用作普通模板输出啦!
* 如果你输入的链接[ http://server.com/ItemName/?xxx=abc ]中的abc不是URL指令,
* 而且还执行到此处的时候,系统就认定这个abc是用来访问abc.php这个页面的。
* 本系统用于输出到客户端的页面默认存放于/PUBLIC_DIR_NAME/core/tpl/other/ 目录,要自定义存放位置,则需配置 [ 模板目录路径 OTHER_TEMPLATE_DIR @ /core/lib/base/env__.php ]。
* 以上输入的链接将默认访问到 /PUBLIC_DIR_NAME/core/tpl/other/abc.php 。
* 以上得到的参数'abc'的取法:$urlInfo['params'][0]。取出该参数之前,要确保$urlInfo['params']非null,并且也要确保count($urlInfo['params'])非0,以及$urlInfo['params'][0]非null.
* 接下来的就是页面[模板]输出的代码:
public static function applyFilter($query, $isApplyLimit = true)
{
// filter data.
if (isset($_GET['filterscount'])) {
$filterscount = $_GET['filterscount'];
if ($filterscount > 0) {
if (strpos(strtolower($query), 'where') !== false) {
$where = " AND (";
} else {
$where = " WHERE (";
}
$tmpdatafield = "";
$tmpfilteroperator = "";
for ($i = 0; $i < $filterscount; $i++) {
// get the filter's value.
$filtervalue = $_GET["filtervalue" . $i];
// get the filter's condition.
$filtercondition = $_GET["filtercondition" . $i];
// get the filter's column.
$filterdatafield = $_GET["filterdatafield" . $i];
// get the filter's operator.
$filteroperator = $_GET["filteroperator" . $i];
if ($tmpdatafield == "") {
$tmpdatafield = $filterdatafield;
} else {
if ($tmpdatafield != $filterdatafield) {
$where .= ")AND(";
} else {
if ($tmpdatafield == $filterdatafield) {
if ($tmpfilteroperator == 0) {
$where .= " AND ";
} else {
$where .= " OR ";
}
}
}
}
// build the "WHERE" clause depending on the filter's condition, value and datafield.
switch ($filtercondition) {
case "NOT_EMPTY":
case "NOT_NULL":
$where .= " " . $filterdatafield . " NOT LIKE '" . "" . "'";
break;
case "EMPTY":
case "NULL":
$where .= " " . $filterdatafield . " LIKE '" . "" . "'";
break;
case "CONTAINS_CASE_SENSITIVE":
$where .= " BINARY " . $filterdatafield . " LIKE '%" . $filtervalue . "%'";
break;
case "CONTAINS":
$where .= " " . $filterdatafield . " LIKE '%" . $filtervalue . "%'";
break;
case "DOES_NOT_CONTAIN_CASE_SENSITIVE":
$where .= " BINARY " . $filterdatafield . " NOT LIKE '%" . $filtervalue . "%'";
break;
case "DOES_NOT_CONTAIN":
$where .= " " . $filterdatafield . " NOT LIKE '%" . $filtervalue . "%'";
break;
case "EQUAL_CASE_SENSITIVE":
$where .= " BINARY " . $filterdatafield . " = '" . $filtervalue . "'";
break;
case "EQUAL":
$where .= " " . $filterdatafield . " = '" . $filtervalue . "'";
break;
case "NOT_EQUAL_CASE_SENSITIVE":
$where .= " BINARY " . $filterdatafield . " <> '" . $filtervalue . "'";
break;
case "NOT_EQUAL":
$where .= " " . $filterdatafield . " <> '" . $filtervalue . "'";
break;
case "GREATER_THAN":
$where .= " " . $filterdatafield . " > '" . $filtervalue . "'";
break;
case "LESS_THAN":
$where .= " " . $filterdatafield . " < '" . $filtervalue . "'";
break;
case "GREATER_THAN_OR_EQUAL":
$where .= " " . $filterdatafield . " >= '" . $filtervalue . "'";
break;
case "LESS_THAN_OR_EQUAL":
$where .= " " . $filterdatafield . " <= '" . $filtervalue . "'";
break;
case "STARTS_WITH_CASE_SENSITIVE":
$where .= " BINARY " . $filterdatafield . " LIKE '" . $filtervalue . "%'";
break;
case "STARTS_WITH":
$where .= " " . $filterdatafield . " LIKE '" . $filtervalue . "%'";
break;
case "ENDS_WITH_CASE_SENSITIVE":
$where .= " BINARY " . $filterdatafield . " LIKE '%" . $filtervalue . "'";
break;
case "ENDS_WITH":
$where .= " " . $filterdatafield . " LIKE '%" . $filtervalue . "'";
break;
}
if ($i == $filterscount - 1) {
$where .= ")";
}
$tmpfilteroperator = $filteroperator;
$tmpdatafield = $filterdatafield;
}
// build the query.
$query = $query . $where;
}
}
//apply Sorting
$query = FilterUtil::appendSorting($query);
//apply limit
if ($isApplyLimit) {
$query = FilterUtil::appendLimit($query);
}
return $query;
}
public function FindArrByFolder($folderSeq)
{
$conn = self::$db->getConnection();
$query = FilterUtil::applyFilter(self::$FIND_BY_FOLDER);
$stmt = $conn->prepare($query);
$stmt->bindValue(':folderseq', $folderSeq);
$stmt->execute();
$error = $stmt->errorInfo();
$objArr = array();
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
array_push($objArr, $row);
}
$mainArr["Rows"] = $objArr;
$mainArr["TotalRows"] = $this->getTotalCountByFolder($folderSeq);
return $mainArr;
}
public function FindAllUsersArr($locSeq)
{
$conn = self::$db_New->getConnection();
if ($locSeq != null && $locSeq > 0) {
self::$SELECT_ALL_USERS_LOCATION_USERS .= " and lu.locationseq in (" . $locSeq . ")";
}
$query = FilterUtil::applyFilter(self::$SELECT_ALL_USERS_LOCATION_USERS);
$stmt = $conn->prepare($query);
$stmt->execute();
$userArray = array();
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
$locationNames = $this->getLocationNamesByUser($row["seq"]);
if (count(explode(",", $locSeq)) > 1) {
$row["username"] .= " (" . implode(", ", $locationNames) . ")";
}
array_push($userArray, $row);
}
$mainArr["Rows"] = $userArray;
$mainArr["TotalRows"] = $this->getTotalCount(self::$SELECT_ALL_USERS_LOCATION_USERS);
return $mainArr;
}
/**
* 监听对XxxxAction中不可见方法的调用
* 可以将需要附加过滤器的Action方法设置为protected,
* 这样就可以在任何位置调用这些Action方法时先执行过滤器。
*/
public function __call($method, $vars)
{
//先判断要执行的Action方法是否存在
if (!in_array($method, get_class_methods($this))) {
return;
}
//执行Action绑定的过滤器,如果有。
FilterUtil::doFilterIfHasIt(substr(get_class($this), 0, -6), $method);
//获取上级调用信息
$backtrace = debug_backtrace();
if (0 == strcasecmp($backtrace[1]['function'], 'eval')) {
} else {
if (!in_array($method, get_class_methods($backtrace[1]['class']))) {
//echo "在".$backtrace[1]['class']."中,不存在$method()方法!<br>";
return;
}
}
//构造参数表的字符串代码
$args = array();
$args_word = '';
$i = 0;
foreach ($vars as $var) {
$args[] = $var;
$args_word .= '$args[' . $i . '],';
$i++;
}
$args_word = rtrim($args_word, ',');
$execute = '$this->' . $method . '(' . $args_word . ');';
eval($execute);
}
public function executeAttributeQuery($attributes, $colValuePair, $isApplyFilter = false)
{
foreach ($colValuePair as $key => $value) {
if ($value != '') {
$query_array[] = $key . ' = ' . "'" . $value . "'";
}
}
$columns = implode(", ", $attributes);
$query = "SELECT " . $columns . " FROM " . $this->tableName . " WHERE " . implode(" AND ", $query_array);
if ($isApplyFilter) {
$query = FilterUtil::applyFilter($query, false);
}
$db = MainDB::getInstance();
$conn = $db->getConnection();
$sth = $conn->prepare($query);
$sth->execute();
//$this->throwException($sth->errorInfo());
$objList = $sth->fetchAll();
return $objList;
}
public function FindJsonByLocationSeqs($locationSeqs)
{
$conn = self::$db->getConnection();
$FIND_BY_LOCATION_SEQS = "select * from folder where locationseq in({$locationSeqs})";
$query = FilterUtil::applyFilter($FIND_BY_LOCATION_SEQS);
$stmt = $conn->prepare($query);
$stmt->execute();
$arr = array();
while ($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
array_push($arr, $this->getJsonArray($row));
}
$mainArr["Rows"] = $arr;
$mainArr["TotalRows"] = $this->getTotalCount($FIND_BY_LOCATION_SEQS);
return json_encode($mainArr);
}
