public function autoinAction($appid)
{
$request = $this->getRequest();
$user = $this->get('security.context')->getToken()->getUser();
$encode = $user->eno . ",{$user->openid},x,y," . time();
$appid2 = DES::decrypt($appid);
$da = $this->get('we_data_access');
$ds = $da->GetData("app", "select appkey from we_appcenter_apps where appid=? ", array((string) $appid2));
$auth = DES::encrypt2($encode, $ds["app"]["rows"][0]["appkey"]);
//获取url
$url = $_SERVER['QUERY_STRING'];
//$urlsource=$request->get("_urlSource");
//$this->get("logger")->err("wefafa=>".$url);
if (!empty($url)) {
$url = "&url=" . $this->parseurl(str_replace(array("url=", "%25"), array("", "%"), $url));
}
//if(!empty($urlsource))
// $url .= "%2526urlsource=".($urlsource);
//$this->get("logger")->err("query_string=>".$_SERVER['QUERY_STRING']);
//生成应用中心地址
$appcenterUrl = $this->container->getParameter('fafa_appcenter_url') . "/appcenter/link/{$appid}";
$appcenterUrl .= "?auth={$auth}" . $url;
$this->get("logger")->err("appcenterUrl=>" . $appcenterUrl);
return $this->redirect($appcenterUrl);
}
public static function userAuthAction($container, $request, $dbcon, $con_im, $login_account, $password, $comefrom)
{
$login_account = strtolower($login_account);
try {
$Obj = new \Justsy\BaseBundle\Login\UserProvider($container);
$user = $Obj->loadUserByUsername($login_account, $comefrom);
$logined = 1;
//$container->get("logger")->err(json_encode($user));
$user2 = new UserSession($user->getusername(), $password, $user->getusername(), array("ROLE_USER"));
$factory = $container->get("security.encoder_factory");
$encoder = $factory->getEncoder($user2);
$password_enc = $encoder->encodePassword($password, $user2->getSalt());
/*$factory = $container->get('security.encoder_factory');
$encoder = $factory->getEncoder($user);
$password_enc = $encoder->encodePassword($password, $user->getSalt());
$logined= 1;*/
if ($user->getPassword() != $password_enc) {
//如果密码不正确时,有可能是修改了密码,只刷新了一台服务器上的缓存,其他集群环境中的还是原来的缓存
//刷新当前服务器的人员信息才重试
$u_staff = new \Justsy\BaseBundle\Management\Staff($dbcon, $con_im, $user->getusername(), $container->get('logger'), $container);
$user = $u_staff->getInfo(true);
//刷新人员信息
//$container->get("logger")->err("refresh cache data.....");
$user = $Obj->loadUserByUsername($login_account, $comefrom);
if ($user->getPassword() != $password_enc) {
$container->get("logger")->err($login_account . "==>" . $password . "=>" . $password_enc . "=>" . $user->getPassword());
$re["returncode"] = ReturnCode::$ERROFUSERORPWD;
$logined = null;
}
}
if (!empty($logined)) {
$user->comefrom = $comefrom;
//登录源
//�Ǽ�seesion
//$token = new \Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken($user, $user->getPassword(), "secured_area", $user->getRoles());
//$container->get("security.context")->setToken($token);
//$session = $request->getSession()->set('_security_'.'secured_area', serialize($token));
//$event = new \Symfony\Component\Security\Http\Event\InteractiveLoginEvent($request, $token);
//$container->get("event_dispatcher")->dispatch("security.interactive_login", $event);
$re["returncode"] = ReturnCode::$SUCCESS;
$re["openid"] = $user->openid;
$re["login_account"] = $user->getusername();
$re["ldap_uid"] = $user->ldap_uid;
$re["jid"] = $user->fafa_jid;
$re["des"] = DES::encrypt($user->t_code);
//im登录密码。生成session时对该属性解密,在些进行重新加密得到
}
} catch (\Symfony\Component\Security\Core\Exception\UsernameNotFoundException $e) {
$re["returncode"] = ReturnCode::$ERROFUSERORPWD;
} catch (\Exception $e) {
$re["returncode"] = ReturnCode::$SYSERROR;
}
return $re;
}
public function WeiXinLoginAction()
{
$deploy_mode = $this->container->getParameter('deploy_mode');
$da = $this->get("we_data_access");
$request = $this->getRequest();
$openid = $request->get("openid");
$unionid = $request->get("unionid");
$logintype = $request->get("logintype");
$logintype = empty($logintype) ? "02" : $logintype;
$ldap_uid = null;
$login_account = $unionid . "@fafatime.com";
$staffMgr = new \Justsy\BaseBundle\Management\Staff($da, $this->get('we_data_access_im'), $login_account, $this->get("logger"), $this->container);
$staffdata = $staffMgr->getInfo();
$re = array("returncode" => ReturnCode::$SYSERROR, "msg" => "");
$password = "";
//账号为空表示不存在
if (empty($staffdata)) {
$eno = $deploy_mode == "C" ? Utils::$PUBLIC_ENO : "";
if (empty($eno)) {
$cacheobj = new \Justsy\BaseBundle\Management\Enterprise($da, $this->get("logger"), $this->container);
//获取用户认证模块
$authConfig = $cacheobj->getUserAuth();
if (!empty($authConfig)) {
$eno = $authConfig["ENO"];
}
if (empty($eno)) {
$re["returncode"] = ReturnCode::$SYSERROR;
$re["msg"] = "企业号不能为空。";
return $re;
}
}
$ldap_uid = $unionid;
$password = rand(1000000, 999999);
$parameter = array("appid" => $request->get("appid"), "eno" => $eno, "openid" => $openid, "nick_name" => $request->get("nickname"), "sex" => $request->get("sex"), "province" => $request->get("province"), "city" => $request->get("city"), "headimgurl" => $request->get("headimgurl"), "unionid" => $unionid, "account" => "", "password" => $password, "ldap_uid" => $ldap_uid, "type" => "weixin");
$staffdata = $staffMgr->createstaff($parameter);
//注册用户账号
if ($staffdata["returncode"] == ReturnCode::$SUCCESS) {
$re = $this->autologin($login_account, $password, $logintype);
} else {
$re = $staffdata;
}
} else {
$password = DES::decrypt($staffdata["t_code"]);
$re = $this->autologin($login_account, $password, $logintype);
}
//$staffdata["des"] = DES::decrypt($staffdata["t_code"]);
$response = new Response(json_encode($re));
$response->headers->set('Content-Type', 'text/json');
return $response;
}
public function saveAction()
{
$reslt = array();
$request = $this->get("request");
$uid = isset($_SESSION["uid"]) ? $_SESSION["uid"] : "";
if (empty($uid)) {
$reslt["s"] = "0";
$reslt["msg"] = "微博登录失败或超时,请重新通过微博登录!";
$response = new Response(json_encode($reslt));
$response->headers->set('Content-Type', 'text/json');
return $response;
}
$type = $request->get("bind_type");
$login_account = $request->get("login_account");
$pwd = $request->get("pwd");
try {
//校验wefafa帐号和密码
$staffMgr = new Staff($this->get('we_data_access'), null, $login_account, $this->get('logger'));
$staffInfo = $staffMgr->getInfo();
if (empty($staffInfo)) {
$reslt["s"] = "0";
$reslt["msg"] = "帐号[" . $login_account . "]不存在!";
} else {
$tcode = $staffInfo["t_code"];
$p_code = DES::encrypt($pwd);
if ($tcode != $p_code) {
$reslt["s"] = "0";
$reslt["msg"] = "帐号或密码不正确!";
} else {
$accountbind = new \Justsy\BaseBundle\Management\StaffAccountBind($this->get('we_data_access'), null, $this->get('logger'));
$r = $accountbind->Bind($type, "", $login_account, $uid);
$this->get('logger')->err($type . "," . $uid . "," . $login_account . "," . $uid);
$reslt["s"] = $r;
}
}
} catch (\Exception $e) {
$this->get('logger')->err($e);
$reslt["s"] = "0";
$reslt["msg"] = "绑定失败,请检查帐号是否填写正确!";
}
$response = new Response(json_encode($reslt));
$response->headers->set('Content-Type', 'text/json');
return $response;
}
public function saveAction()
{
//try{
$request = $this->get("request");
$user = $this->get('security.context')->getToken()->getUser();
$da = $this->get("we_data_access");
$new_id = \Justsy\BaseBundle\DataAccess\SysSeq::GetSeqNextValue($da, "we_sys_feedback", "id");
$sql = "insert into we_sys_feedback (id,login_account,ip,feedback_con,feedback_date)values(?,?,?,?,now())";
$da->ExecSQL($sql, array((string) $new_id, (string) $user->getUserName(), "", (string) $request->get("txt")));
//查询出开发公司的圈子id
$sql = "select * from we_circle where network_domain='fafatime.com'";
$ds = $da->GetData("tmp", $sql);
$circle_id = $ds["tmp"]["rows"][0]["circle_id"];
//发公告
$txt = "用户反馈:" . $request->get("txt");
//发送站内消息
$msgId = \Justsy\BaseBundle\DataAccess\SysSeq::GetSeqNextValue($da, "we_bulletin", "bulletin_id");
$sql = "insert into we_bulletin(bulletin_id,circle_id,group_id,bulletin_date,bulletin_desc)values(?,?,?,now(),?)";
$da->ExecSQL($sql, array((int) $msgId, (string) $circle_id, "ALL", $txt));
//通知圈子成员
$members = $this->notifyCircleMember($da, $circle_id);
for ($i = 0; $i < count($members); $i++) {
$membersrow = $members[$i];
if ($membersrow["login_account"] == $user->getUserName()) {
continue;
}
$sql = "insert into we_notify(notify_type, msg_id,notify_staff)values('01',?,?)";
$da->ExecSQL($sql, array((int) $msgId, (string) (string) $user->getUserName()));
//向对方发送及时消息
//认证码格式:当前人员企业号、帐号、密码(空)、空、空
$encode = $user->eno . "," . $user->fafa_jid . ",,,";
$encode = "00442," . DES::encrypt($encode);
$url = $this->container->getParameter("FAFA_REG_JID_URL");
//Utils::sendImMessage($url,"",$user->fafa_jid,$row["fafa_jid"],$txt);
}
return new Response("1");
//}
//catch(\Exception $e)
//{
// return new Response("0");
//}
}
public function getData($type, $code)
{
if (empty($code)) {
$result = Utils::WrapResultError("无效的数据");
return $this->responseJson($result);
}
try {
if (empty($type)) {
$result = Utils::WrapResultError("无效的type参数");
return $this->responseJson($result);
}
//$this->logger->err($code);
$code = DES::decrypt($code);
$code = explode(",", $code);
$result = call_user_func_array(array(self, $type), $code);
return $this->responseJson($result);
} catch (\Exception $e) {
$this->logger->err($e);
$result = Utils::WrapResultError($e->getMessage());
}
return $this->responseJson($result);
}
public static function tokenAction($controller, $con, $appid, $openid, $encrypt)
{
$da = $con;
//$result = Utils::do_post_request("http://www.wefafa.com", array());
$sql = "select appkey from we_appcenter_apps where appid=?";
$ds = $da->GetData("t", $sql, array((string) $appid));
$result = "";
$json = array("error" => "bad error");
try {
if (count($ds["t"]["rows"]) == 0) {
$json = array("error" => "invalid appid");
} else {
$appkey = $ds["t"]["rows"][0]["appkey"];
$sql = "select authkey,bind_uid from we_staff_account_bind a,we_staff b where a.bind_account=b.openid and a.bind_account=? and a.bind_type=?";
$ds = $da->GetData("tb", $sql, array((string) $openid, self::$bind_type));
if (count($ds["tb"]["rows"]) > 0) {
//$api = new \Justsy\OpenAPIBundle\Controller\ApiController();
//$api->setContainer($controller->container);
$code = md5($appid . $appkey);
//解析autokey
$bind_uid = $ds['tb']['rows'][0]["bind_uid"];
if ($encrypt == '1') {
$bind_uid = DES::decrypt2($bind_uid, $appkey);
}
//获取携程令牌
$EmployeeNO = $bind_uid;
$paraXml = '<SSOAuthRequest>' . '<Language>Chinese</Language>' . '<SSOAuth>' . '<AccessUK>' . self::$AccessUK . '</AccessUK>' . '<AccessPK>' . self::$AccessPK . '</AccessPK>' . '<EmployeeNO>' . $EmployeeNO . '</EmployeeNO>' . '</SSOAuth>' . '</SSOAuthRequest>';
$soap = new SoapClient(self::$get_token_url . "?WSDL");
$para = array("requestXMLString" => array("SSOAuthRequest" => array("Language" => "Chinese", "SSOAuth" => array("AccessUK" => self::$AccessUK, "AccessPK" => self::$AccessPK, "EmployeeNO" => $EmployeeNO))));
$para = array("requestXMLString" => $paraXml);
error_reporting(E_ERROR | E_WARNING | E_PARSE);
$result = $soap->SSOAuthenticaionWithXML($para);
error_reporting(E_ERROR | E_WARNING | E_PARSE | E_NOTICE);
//$controller->get("logger")->err($result);
$accesstoken = '';
//解析result
if (isset($result->SSOAuthenticaionWithXMLResult)) {
$str = $result->SSOAuthenticaionWithXMLResult;
$arr1 = explode('&', $str);
for ($i = 0; $i < count($arr1); $i++) {
$arr2 = explode('=', $arr1[$i]);
if ($arr2[0] == 'AccessToken') {
$accesstoken = $arr2[1];
break;
}
}
if (empty($accesstoken)) {
$json = array("error" => "您的账号激活周期为24小时,如有疑问请拨打:010-67876363-2, 如需出行服务请拨打:400-920-0670或400-820-6699。");
} else {
$json = array('token' => $accesstoken);
}
} else {
$json = array("error" => "您的账号激活周期为24小时,如有疑问请拨打:010-67876363-2, 如需出行服务请拨打:400-920-0670或400-820-6699。");
}
} else {
$json = array("error" => "您的账号激活周期为24小时,如有疑问请拨打:010-67876363-2, 如需出行服务请拨打:400-920-0670或400-820-6699。");
}
}
} catch (\Exception $e) {
$json['error'] = $e->getMessage();
}
return $json;
}
public function resetMicroPwdAction($network_domain)
{
$re = array('s' => 1, 'm' => '');
try {
$conn = $this->get('we_data_access');
$conn_im = $this->get('we_data_access_im');
$userinfo = $this->get('security.context')->getToken()->getUser();
$getRequest = $this->getRequest();
$micro_account = $getRequest->get("micro_account");
$newpwd = $getRequest->get("newpwd");
$factory = $this->get('security.encoder_factory');
$encoder = $factory->getEncoder($userinfo);
$t_code = DES::encrypt($newpwd);
$micro_password = $encoder->encodePassword($newpwd, $micro_account);
$sql = "update we_staff set password=? where login_account=?";
$params = array($micro_password, $micro_account);
$conn->ExecSQL($sql, $params);
} catch (\Exception $e) {
$this->get('logger')->err($e->getMessage());
$re['s'] = 0;
$re['m'] = '重设密码失败';
}
$response = new Response(json_encode($re));
$response->headers->set('Content-Type', 'text/json');
return $response;
}
public function updatepasswordAction()
{
$re = array();
$request = $this->getRequest();
$user = $this->get('security.context')->getToken()->getUser();
$factory = $this->get('security.encoder_factory');
$encoder = $factory->getEncoder($user);
$oldpwd = $request->get('txtoldpwd');
$pwd = $request->get("txtnewpwd");
if (empty($oldpwd)) {
$re["returncode"] = ReturnCode::$SYSERROR;
$re["msg"] = "原始密码不能为空";
$response = new Response($request->get('jsoncallback') ? $request->get('jsoncallback') . "(" . json_encode($re) . ");" : json_encode($re));
$response->headers->set('Content-Type', 'text/json');
return $response;
}
if (empty($pwd)) {
$re["returncode"] = ReturnCode::$SYSERROR;
$re["msg"] = "新密码不能为空";
$response = new Response($request->get('jsoncallback') ? $request->get('jsoncallback') . "(" . json_encode($re) . ");" : json_encode($re));
$response->headers->set('Content-Type', 'text/json');
return $response;
}
$da = $this->get("we_data_access");
$table = $da->GetData("staff", "select eno, password, fafa_jid,t_code from we_staff where login_account=?", array((string) $user->getUsername()));
$Jid = $table["staff"]["rows"][0]["fafa_jid"];
$eno = $table["staff"]["rows"][0]["eno"];
$OldPass = $table["staff"]["rows"][0]["password"];
$Old_t_code = $table["staff"]["rows"][0]["t_code"];
$oldpwd = $encoder->encodePassword($oldpwd, $user->getSalt());
if ($oldpwd != $OldPass) {
$re["returncode"] = ReturnCode::$SYSERROR;
$re["msg"] = "原始密码不正确";
$response = new Response($request->get('jsoncallback') ? $request->get('jsoncallback') . "(" . json_encode($re) . ");" : json_encode($re));
$response->headers->set('Content-Type', 'text/json');
return $response;
}
$sql = "update we_staff set password=?,t_code=? where login_account=?";
$paras[0] = $encoder->encodePassword($pwd, $user->getSalt());
$paras[1] = DES::encrypt($pwd);
$paras[2] = $user->getUsername();
try {
$da->ExecSQL($sql, $paras);
//同步ejabberd
try {
$sql_im = "update users set password=? where username=?";
$para_im = array();
$para_im[] = (string) $pwd;
$para_im[] = (string) $user->fafa_jid;
$da_im = $this->get('we_data_access_im');
$da_im->ExecSQL($sql_im, $para_im);
$re["returncode"] = ReturnCode::$SUCCESS;
$response = new Response($request->get('jsoncallback') ? $request->get('jsoncallback') . "(" . json_encode($re) . ");" : json_encode($re));
$response->headers->set('Content-Type', 'text/json');
return $response;
} catch (\Exception $e) {
//还原原密码
$sql = "update we_staff set password=?,t_code=? where login_account=?";
$paras[0] = $OldPass;
$paras[1] = $Old_t_code;
$paras[2] = $user->getUsername();
$da->ExecSQL($sql, $paras);
$re["returncode"] = ReturnCode::$SYSERROR;
$re["msg"] = "同步密码出错";
$response = new Response($request->get('jsoncallback') ? $request->get('jsoncallback') . "(" . json_encode($re) . ");" : json_encode($re));
$response->headers->set('Content-Type', 'text/json');
return $response;
}
} catch (\Exception $e) {
$re["returncode"] = ReturnCode::$SYSERROR;
$re["msg"] = "系统出错";
$response = new Response($request->get('jsoncallback') ? $request->get('jsoncallback') . "(" . json_encode($re) . ");" : json_encode($re));
$response->headers->set('Content-Type', 'text/json');
return $response;
}
}
public static function userAuthAction($container, $request, $dbcon, $con_im, $login_account, $password, $comefrom)
{
//判断是门户登录还是独立登录
if (strlen($login_account) < 32) {
//独立登录模式
$classname = "\\Justsy\\InterfaceBundle\\SsoAuth\\SsoWefafaMd5Auth";
$re = call_user_func(array($classname, 'userAuthAction'), $container, $request, $dbcon, $con_im, $login_account, $password, $comefrom);
return $re;
}
//解密token和pass
$token = DES::decrypt_crv_fortoken($login_account, "cn.com.crv.ivv");
if ($token === false) {
$container->get("logger")->err("decrypt token error:" . $login_account);
$re["returncode"] = ReturnCode::$SYSERROR;
return $re;
}
$pass = DES::decrypt_crv_fortoken($password, "cn.com.crv.ivv");
if ($pass === false) {
$container->get("logger")->err("decrypt password error:" . $password);
$re["returncode"] = ReturnCode::$SYSERROR;
return $re;
}
$defaultPostURl = "http://cremobile.crc.com.cn:9090/conn/CrvSecurityWS/userresource/userprofile";
$cacheobj = new Enterprise($dbcon, $container->get("logger"), $container);
//
$authConfig = $cacheobj->getUserAuth();
$httpUrlConfig = $authConfig["ssoauthurl"];
if (empty($httpUrlConfig)) {
$httpUrlConfig = $defaultPostURl;
$eno = "100001";
} else {
$ldapConfgiObject = json_decode($httpUrlConfig, true);
$eno = $ldapConfgiObject["ENO"];
$httpUrlConfig = $ldapConfgiObject["URL"];
}
try {
$para = "access_token=" . $token;
$container->get("logger")->err("SOA URL:" . $httpUrlConfig . "?" . $para);
$postresult = Utils::getUrlContent($httpUrlConfig . "?" . $para, null);
$container->get("logger")->err("SOA Result:" . $postresult);
$resultObject = json_decode($postresult, true);
//$resultObject=array("empUid"=>"test101","empName"=>"TEST101"); //集成测试
if (!isset($resultObject["empUid"])) {
$container->get("logger")->err("get user info error." . $postresult);
$re["returncode"] = ReturnCode::$SYSERROR;
return $re;
}
$crvuser = $resultObject["empUid"];
$email = $resultObject["email"];
$fafa_account = !empty($crvuser) ? strtolower($crvuser) : $email;
$Obj = new \Justsy\BaseBundle\Login\UserProvider($container);
$user = $Obj->loadUserByUsername($fafa_account, $comefrom);
//�Ǽ�seesion
$token = new \Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken($user, $user->getPassword(), "secured_area", $user->getRoles());
$container->get("security.context")->setToken($token);
$session = $request->getSession()->set('_security_' . 'secured_area', serialize($token));
$event = new \Symfony\Component\Security\Http\Event\InteractiveLoginEvent($request, $token);
$container->get("event_dispatcher")->dispatch("security.interactive_login", $event);
$re["returncode"] = ReturnCode::$SUCCESS;
$re["openid"] = $user->openid;
$re["login_account"] = $fafa_account;
$re["ldap_uid"] = $user->ldap_uid;
$re["jid"] = $user->fafa_jid;
//为了避免用户修改密码后只刷新了所在服务器,im密码实时获取
$sql = "select password from users where username=?";
$iminfo = $con_im->GetData("im", $sql, array((string) $user->fafa_jid));
$re["des"] = count($iminfo["im"]["rows"]) > 0 ? $iminfo["im"]["rows"][0]["password"] : "";
} catch (\Symfony\Component\Security\Core\Exception\UsernameNotFoundException $e) {
$re["returncode"] = ReturnCode::$ERROFUSERORPWD;
} catch (\Exception $e) {
$container->get("logger")->err($e);
$re["returncode"] = ReturnCode::$SYSERROR;
}
return $re;
}
public function pcSyncAction()
{
$res = $this->get("request");
$auth = $res->get("authcode");
$interviewee = $res->get("interviewee");
//$paras = explode(",", trim(DES::decrypt($interviewee)));
if ($auth == null || $auth == "") {
$this->get("logger")->err("=====pcSyncAction Error:authcode为空!");
return $this->render('JustsyBaseBundle:Account:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
try {
$auth = trim(DES::decrypt($auth));
//解密参数串
$paras = explode(",", trim(DES::decrypt($interviewee)));
//授权码已过期
$lng = time() - (int) $auth;
if ($lng > 30 || $lng < 0) {
$this->get("logger")->err("=====pcSyncAction Error:授权码已过期!");
return $this->render('JustsyBaseBundle:Account:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
} catch (\Exception $e) {
$this->get("logger")->err($e);
return $this->render('JustsyBaseBundle:Account:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
try {
if (count($paras) != 2 && count($paras) != 1) {
$this->get("logger")->err("=====pcSyncAction Error:参数{$paras不正确!}");
return $this->render('JustsyBaseBundle:Account:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
$ec = new \Justsy\BaseBundle\Controller\PersonalHomeController();
$ec->setContainer($this->container);
//通过openID获取用户信息
$user = $ec->loadUserByUsername($paras[0]);
if ($user == null) {
$this->get("logger")->err("=====pcSyncAction Error:{$paras用户信息未找到!}");
return $this->render('JustsyBaseBundle:Account:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
$network_domain = $user->edomain;
//登记seesion
$token = new UsernamePasswordToken($user, $user->getPassword(), "secured_area", $user->getRoles());
$this->get("security.context")->setToken($token);
$session = $res->getSession()->set('_security_' . 'secured_area', serialize($token));
$event = new InteractiveLoginEvent($this->get("request"), $token);
$this->get("event_dispatcher")->dispatch("security.interactive_login", $event);
$account = "";
if (count($paras) == 1) {
$photo_url = $this->container->getParameter('FILE_WEBSERVER_URL') . $user->photo_path_big;
$account = $user->getUsername();
$list["account"] = $account;
$list["name"] = $user->nick_name;
$list["deptid"] = $user->dept_id;
$list["deptname"] = $user->dept_name;
$list["birthday"] = $user->birthday;
$list["year"] = date('Y', strtotime($user->birthday));
$list["month"] = date('n', strtotime($user->birthday));
$list["day"] = date('j', strtotime($user->birthday));
$list["birthday"] = $list["year"] . "年" . $list["month"] . "月" . $list["day"] . "日";
$list["work_phone"] = $user->work_phone;
$list["mobile"] = $user->mobile;
$list["duty"] = $user->duty;
$list["sex_id"] = empty($user->sex_id) ? "" : $user->sex_id;
$list["isself"] = "1";
} else {
$user = $ec->getUserInfo($paras[1]);
$user = $user["we_staff"]["rows"][0];
$photo_url = $this->container->getParameter('FILE_WEBSERVER_URL') . $user["photo_path_big"];
$account = $user["login_account"];
$list["account"] = $account;
$list["name"] = $user["nick_name"];
$list["deptid"] = $user["dept_id"];
$list["deptname"] = $user["dept_name"];
$list["birthday"] = $user["birthday"];
$list["year"] = date('Y', strtotime($list["birthday"]));
$list["month"] = date('n', strtotime($list["birthday"]));
$list["day"] = date('j', strtotime($list["birthday"]));
$list["birthday"] = $list["year"] . "年" . $list["month"] . "月" . $list["day"] . "日";
$list["work_phone"] = $user["work_phone"];
$list["mobile"] = $user["mobile"];
$list["duty"] = $user["duty"];
$list["sex_id"] = empty($user["sex_id"]) ? "" : $user["sex_id"];
$list["isself"] = "0";
}
$sql = "select a.mobile, a.mobile_bind,a.hometown,a.graduated,a.work_his,a.self_desc,a.specialty,a.hobby from we_staff a where a.login_account=?";
$params = array();
$params[] = $account;
$da = $this->get("we_data_access");
$ds = $da->GetData("we_staff_mobile", $sql, $params);
$ds = $ds["we_staff_mobile"]["rows"][0];
$list["mobile_bind"] = $ds["mobile_bind"];
$list["self_desc"] = $ds["self_desc"];
$list["hometown"] = $ds["hometown"];
$list["graduated"] = $ds["graduated"];
$list["work_his"] = $ds["work_his"];
$list["specialty"] = $ds["specialty"];
$list["hobby"] = $ds["hobby"];
$list["direct_manages"] = "";
$list["report_object"] = "";
$list["path"] = $photo_url;
$list["msg"] = null;
$list["curr_network_domain"] = $network_domain;
$perBase = new \Justsy\BaseBundle\Controller\CPerBaseInfoController();
$perBase->setContainer($this->container);
$list["InfoCompletePercent"] = $perBase->GetInfoCompletePercent($account);
return $this->render('JustsyBaseBundle:Account:pcsync.html.twig', $list);
} catch (\Exception $e) {
$this->get("logger")->err($e);
return $this->render('JustsyBaseBundle:Account:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
}
public function getTmpAuthCodeAction()
{
$ts = time();
$ts = DES::encrypt($ts);
$response = new Response($ts);
return $response;
}
public function appbizproxyurlAction(Request $request)
{
$appid = $request->get("appid");
$action = $request->get("action");
$da = $this->get('we_data_access');
if ($action == "download") {
$sql = "select a.*,b.number from we_appcenter_apps a,we_micro_account b where a.appid=b.micro_source and a.appid=?";
$ds = $da->GetData("t", $sql, array((string) $appid));
$ds["t"]["rows"][0]["appkey"] = DES::encrypt($ds["t"]["rows"][0]["appkey"]);
$appInfo = array('s' => 1, "data" => $ds["t"]["rows"][0]);
$resp = new Response(json_encode($appInfo));
$resp->headers->set('Content-Type', 'text/json');
return $resp;
} else {
$result = array("s" => 1);
try {
$sql = "select count(1) cnt from we_appcenter_apps a ";
$ds = $da->GetData("t", $sql, array());
$curuser = $this->get('security.context')->getToken()->getUser();
$maxNo = $curuser->eno . ((int) $ds["t"]["rows"][0]["cnt"] + 1);
$sql = "select a.* from we_appcenter_apps a where a.appid=?";
$ds = $da->GetData("t", $sql, array((string) $appid));
if ($ds && count($ds["t"]["rows"]) > 0) {
$appInfo = $ds["t"]["rows"][0];
$factory = $this->get('security.encoder_factory');
$dm = $this->get('doctrine.odm.mongodb.document_manager');
$account = strtolower("mapp" . $maxNo . "@" . $curuser->edomain);
if (strpos($account, ".") === false) {
$account = $account . ".com";
}
$MicroAccountMgr = new \Justsy\BaseBundle\Management\MicroAccountMgr($da, $this->get('we_data_access_im'), $curuser, $this->get("logger"), $this->container);
$re = $MicroAccountMgr->register("", $account, $appInfo["appname"], "1", "1", "", "1", "", "1", $appInfo["appkey"], $appInfo["logo"], $appInfo["logo"], $appInfo["logo"], $factory, $dm, $appid);
}
} catch (\Exception $e) {
$result = array("s" => 0, 'msg' => $e->getMessage());
}
$resp = new Response(json_encode($result));
$resp->headers->set('Content-Type', 'text/json');
return $resp;
}
}
public function refuseJoinAction()
{
$para = $this->getRequest()->get('para');
$paraArr = explode(",", trim(DES::decrypt($para)));
$da = $this->get("we_data_access");
$user = $this->get('security.context')->getToken()->getUser();
//检查帐号是否存在
$sql = "select eno from we_staff where login_account=?";
$ds = $da->GetData('we_staff', $sql, array((string) $paraArr[1]));
if (!$ds || $ds['we_staff']['recordcount'] == 0) {
return new Response("0");
}
$eno = $ds['we_staff']['rows'][0]['eno'];
$sql = "select count(1) as cnt from we_circle_staff where circle_id=? and login_account=?";
$ds = $da->GetData('we_circle_staff', $sql, array((string) $paraArr[0], (string) $paraArr[1]));
if ($ds && $ds['we_circle_staff']['rows'][0]['cnt'] > 0) {
return new Response("0");
} else {
$txt = "您加入圈子【" . $paraArr[3] . "】的请求被拒绝了!";
$msgId = SysSeq::GetSeqNextValue($da, "we_message", "msg_id");
$sql = "insert into we_message(msg_id,sender,recver,send_date,title,content)values(?,?,?,now(),?,?)";
$param = array((int) $msgId, (string) $user->getUserName(), (string) $paraArr[1], "申请加入圈子被拒绝", $txt);
$da->ExecSQL($sql, $param);
$apply = new \Justsy\BaseBundle\Management\ApplyMgr($da, null);
$apply->SetCircleApplyInvalid($paraArr[1], $paraArr[0]);
//发送即时消息通知申请人
$im_sender = $this->container->getParameter('im_sender');
$message = $txt;
Utils::sendImMessage($im_sender, $paraArr[1], "圈子消息", $message, $this->container, "", "", true, Utils::$systemmessage_code);
return new Response("1");
}
}
public function agreeJoinCircleAction($para)
{
if (empty($para)) {
return $this->render('JustsyBaseBundle:Error:index.html.twig', array('error' => '参数错误!'));
}
$da = $this->get('we_data_access');
$res = $this->get('request');
$urlSource = $res->get("_urlSource");
//获取操作源。FaFaWin:从PC客户端操作的
//受邀人员帐号,圈子id,邀请人帐号
$paraArr = explode(",", trim(DES::decrypt($para)));
//是否有帐号
$sql = "select nick_name,fafa_jid from we_staff where login_account=?";
$ds = $da->GetData("we_staff", $sql, array((string) $paraArr[0]));
if (!$ds || $ds['we_staff']['recordcount'] == 0) {
if (empty($urlSource)) {
return $this->render('JustsyBaseBundle:Error:index.html.twig', array('error' => '您还没有微发发帐号,请先注册!'));
} else {
$response = new Response("{\"succeed\":0,\"msg\":\"您还没有微发发帐号,请先注册!\"}");
$response->headers->set('Content-Type', 'text/json');
return $response;
}
}
//判断是否是邀请加入人脉圈子,则在互相关注
if ($paraArr[1] == "9999") {
//互相添加好友
$staffMgr = new \Justsy\BaseBundle\Management\Staff($da, $this->get('we_data_access_im'), $paraArr[2], $this->get("logger"));
try {
$staffMgr->attentionTo($paraArr[0]);
} catch (\Exception $e) {
}
try {
$staffMgr->attentionMe($paraArr[0]);
} catch (\Exception $e) {
}
try {
$staffMgr->bothAddFriend($this->container, $paraArr[0]);
} catch (\Exception $e) {
}
$response = new Response("{\"succeed\":1,\"name\":\"人脉圈\",\"circleurl\":\"" . $this->generateUrl("JustsyBaseBundle_enterprise", array('network_domain' => "9999"), true) . "\"}");
$response->headers->set('Content-Type', 'text/json');
return $response;
}
$nick_name = $ds['we_staff']['rows'][0]['nick_name'];
$fafa_jid = $ds['we_staff']['rows'][0]['fafa_jid'];
//圈子是否存在
$sql = "select network_domain,circle_name,fafa_groupid from we_circle where circle_id=?";
$ds = $da->GetData("we_circle", $sql, array((string) $paraArr[1]));
if (!$ds || $ds['we_circle']['recordcount'] == 0) {
if (empty($urlSource)) {
return $this->render('JustsyBaseBundle:Error:index.html.twig', array('error' => '您要加入的圈子不存在!'));
} else {
$response = new Response("{\"succeed\":0,\"msg\":\"您要加入的圈子不存在!\"}");
$response->headers->set('Content-Type', 'text/json');
return $response;
}
}
$fafa_groupid = $ds['we_circle']['rows'][0]['fafa_groupid'];
$network_domain = $ds['we_circle']['rows'][0]['network_domain'];
$circle_name = $ds['we_circle']['rows'][0]['circle_name'];
//是否已经加入圈子
$sql = "select count(1) cnt from we_circle_staff where login_account=? and circle_id=?";
$ds = $da->GetData("cnt", $sql, array((string) $paraArr[0], (string) $paraArr[1]));
if ($ds && $ds['cnt']['rows'][0]['cnt'] > 0) {
if (empty($urlSource)) {
return $this->render('JustsyBaseBundle:Error:index.html.twig', array('error' => '您已经加入该圈子!'));
} else {
$response = new Response("{\"succeed\":0,\"msg\":\"您已经加入该圈子!\"}");
$response->headers->set('Content-Type', 'text/json');
return $response;
}
}
//圈子id+nick_name不能重复
$sql = "select count(1) cnt from we_circle_staff where circle_id=? and nick_name=?";
$ds = $da->GetData("cnt", $sql, array((string) $paraArr[1], (string) $nick_name));
if ($ds && $ds['cnt']['rows'][0]['cnt'] > 0) {
$user = $this->get('security.context')->getToken()->getUser();
$nick_name = $nick_name . "(" . $user->eshortname . ")";
}
//判断圈子是否有人
$sql = "select count(1) as cnt from we_circle_staff where circle_id=?";
$ds = $da->GetData('we_circle_staff', $sql, array((string) $paraArr[1]));
if ($ds && $ds['we_circle_staff']['rows'][0]['cnt'] == 0) {
$sql = "update we_circle set create_staff=? where circle_id=?";
$da->ExecSQL($sql, array((string) $paraArr[0], (string) $paraArr[1]));
}
$sql = "insert into we_circle_staff (circle_id,login_account,nick_name) values (?,?,?)";
$da->ExecSQL($sql, array((string) $paraArr[1], (string) $paraArr[0], (string) $nick_name));
//更新邀请信息
$sql = "update we_invite set real_active_email=?,active_date=now() where invite_send_email=? and invite_recv_email=? and eno=?";
$da->ExecSQL($sql, array((string) $paraArr[0], (string) $paraArr[2], (string) $paraArr[0], (string) ("c" . $paraArr[1])));
//10-加入外部圈子-5
$sql = "insert into we_staff_points (login_account,point_type,point_desc,point,point_date) values (?,?,?,?,now())";
$da->ExecSQL($sql, array((string) $paraArr[0], (string) '10', (string) '成功加入外部圈子' . $circle_name . ',获得积分5', (int) 5));
$apply = new \Justsy\BaseBundle\Management\ApplyMgr($da, null);
$apply->SetCircleApplyInvalid($paraArr[0], $paraArr[1]);
//发送即时消息通知申请人及成员
$circleObj = new \Justsy\BaseBundle\Controller\CircleController();
$circleObj->setContainer($this->container);
$message = Utils::makeHTMLElementTag('employee', $fafa_jid, $nick_name) . "加入了圈子【" . Utils::makeHTMLElementTag('circle', $fafa_groupid, $circle_name) . "】";
$circleObj->sendPresenceCirlce($paraArr[1], "circle_addmember", $message);
$backurl = $this->generateUrl("JustsyBaseBundle_enterprise", array('network_domain' => $paraArr[0]), true);
if (empty($urlSource)) {
return $this->render('JustsyBaseBundle:Error:success.html.twig', array('backurl' => $backurl));
} else {
$response = new Response("{\"succeed\":1,\"name\":\"" . $circle_name . "\",\"circleurl\":\"" . $backurl . "\"}");
$response->headers->set('Content-Type', 'text/json');
return $response;
}
}
public function invitedmemebersAction()
{
$re = array("returncode" => ReturnCode::$SUCCESS);
$user = $this->get('security.context')->getToken()->getUser();
$request = $this->getRequest();
$group_id = $request->get("group_id");
$circle_id = $request->get("circle_id");
$group_name = $request->get("group_name");
$fafa_groupid = $request->get('fafa_groupid');
$invitedmemebers = $request->get("invitedmemebers");
$im_sender = $this->container->getParameter('im_sender');
$da = $this->get('we_data_access');
try {
if (empty($circle_id) || empty($group_id) || empty($fafa_groupid) || empty($invitedmemebers)) {
$re["returncode"] = ReturnCode::$SYSERROR;
$response = new Response($request->get('jsoncallback') ? $request->get('jsoncallback') . "(" . json_encode($re) . ");" : json_encode($re));
$response->headers->set('Content-Type', 'text/json');
return $response;
}
$invs = explode(";", $invitedmemebers);
$title = "邀请加入群组";
$groupStaffs = array();
$sql = "select login_account from we_group_staff where group_id=?";
$ds = $da->GetData("group_staffs", $sql, array($group_id));
if ($ds && $ds["group_staffs"]["recordcount"] > 0) {
foreach ($ds["group_staffs"]["rows"] as &$row) {
$groupStaffs[] = $row['login_account'];
}
}
foreach ($invs as $key => $value) {
if (empty($value)) {
continue;
}
if (count($groupStaffs) > 0 && in_array($value, $groupStaffs)) {
continue;
}
//群编号,被邀请人帐号,network_domain,fafa_groupid
$encode = DES::encrypt("{$group_id},{$value},{$circle_id}," . $fafa_groupid);
$activeurl = $this->generateUrl("JustsyBaseBundle_group_invjoin", array('para' => $encode), true);
$txt = $this->renderView("JustsyBaseBundle:Group:message.html.twig", array("ename" => $user->ename, "realName" => $user->nick_name, "activeurl" => $activeurl, 'gname' => $group_name));
//发送站内消息
$msgId = SysSeq::GetSeqNextValue($da, "we_message", "msg_id");
$sql = "insert into we_message(msg_id,sender,recver,title,content,send_date)values(?,?,?,?,?,now())";
$da->ExecSQL($sql, array((int) $msgId, (string) $user->getUserName(), (string) $value, "邀请加入群组", $txt));
//发送即时消息
$fafa_jid = Utils::getJidByAccount($da, $value);
//$this->get("logger")->info(Utils::makeHTMLElementTag('employee',$user->fafa_jid,$user->nick_name));
$message = Utils::makeHTMLElementTag('employee', $user->fafa_jid, $user->nick_name) . "邀请您加入群组【" . Utils::makeHTMLElementTag('group', $fafa_groupid, $group_name) . "】";
$buttons = array();
$buttons[] = array("text" => "拒绝", "code" => "agree", "value" => "0");
$buttons[] = array("text" => "立即加入", "code" => "agree", "value" => "1");
Utils::sendImMessage($im_sender, $fafa_jid, $title, $message, $this->container, $activeurl . "?invite_user="******"1");
}
$re["returncode"] = ReturnCode::$SUCCESS;
} catch (\Exception $e) {
$re["returncode"] = ReturnCode::$SYSERROR;
$this->get('logger')->err($e);
}
$response = new Response($request->get('jsoncallback') ? $request->get('jsoncallback') . "(" . json_encode($re) . ");" : json_encode($re));
$response->headers->set('Content-Type', 'text/json');
return $response;
}
public function invitedmemebersAction()
{
$re = array("returncode" => ReturnCode::$SUCCESS);
$user = $this->get('security.context')->getToken()->getUser();
$request = $this->getRequest();
$circle_id = $request->get("circle_id");
$invitedmemebers = $request->get("invitedmemebers");
$da = $this->get('we_data_access');
$da_im = $this->get('we_data_access_im');
try {
if (empty($invitedmemebers) || empty($circle_id)) {
$re["returncode"] = ReturnCode::$SYSERROR;
$response = new Response($request->get('jsoncallback') ? $request->get('jsoncallback') . "(" . json_encode($re) . ");" : json_encode($re));
$response->headers->set('Content-Type', 'text/json');
return $response;
}
$circlename = "";
$fafa_groupid = "";
$user = $this->get('security.context')->getToken()->getUser();
$invInfo = array('inv_send_acc' => $user->getUsername(), 'inv_recv_acc' => '', 'eno' => '', 'inv_rela' => '', 'inv_title' => '', 'inv_content' => '', 'active_addr' => '');
$invitedmemebersLst = explode(";", $invitedmemebers);
$circleStaffs = array();
$sql = "select login_account from we_circle_staff where circle_id=?";
$ds = $da->GetData("circle_staffs", $sql, array($circle_id));
if ($ds && $ds["circle_staffs"]["recordcount"] > 0) {
foreach ($ds["circle_staffs"]["rows"] as &$row) {
$circleStaffs[] = $row['login_account'];
}
}
$sql = "select circle_name,fafa_groupid from we_circle where circle_id=?";
$ds = $da->GetData("circle", $sql, array($circle_id));
if ($ds && $ds["circle"]["recordcount"] > 0) {
$circlename = $ds["circle"]["rows"][0]['circle_name'];
$fafa_groupid = $ds["circle"]["rows"][0]['fafa_groupid'];
}
foreach ($invitedmemebersLst as $key => $value) {
$invacc = trim($value);
if (empty($invacc)) {
continue;
}
$invInfo['inv_recv_acc'] = $invacc;
$sql = "select eno,fafa_jid from we_staff where login_account=?";
$ds = $da->GetData("we_staff", $sql, array((string) $invacc));
//帐号存在
if ($ds && $ds['we_staff']['recordcount'] > 0) {
if (count($circleStaffs) > 0 && in_array($invacc, $circleStaffs)) {
continue;
}
//1.帐号存在,直接加入圈子
//受邀人员帐号,圈子id,邀请人帐号
$encode = DES::encrypt("{$invacc},{$circle_id}," . $user->getUsername());
$activeurl = $this->generateUrl("JustsyBaseBundle_invite_agreejoincircle", array('para' => $encode, 'eno' => 'c' . $circle_id), true);
$rejectactiveurl = $this->generateUrl("JustsyBaseBundle_invite_refuse", array('para' => $encode, 'eno' => 'c' . $circle_id), true);
$txt = $this->renderView('JustsyBaseBundle:Invite:circle_invitation_msg.html.twig', array("ename" => $user->ename, "nick_name" => $user->nick_name, "activeurl" => $activeurl, 'circle_name' => $circlename, 'invMsg' => '', 'staff' => array()));
$invInfo['eno'] = "c{$circle_id}";
$invInfo['inv_title'] = "邀请您加入圈子【" . Utils::makeCircleTipHTMLTag($circle_id, $circlename) . "】";
$invInfo['inv_content'] = '';
$invInfo['active_addr'] = $activeurl;
//保存邀请信息
InviteController::saveWeInvInfo($da, $invInfo);
//发送即时消息
$fafa_jid = $ds['we_staff']['rows'][0]['fafa_jid'];
$message = Utils::makeHTMLElementTag('employee', $user->fafa_jid, $user->nick_name) . "邀请您加入圈子【" . Utils::makeHTMLElementTag('circle', $fafa_groupid, $circlename) . "】";
$buttons = array();
$buttons[] = array("text" => "拒绝", "code" => "agree", "value" => "0", "link" => $rejectactiveurl);
$buttons[] = array("text" => "立即加入", "code" => "agree", "value" => "1", "link" => $activeurl);
Utils::sendImMessage($im_sender, $fafa_jid, "邀请加入圈子", $message, $this->container, "", Utils::makeBusButton($buttons), false, Utils::$systemmessage_code);
} else {
//2.帐号不存在
$tmp = explode("@", $invacc);
$tmp = count($tmp) > 1 ? $tmp[1] : 'fafatime.com';
$sql = "select count(1) as cnt from we_public_domain where domain_name=?";
$ds = $da->GetData("we_public_domain", $sql, array((string) $tmp));
if ($ds && $ds['we_public_domain']['rows'][0]['cnt'] == 0) {
//2.1企业邮箱
$sql = "select eno from we_enterprise where edomain=?";
$ds = $da->GetData("we_enterprise", $sql, array((string) $tmp));
if ($ds && $ds['we_enterprise']['recordcount'] > 0) {
//2.1.1企业已创建 帐号,圈子id,企业edomain des encode
$eno = $ds['we_enterprise']['rows'][0]['eno'];
$encode = DES::encrypt($user->getUsername() . ",{$circle_id},{$eno}");
$activeurl = $this->generateUrl("JustsyBaseBundle_active_inv_s1", array('account' => DES::encrypt($invacc), 'invacc' => $encode), true);
} else {
//2.1.2企业未创建
$sql = "insert into we_register (login_account,ename,credential_path,active_code,ip,email_type,first_reg_date,last_reg_date,register_date,state_id)" . " values (?,?,?,?,?,?,now(),now(),now(),'0')";
$para = array($invacc, '', '', strtoupper(substr(uniqid(), 3, 10)), $_SERVER['REMOTE_ADDR'], '1');
$da->ExecSQL($sql, $para);
//发送邮件 帐号,圈子id,邀请发送者帐号,邀请人企业名 des encode
$encode = DES::encrypt("{$invacc},{$circle_id}," . $user->getUserName() . "," . $user->ename);
$activeurl = $this->generateUrl("JustsyBaseBundle_active_reg_s1", array('account' => $encode), true);
}
//保存邀请信息 circleid保存到eno字段,以字母'c'开头
$invInfo['eno'] = "c{$circle_id}";
$title = $user->nick_name . " 邀请您加入 " . Utils::makeCircleTipHTMLTag($circle_id, $circlename) . " 协作网络";
$txt = $this->renderView('JustsyBaseBundle:Invite:circle_invitation.html.twig', array("ename" => $user->ename, "nick_name" => $user->nick_name, "activeurl" => $activeurl, 'circle_name' => $circlename, 'invMsg' => '', 'staff' => array()));
$invInfo['inv_title'] = $title;
$invInfo['inv_content'] = $txt;
$invInfo['active_addr'] = $activeurl;
InviteController::saveWeInvInfo($da, $invInfo);
Utils::saveMail($da, $user->getUsername(), $invacc, $title, $txt, $invInfo['eno']);
} else {
//公共邮箱
$sql = "insert into we_register (login_account,ename,credential_path,active_code,ip,email_type,first_reg_date,last_reg_date,register_date,state_id) " . "select ?,'','','" . strtoupper(substr(uniqid(), 3, 10)) . "','" . $_SERVER['REMOTE_ADDR'] . "','0',now(),now(),now(),'2' from dual " . "where not exists (select 1 from we_register where login_account=?)";
$para = array($invacc, $invacc);
$da->ExecSQL($sql, $para);
//发送邮件 帐号,圈子id,邀请发送者帐号,邀请人企业名 des encode
$encode = DES::encrypt("{$invacc},{$circle_id}," . $user->getUserName() . "," . $user->ename);
$activeurl = $this->generateUrl("JustsyBaseBundle_active_reg_s1", array('account' => $encode), true);
$invInfo['eno'] = "c{$circle_id}";
$title = $user->nick_name . " 邀请您加入 " . Utils::makeCircleTipHTMLTag($circle_id, $circlename) . " 协作网络";
$txt = $this->renderView('JustsyBaseBundle:Invite:circle_invitation.html.twig', array("ename" => $user->ename, "nick_name" => $user->nick_name, "activeurl" => $activeurl, 'circle_name' => $circlename, 'invMsg' => '', 'staff' => array()));
//保存邀请信息
$invInfo['inv_title'] = $title;
$invInfo['inv_content'] = $txt;
$invInfo['active_addr'] = $activeurl;
InviteController::saveWeInvInfo($da, $invInfo);
Utils::saveMail($da, $user->getUsername(), $invacc, $title, $txt, $invInfo['eno']);
}
}
}
$re["returncode"] = ReturnCode::$SUCCESS;
} catch (\Exception $e) {
$re["returncode"] = ReturnCode::$SYSERROR;
$this->get('logger')->err($e);
}
$response = new Response($request->get('jsoncallback') ? $request->get('jsoncallback') . "(" . json_encode($re) . ");" : json_encode($re));
$response->headers->set('Content-Type', 'text/json');
return $response;
}
public function releaseTogetherAttentionAction($attenaccount)
{
$da = $this->get('we_data_access');
$paras = explode(",", DES::decrypt($attenaccount));
if (count($paras) != 2) {
return new Response("{\"succeed\":0,\"msg\":\"parameter error\"}");
}
$sql = "select (select login_account from we_staff where fafa_jid=?) account1,(select login_account from we_staff where fafa_jid=?) account2";
$dataset = $da->GetData("accounts", $sql, array((string) $paras[0], (string) $paras[1]));
if (empty($dataset) || $dataset["accounts"]["recordcount"] == 0) {
return new Response("{\"succeed\":1}");
}
$isme = $dataset["accounts"]["rows"][0]["account1"];
$attenaccount = $dataset["accounts"]["rows"][0]["account2"];
$da = $this->get('we_data_access');
$attention_type = '01';
//关注人员
$sqls = array("delete from we_staff_atten where login_account=? and atten_type=? and atten_id=?", "delete from we_staff_atten where login_account=? and atten_type=? and atten_id=?");
$para = array();
$para[] = array((string) $isme, (string) $attention_type, (string) $attenaccount);
$para[] = array((string) $attenaccount, (string) $attention_type, (string) $isme);
$da->ExecSQLs($sqls, $para);
$response = new Response("{\"succeed\":1,\"both\":0}");
$response->headers->set('Content-Type', 'text/json');
return $response;
}
public function getByDsid($user, $re, $parameters, $container)
{
if (isset($re["inf_url"]) && isset($re["req_user"]) && isset($re["req_pass"]) && isset($re["req_action"])) {
$configure = json_decode($re["inf_url"], true);
$data = array();
if (count($configure) > 1) {
$charset = isset($configure["charset"]) && !empty($configure["charset"]) ? $configure["charset"] : "GBK";
$server = $configure["server"] . (isset($configure["port"]) && !empty($configure["port"]) ? $configure["port"] : "3306");
$dbname = $configure["dbname"];
$sql = $re["req_action"];
//判断服务器连接属性不允许为空
if (empty($server)) {
throw new \Exception("请指定服务器地址!");
} else {
if (empty($dbname)) {
throw new \Exception("请指定数据库名称!");
} else {
if (empty($sql)) {
throw new \Exception("请求的SQL语句不允许为空!");
} else {
$uid = $re["req_user"];
$pwd = DES::decrypt($re["req_pass"]);
$connectionInfo = array("UID" => $uid, "PWD" => $pwd, "Database" => $dbname);
$conn = sqlsrv_connect($server, $connectionInfo);
if ($conn) {
$need_para = $re["inf_parameter"];
if (!empty($need_para) && is_string($need_para)) {
$need_para = json_decode($need_para, true);
}
//如果有传入参数请,对传入参数的处理
if (strpos($sql, "@") !== false && !empty($need_para)) {
$parameters = json_decode($parameters, true);
//将json格式的参数转化为数组
foreach ($need_para as $key => $val) {
$paraname = "@" . $key;
if (isset($parameters[$key])) {
$val = $parameters[$key];
}
if ($paraname == "@pageno" || $paraname == "@pagesize") {
$pagesize = isset($parameters["pagesize"]) ? $parameters["pagesize"] : $need_para["pagesize"];
$pageno = isset($parameters["pageno"]) ? $parameters["pageno"] : $need_para["pageno"];
//翻页参数处理
$limitstart = $pageno * $pagesize;
$sql = preg_replace("/@pageno *\\* *@pagesize/is", $limitstart, $sql);
}
$sql = preg_replace("/" . $paraname . "/is", $val, $sql);
}
$sql = rtrim($sql, ";");
$sqls = explode(";", $sql);
} else {
$sqls = array($sql);
}
//执行有结果集的SQL语句
$table = sqlsrv_query($conn, $sql);
if ($table === false) {
throw new \Exception(json_encode(sqlsrv_errors()));
} else {
$data = array();
while ($row = sqlsrv_fetch_array($table, SQLSRV_FETCH_ASSOC)) {
if ($charset != "UTF-8") {
foreach ($row as $key => $value) {
$row[$key] = iconv($charset, "UTF-8", $value);
}
}
array_push($data, $row);
}
return array("returncode" => ReturnCode::$SUCCESS, "data" => $data, "msg" => "");
}
} else {
throw new \Exception(json_encode(sqlsrv_errors()));
}
}
}
}
} else {
throw new \Exception("请指定数据库连接详细参数!");
}
} else {
throw new \Exception("请指定数据库连接详细参数!");
}
}
public static function bindBatAction($controller, $con, $appid, $eno, $encrypt, $params)
{
$re = array('s' => '1', 'm' => '');
try {
$openids = $params->get("openids");
if ($openids == 'all') {
$sql = "select openid from we_staff where eno=? and auth_level!='J'";
$param = array($eno);
$ds = $con->getdata('info', $sql, $param);
$rows = $ds['info']['rows'];
foreach ($rows as $row) {
$openidArr[] = $row['openid'];
}
} else {
$openidArr = explode(',', $openids);
}
$sql = "select appkey from we_appcenter_apps where appid=?";
$ds = $con->GetData("t", $sql, array((string) $appid));
$appkey = '';
if (count($ds["t"]["rows"]) > 0) {
$appkey = $ds["t"]["rows"][0]["appkey"];
}
$sqls = [];
$paras = [];
for ($i = 0; $i < count($openidArr); $i++) {
$sql = "select mobile,nick_name,birthday,sex_id,login_account from we_staff where openid=?";
$params = array($openidArr[$i]);
$ds = $con->getdata('info', $sql, $params);
if ($ds['info']['recordcount'] > 0) {
$pam_account = array();
$pam_account['login_name'] = $ds['info']['rows'][0]['login_account'];
$pam_account['login_password'] = '******';
$pam_account['psw_confirm'] = '123456';
$auth = array('userid' => $pam_account['login_name'], 'passwd' => $pam_account['login_password']);
$auth = json_encode($auth);
//$auth=DES::encrypt2($auth,'_sddb74+');
$auth = DES::encrypt2($auth, $appkey);
$pam_account = json_encode($pam_account);
$pam_account = DES::encrypt2($pam_account, 'ecstore');
$addr = "";
$name = $ds['info']['rows'][0]['nick_name'];
$phone = $ds['info']['rows'][0]['phone'];
$qq = "";
$zipcode = "";
$birthday = $ds['info']['rows'][0]['birthday'];
$gender = $ds['info']['rows'][0]['sex_id'] == '女' ? 'female' : 'male';
$data = "pam_account={$pam_account}&addr={$addr}&name={$name}&phone={$phone}&qq={$qq}&zipcode={$zipcode}&birthday={$birthday}&gender={$gender}";
$result = Utils::do_post_request(self::$bind_url . "&" . $data);
$result = json_decode($result, true);
if ($result['rsp'] != 'fail') {
$sql = "delete from we_staff_account_bind where bind_account=? and bind_type=? and appid=?";
$params = array($openidArr[$i], self::$bind_type, $appid);
array_push($sqls, $sql);
array_push($paras, $params);
$sql = "insert into we_staff_account_bind(bind_account,appid,bind_uid,authkey,bind_type,bind_created)values(?,?,?,?,?,now())";
$params = array($openidArr[$i], (string) $appid, $ds['info']['rows'][0]['login_account'], (string) $auth, self::$bind_type);
array_push($sqls, $sql);
array_push($paras, $params);
}
}
}
if (count($sqls) > 0) {
if (!$con->ExecSQLs($sqls, $paras)) {
$re = array('s' => '0', 'm' => '操作失败');
}
}
} catch (\Exception $e) {
$re = array('s' => '0', 'm' => $e->getMessage());
}
return $re;
}
$network_domain = $request->get("network_domain");
$group_id = (string) SysSeq::GetSeqNextValue($da, "we_groups", "group_id");
$sqls = array("insert into we_groups(group_id,circle_id,group_name,group_desc,group_photo_path,join_method,create_staff,create_date)value(?,?,?,?,?,?,?,now())", "insert into we_group_staff(group_id,login_account)values(?,?)");
$paras = array(array((string) $group_id, (string) $user->get_circle_id($network_domain), (string) $request->get("txtname"), (string) $request->get("txtdesc"), (string) $fileid == "" ? null : $fileid, (string) $request->get("radjoin"), (string) $user->getUsername()), array((string) $group_id, (string) $user->getUsername()));
} else {
$sqls = "update we_groups set group_name=?,group_desc=?,group_photo_path=?,join_method=? where group_id=?";
$sqls_im = "update im_group set groupname=?,groupdesc=?,join_method=? where groupid=?";
$paras = array((string) $request->get("txtname"), (string) $request->get("txtdesc"), (string) $fileid == "" ? null : $fileid, (string) $request->get("radjoin"), (string) $groupid);
$paras_im = array((string) $request->get("txtname"), (string) $request->get("txtdesc"), (string) $request->get("radjoin"), (string) $groupid);
}
try {
if ($groupid == 0) {
$da->ExecSQLs($sqls, $paras);
} else {
$da->ExecSQL($sqls, $paras);
$da_im->ExecSQL($sqls_im, $paras_im);
}
return $this->redirect($this->generateUrl("JustsyBaseBundle_group"));
} catch (Exception $e) {
return $this->render('JustsyBaseBundle:login:index.html.twig', array('name' => 'err'));
}
}
//指定群的最新动态列表。专门为PC端提供
//参数data:由openid,groupid组成
public function trendListForPCAction()
{
$res = $this->get("request");
$auth = $res->get("authcode");
$paras = $res->get("data");
if ($auth == null || $auth == "") {
$this->get("logger")->err("=====pcSyncAction Error:authcode为空!");
return $this->render('JustsyBaseBundle:Group:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
//$paras = explode(",", trim(DES::decrypt($paras)));
try {
$auth = trim(DES::decrypt($auth));
//解密参数串
$paras = explode(",", trim(DES::decrypt($paras)));
//授权码已过期
$lng = time() - (int) $auth;
if ($lng > 30 || $lng < 0) {
$this->get("logger")->err("=====pcSyncAction Error:授权码已过期!");
return $this->render('JustsyBaseBundle:Group:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
} catch (\Exception $e) {
$this->get("logger")->err($e);
return $this->render('JustsyBaseBundle:Group:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
try {
if (count($paras) != 2) {
$this->get("logger")->err("=====pcSyncAction Error:参数{$paras不正确!}");
return $this->render('JustsyBaseBundle:Group:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
$ec = new \Justsy\BaseBundle\Controller\PersonalHomeController();
$ec->setContainer($this->container);
//通过openID获取用户信息
$user = $ec->loadUserByUsername($paras[0]);
if ($user == null) {
$this->get("logger")->err("=====pcSyncAction Error:{$paras用户信息未找到!}");
return $this->render('JustsyBaseBundle:Group:pcsync_error.html.twig');
//$this->redirect($this->generateUrl('JustsyBaseBundle_login'));
}
//登记seesion
$token = new UsernamePasswordToken($user, $user->getPassword(), "secured_area", $user->getRoles());
$this->get("security.context")->setToken($token);
$session = $res->getSession()->set('_security_' . 'secured_area', serialize($token));
$event = new InteractiveLoginEvent($this->get("request"), $token);
$this->get("event_dispatcher")->dispatch("security.interactive_login", $event);
$photo_url = $this->container->getParameter('FILE_WEBSERVER_URL') . $user->photo_path_small;
public function getauthAction($openid, $appid)
{
$da = $this->get("we_data_access");
$request = $this->get("request");
$re = array("returncode" => "0000");
//$bx_data=$request->get("data");
try {
$bind_type = $request->get('bind_type');
if ($bind_type == '') {
return $this->responseJson(array("returncode" => "9999", "msg" => 'bind_type无效'), $request->get('jsoncallback'));
}
$sql = "select appkey from we_appcenter_apps where appid=?";
$ds = $da->GetData("t", $sql, array((string) $appid));
if (count($ds["t"]["rows"]) == 0) {
$re = array("returncode" => "9999", "msg" => "appid is not found");
} else {
$appkey = $ds["t"]["rows"][0]["appkey"];
$isdecrypt = $request->get("decrypt");
$sql = "select authkey,bind_uid from we_staff_account_bind where bind_account=? and bind_type=? and appid=?";
$ds = $da->GetData("t", $sql, array((string) $openid, (string) $bind_type, $appid));
if ($ds['t']['recordcount'] == 0) {
$re = array("returncode" => "0000", "msg" => "未获取到绑定信息");
return $this->responseJson($re);
}
$authkey = $ds["t"]["rows"][0]["authkey"];
$authkey = DES::decrypt2($authkey, $appkey);
if ($isdecrypt == "1") {
//$authkey=DES::decrypt2($authkey,$appkey);
}
$re["code"] = $authkey;
}
} catch (\Exception $e) {
$re = array("returncode" => "9999", "msg" => $e->getMessage());
}
return $this->responseJson($re);
}
public function resetPwdSaveAction(Request $request)
{
$da = $this->get('we_data_access');
$login_account = $request->get('login_account');
$pwd = $request->request->get('pwd');
$id = $request->get('id');
$t_code = DES::encrypt($pwd);
$user = new UserSession($login_account, $pwd, $login_account, array("ROLE_USER"));
$factory = $this->get("security.encoder_factory");
$encoder = $factory->getEncoder($user);
$pwd = $encoder->encodePassword($pwd, $user->getSalt());
$sql = "update we_staff set password=?,t_code=? where login_account=?";
$da->ExecSQL($sql, array((string) $pwd, (string) $t_code, (string) $login_account));
$sql = "update we_retrieve_password set valid='0' where id=? and login_account=?";
$da->ExecSQL($sql, array((string) $id, (string) $login_account));
//更改im密码
$da_im = $this->get('we_data_access_im');
$pwd = $this->get('request')->request->get('pwd');
$sql = "select fafa_jid from we_staff where login_account=?";
$ds = $da->GetData('we_staff', $sql, array((string) $login_account));
if ($ds && $ds['we_staff']['recordcount'] > 0) {
$fafa_jid = $ds['we_staff']['rows'][0]['fafa_jid'];
$sqls[] = "update im_employee set password=? where loginname=?";
$sqls[] = "update users set password=? where username=?";
$paras[] = array((string) $pwd, (string) $fafa_jid);
$paras[] = array((string) $pwd, (string) $fafa_jid);
$da_im->ExecSQLs($sqls, $paras);
}
$result = array("succeed" => true, "url" => $this->generateUrl('root'));
$response = new Response(json_encode($result));
$response->headers->set('Content-Type', 'text/json');
return $response;
}
public function getByDsid($user, $re, $parameters, $container)
{
if (isset($re["inf_url"]) && isset($re["req_user"]) && isset($re["req_pass"]) && isset($re["req_action"])) {
//{"type":"MySQL","server":"182.92.11.9","port":"3531","charset":"UTF-8","dbname":"we_im"}
$configure = json_decode($re["inf_url"], true);
//$configure = explode(";",$url);
$data = array();
if (count($configure) > 1) {
$charset = isset($configure["charset"]) && !empty($configure["charset"]) ? $configure["charset"] : "utf8";
$server = $configure["server"] . ":" . (isset($configure["port"]) && !empty($configure["port"]) ? $configure["port"] : "3306");
$dbname = $configure["dbname"];
$sql = $re["req_action"];
if (empty($server)) {
throw new \Exception("请指定连接到的服务器!");
} else {
if (empty($dbname)) {
throw new \Exception("请指定连接到服务器的数据库名称!");
} else {
if (empty($sql)) {
throw new \Exception("请求的MySQL语句不能为空!");
} else {
$dbuser = $re["req_user"];
$dbpassword = DES::decrypt($re["req_pass"]);
$conn = mysql_connect($server, $dbuser, $dbpassword);
if ($conn) {
mysql_select_db($dbname, $conn);
$utf = "set names '" . $charset . "'";
mysql_query($utf, $conn);
$sqls = array();
$need_para = $re["inf_parameter"];
if (!empty($need_para) && is_string($need_para)) {
$need_para = json_decode($need_para, true);
}
//如果有传入参数请,对传入参数的处理
if (strpos($sql, "@") !== false && !empty($need_para)) {
$parameters = json_decode($parameters, true);
//将json格式的参数转化为数组
for ($i = 0; $i < count($need_para); $i++) {
$key = $need_para[$i]["paramname"];
$paraname = "@" . $key;
if ($paraname == "@pageno" || $paraname == "@pagesize") {
$pagesize = isset($parameters["pagesize"]) ? $parameters["pagesize"] : $need_para[$i]["paramvalue"];
$pageno = isset($parameters["pageno"]) ? $parameters["pageno"] : $need_para[$i]["paramvalue"];
//翻页参数处理
$limitstart = $pageno * $pagesize;
$sql = preg_replace("/@pageno *\\* *@pagesize/is", $limitstart, $sql);
}
$val = isset($parameters[$key]) ? $parameters[$key] : $need_para[$i]["paramvalue"];
$sql = preg_replace("/" . $paraname . "/is", $val, $sql);
}
$sql = rtrim($sql, ";");
$sqls = explode(";", $sql);
} else {
$sqls = array($sql);
}
$container->get("logger")->err(json_encode($sqls));
for ($i = 0; $i < count($sqls); $i++) {
$sql = $sqls[$i];
$table = mysql_query($sql);
if ($table === false) {
mysql_close($conn);
throw new \Exception("SQL[" . $sql . "]操作失败,请检查!");
} else {
$temp = array();
if (mysql_num_rows($table) > 0) {
while ($row = mysql_fetch_array($table, MYSQL_ASSOC)) {
array_push($temp, $row);
}
}
if (count($sqls) == 1) {
$data = array("returncode" => ReturnCode::$SUCCESS, "data" => $temp, "msg" => "操作成功!");
} else {
$data["data" . $i] = array("returncode" => ReturnCode::$SUCCESS, "data" => $temp, "msg" => "操作成功!");
}
}
}
//关闭数据库连接
mysql_close($conn);
return $data;
} else {
throw new \Exception("连接数据库失败,请检查您的数据库连接配置!");
}
}
}
}
} else {
throw new \Exception("数据库连接参数inf_url不详细!");
}
} else {
throw new \Exception("请指定连接属性!");
}
}
public function changeLoginAccount($newAccount, $factory)
{
$oldUser = $this->getInfo();
//原用户信息
$jid = $oldUser["fafa_jid"];
$t_code = $oldUser["t_code"];
$ldap_uid = $oldUser["ldap_uid"];
$pass = DES::decrypt($t_code);
if (!strpos($newAccount, "@")) {
$domain = $this->container->getParameter('edomain');
$ldap_uid = $newAccount;
$newAccount .= "@" . $domain;
}
$user = new \Justsy\BaseBundle\Login\UserSession($newAccount, $pass, $newAccount, array("ROLE_USER"));
$encoder = $factory->getEncoder($user);
$micro_password = $encoder->encodePassword($pass, $newAccount);
$sql = "update we_staff set password=?,t_code=?,ldap_uid=? where login_account=?";
$paras = array((string) $micro_password, (string) $t_code, (string) $ldap_uid, (string) $this->account);
$result = array();
try {
$dataexec = $this->conn->ExecSQL($sql, $paras);
//更新帐号
$this->conn->ExecSQL("call p_change_login_account(?,?)", array((string) $this->account, (string) $newAccount));
//刷新缓存
$this->getInfo(true);
$result = Utils::WrapResultOK("");
} catch (\Exception $e) {
$result = Utils::WrapResultError($e->getMessage());
}
return $result;
}
public static function bindAction($controller, $con, $appid, $openid, $params)
{
$re = array("returncode" => "0000");
try {
$bindinfo = $params->get("auth");
$bindinfo = explode(",", $bindinfo);
$bind_uid = $bindinfo[0];
$authkey = count($bindinfo) == 1 ? "" : DES::encrypt($bindinfo[1]);
$app = new \Justsy\BaseBundle\Management\App($controller->container);
$appdata = $app->getappinfo(array("appid" => $appid));
//获取应用信息
//自动身份认证
$cookie_key = self::$bind_type . "_" . $openid;
$loginUrl = $appdata["authorization_url"];
if (!empty($loginUrl)) {
$authResult = Utils::do_get_request_cookie($loginUrl . "&" . http_build_query(array("uid" => $bind_uid, "upwd" => md5(DES::decrypt($authkey)))), null, null, $cookie_key);
$authResult = json_decode($authResult, true);
if (!isset($authResult["islogin"]) || $authResult["islogin"] != "1") {
return $controller->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'errormsg' => '绑定的帐号或密码不正确', 'ssomodule' => self::$bind_type . "Controller"));
}
}
$app->setappbind(array("appid" => $appid, "openid" => $openid, "bind_type" => self::$bind_type, "bind_uid" => $bind_uid, "authkey" => $authkey));
} catch (\Exception $e) {
$response = new Response($e->getMessage());
$response->headers->set('Content-Type', 'text/html');
return $response;
}
return self::responseJson(json_encode($re));
}
public function getAppSig($appid, $appkey)
{
//格式orgid,acc,pass,p1,p2 des加密
try {
//获取当前用户在该应用中的唯一标识
if (!empty($this->openid)) {
$resultAcc = DES::encrypt2($this->eno . "," . $this->openid . "," . $this->nick_name . "," . $this->identify . ",FaFa:SNS", $appkey);
return $resultAcc;
} else {
return "";
}
} catch (Exception $e) {
return "";
}
}
public function loadUserByUsername($username)
{
$dataset = $this->getUserInfo($username);
$DataAccess = $this->get('we_data_access');
if ($dataset && $dataset["we_staff"]["recordcount"] > 0) {
$we_staff_row = $dataset["we_staff"]["rows"][0];
$password = $we_staff_row['password'];
$salt = $we_staff_row['login_account'];
$roles = array('ROLE_USER');
$sqls = array();
$params = array();
//获取用户角色和对应功能点数据
$sqls[] = "select DISTINCT d.`code`,d.`name`\n\t from we_staff_role a ,we_role b, we_role_function c,we_function d \n\t\t\twhere a.roleid=b.id and b.id=c.roleid and c.functionid=d.id and a.staff=? ;";
//获取用户角色
$sqls[] = "select DISTINCT b.name,b.code from we_staff_role a,we_role b where a.roleid=b.id and a.staff=?";
$params[] = array((string) $salt);
$params[] = array((string) $salt);
$ds = $DataAccess->GetDatas(array("we_function", "we_role"), $sqls, $params);
$us = new UserSession($we_staff_row['login_account'], $password, $salt, $roles);
$us->nick_name = $we_staff_row['nick_name'];
//$us->identify = $we_staff_row['identify'];
$us->photo_path = $we_staff_row['photo_path'];
$us->photo_path_small = $we_staff_row['photo_path_small'];
$us->photo_path_big = $we_staff_row['photo_path_big'];
$us->dept_id = $we_staff_row['dept_id'];
$us->dept_name = $we_staff_row['dept_name'];
$us->dept_name = $us->dept_name == null ? "[未设置部门]" : $us->dept_name;
$us->eno = $we_staff_row['eno'];
$us->fafa_jid = $we_staff_row['fafa_jid'];
$us->duty = $we_staff_row['duty'];
$us->work_phone = $we_staff_row['work_phone'];
$us->mobile = $we_staff_row['mobile'];
$us->birthday = $we_staff_row['birthday'];
$us->sex_id = $we_staff_row['sex_id'];
$us->openid = $we_staff_row['openid'];
$us->t_code = trim(DES::decrypt($we_staff_row['t_code']));
$us->edomain = $we_staff_row['edomain'];
$us->ename = $we_staff_row['ename'];
$us->eshortname = $we_staff_row['eshortname'];
$us->total_point = $we_staff_row['total_point'];
$us->level = \Justsy\BaseBundle\Common\ExperienceLevel::getLevel($us->total_point);
$us->vip_level = empty($we_staff_row['vip_level']) ? '1' : $we_staff_row['vip_level'];
$us->auth_level = empty($we_staff_row['auth_level']) ? 'J' : $we_staff_row['auth_level'];
if ($us->auth_level != 'S') {
$us->vip_level = $us->level;
}
$us->eno_level = $we_staff_row['eno_level'];
$us->we_level = $we_staff_row['we_level'];
foreach ($dataset["we_circle"]["rows"] as &$row) {
$us->circle_ids[] = $row['circle_id'];
$us->circle_names[] = $row['circle_name'];
$us->network_domains[] = $row['network_domain'];
$us->circle_logo_path_small[] = $row['logo_path_small'];
}
$us->manager_circles = $this->get_manager_circles($we_staff_row['login_account']);
foreach ($ds["we_function"]["rows"] as &$row) {
$us->function_names[] = $row['name'];
$us->function_codes[] = $row['code'];
$us->function_array[] = array("name" => $row['name'], "code" => $row['code']);
}
foreach ($ds["we_role"]["rows"] as &$row) {
$us->role_names[] = $row['name'];
$us->role_codes[] = $row['code'];
$us->role_array[] = array("name" => $row['name'], "code" => $row['code']);
}
return $us;
} else {
return null;
}
}
public static function userAuthAction($container, $request, $dbcon, $con_im, $login_account, $password, $comefrom)
{
$login_account = strtolower($login_account);
try {
$password = strtoupper(md5($password));
//$container->get("logger")->err($password);
$staff = new Staff($dbcon, $con_im, strtolower($login_account));
$user = $staff->getInfo();
if ($user == null || $user["state_id"] != "1") {
$re["returncode"] = ReturnCode::$ERROFUSERORPWD;
return $re;
}
$login_account = $user["login_account"];
$Obj = new \Justsy\BaseBundle\Login\UserProvider($container);
//
$factory = $container->get('security.encoder_factory');
//判断是否修改过密码.这时针对从第三方注册的帐号的密码为不可解开密文的情况时,sns中的密码和t_code字段临时存储为完全相同的数据
//程序判断到这种情况 时,需要进行内部自动更改密码操作,之前的临时数据即为用户新密码
//$container->get("logger")->err($user["password"]."==".$user["t_code"]);
if ($user["password"] == $user["t_code"]) {
$tmpPass = DES::encrypt($password);
if ($tmpPass != $user["t_code"]) {
$re["returncode"] = ReturnCode::$ERROFUSERORPWD;
}
//更新密码
$staff->changepassword($login_account, $password, $factory);
}
$user = new UserSession($login_account, $password, $login_account, array("ROLE_USER"));
$encoder = $factory->getEncoder($user);
$password_enc = $encoder->encodePassword($password, $login_account);
$user = $Obj->loadUserByUsername($login_account, $comefrom);
//$container->get("logger")->err($user->getPassword()."==".$password_enc);
$logined = 1;
if ($user->getPassword() != $password_enc) {
//如果密码不正确时,有可能是修改了密码,只刷新了一台服务器上的缓存,其他集群环境中的还是原来的缓存
//刷新当前服务器的人员信息才重试
$u_staff = new Staff($dbcon, $con_im, $user->getusername(), $container->get('logger'));
$user = $u_staff->getInfo(true);
//刷新人员信息
//$container->get("logger")->err("refresh cache data.....");
$user = $Obj->loadUserByUsername($login_account, $comefrom);
if ($user->getPassword() != $password_enc) {
$container->get("logger")->err($login_account . "==>" . $password . "=>" . $password_enc . "=>" . $user->getPassword());
$re["returncode"] = ReturnCode::$ERROFUSERORPWD;
$logined = null;
}
}
if (!empty($logined)) {
//�Ǽ�seesion
$token = new \Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken($user, $user->getPassword(), "secured_area", $user->getRoles());
$container->get("security.context")->setToken($token);
$session = $request->getSession()->set('_security_' . 'secured_area', serialize($token));
$event = new \Symfony\Component\Security\Http\Event\InteractiveLoginEvent($request, $token);
$container->get("event_dispatcher")->dispatch("security.interactive_login", $event);
$re["returncode"] = ReturnCode::$SUCCESS;
$re["openid"] = $user->openid;
$re["login_account"] = $login_account;
$re["ldap_uid"] = $user->ldap_uid;
$re["jid"] = $user->fafa_jid;
$re["des"] = $user->t_code;
}
} catch (\Symfony\Component\Security\Core\Exception\UsernameNotFoundException $e) {
$re["returncode"] = ReturnCode::$ERROFUSERORPWD;
} catch (\Exception $e) {
$container->get("logger")->err($e);
$re["returncode"] = ReturnCode::$SYSERROR;
}
return $re;
}
