public function autoinAction($appid) { $request = $this->getRequest(); $user = $this->get('security.context')->getToken()->getUser(); $encode = $user->eno . ",{$user->openid},x,y," . time(); $appid2 = DES::decrypt($appid); $da = $this->get('we_data_access'); $ds = $da->GetData("app", "select appkey from we_appcenter_apps where appid=? ", array((string) $appid2)); $auth = DES::encrypt2($encode, $ds["app"]["rows"][0]["appkey"]); //获取url $url = $_SERVER['QUERY_STRING']; //$urlsource=$request->get("_urlSource"); //$this->get("logger")->err("wefafa=>".$url); if (!empty($url)) { $url = "&url=" . $this->parseurl(str_replace(array("url=", "%25"), array("", "%"), $url)); } //if(!empty($urlsource)) // $url .= "%2526urlsource=".($urlsource); //$this->get("logger")->err("query_string=>".$_SERVER['QUERY_STRING']); //生成应用中心地址 $appcenterUrl = $this->container->getParameter('fafa_appcenter_url') . "/appcenter/link/{$appid}"; $appcenterUrl .= "?auth={$auth}" . $url; $this->get("logger")->err("appcenterUrl=>" . $appcenterUrl); return $this->redirect($appcenterUrl); }
public function indexAction($network_domain, $appid) { try { $user = $this->get('security.context')->getToken()->getUser(); $this->get("logger")->err($this->getrequest()); $appid = trim(DES::decrypt($appid)); //$this->get("logger")->err($appid); if ($appid == "index") { $checkcode = $user->getAppSig($appid, DES::$key); return $this->render("JustsyBaseBundle:AppCenter:wefafaHeader.html.twig", array('curr_network_domain' => $network_domain, 'error' => "", 'weburl' => "", 'checkcode' => $checkcode)); } $da = $this->get("we_data_access"); $sql = "select a.*,(select eno from we_enterprise where eno=a.appdeveloper and edomain='fafatime.com') dev from we_appcenter_apps a where a.appid=? "; $ds = $da->GetData("app", $sql, array((string) $appid)); $checkcode = $user->getAppSig($appid, $ds["app"]["rows"][0]["appkey"]); if ($checkcode == "") { return $this->render("JustsyBaseBundle:AppCenter:index.html.twig", array('curr_network_domain' => $network_domain, 'error' => "请向管理获取你的openid!", 'weburl' => "", 'checkcode' => "")); } else { if (empty($ds) || count($ds["app"]["rows"]) == 0) { return $this->render("JustsyBaseBundle:AppCenter:index.html.twig", array('curr_network_domain' => $network_domain, 'error' => "应用不存在或者未认证!", 'weburl' => "", 'checkcode' => "")); } else { $apptype = $ds["app"]["rows"][0]["apptype"]; if ($ds["app"]["rows"][0]["appdeveloper"] != $user->eno) { if ($apptype != "4" || $apptype == "4" && empty($ds["app"]["rows"][0]["dev"])) { //判断当前企业是否已订阅该应用 $sql = "select 1 from we_app_subscibe A ,we_staff B where A.appid=? and A.objectid=B.eno and B.login_account=? and B.state_id='1'"; $t_ds = $da->GetData("t_app", $sql, array((string) $appid, (string) $user->getUsername())); if (count($t_ds["t_app"]["rows"]) == 0) { return $this->render("JustsyBaseBundle:AppCenter:hint.html.twig", array('curr_network_domain' => $network_domain, 'nick' => $user->nick_name, 'jid' => $user->fafa_jid)); } } } //到应用中心获取当前应用的基本信息,主要获取入口地址 $weburl = $ds["app"]["rows"][0]["url"]; if (strpos($weburl, "http://") === false && strpos($weburl, "https://") === false) { if (strpos($weburl, "html.twig") === false) { return $this->forward($weburl, array("network_domain" => $network_domain)); } else { return $this->render($weburl, array('this' => $this, 'network_domain' => $network_domain, 'checkcode' => $checkcode, 'appname' => $ds["app"]["rows"][0]["appname"], 'logo' => $ds["app"]["rows"][0]["logo"])); } } else { $weburl = strpos($weburl, "?") > 0 ? $weburl : $weburl . "?1=1"; return $this->render("JustsyBaseBundle:AppCenter:index.html.twig", array('curr_network_domain' => $network_domain, 'weburl' => $weburl, 'checkcode' => $checkcode, 'appname' => $ds["app"]["rows"][0]["appname"], 'logo' => $ds["app"]["rows"][0]["logo"])); } } } } catch (\Exception $e) { $this->get("logger")->err($e); return $this->render("JustsyBaseBundle:AppCenter:hint.html.twig", array('curr_network_domain' => $network_domain, 'nick' => $user->nick_name, 'jid' => $user->fafa_jid)); } }
public function WeiXinLoginAction() { $deploy_mode = $this->container->getParameter('deploy_mode'); $da = $this->get("we_data_access"); $request = $this->getRequest(); $openid = $request->get("openid"); $unionid = $request->get("unionid"); $logintype = $request->get("logintype"); $logintype = empty($logintype) ? "02" : $logintype; $ldap_uid = null; $login_account = $unionid . "@fafatime.com"; $staffMgr = new \Justsy\BaseBundle\Management\Staff($da, $this->get('we_data_access_im'), $login_account, $this->get("logger"), $this->container); $staffdata = $staffMgr->getInfo(); $re = array("returncode" => ReturnCode::$SYSERROR, "msg" => ""); $password = ""; //账号为空表示不存在 if (empty($staffdata)) { $eno = $deploy_mode == "C" ? Utils::$PUBLIC_ENO : ""; if (empty($eno)) { $cacheobj = new \Justsy\BaseBundle\Management\Enterprise($da, $this->get("logger"), $this->container); //获取用户认证模块 $authConfig = $cacheobj->getUserAuth(); if (!empty($authConfig)) { $eno = $authConfig["ENO"]; } if (empty($eno)) { $re["returncode"] = ReturnCode::$SYSERROR; $re["msg"] = "企业号不能为空。"; return $re; } } $ldap_uid = $unionid; $password = rand(1000000, 999999); $parameter = array("appid" => $request->get("appid"), "eno" => $eno, "openid" => $openid, "nick_name" => $request->get("nickname"), "sex" => $request->get("sex"), "province" => $request->get("province"), "city" => $request->get("city"), "headimgurl" => $request->get("headimgurl"), "unionid" => $unionid, "account" => "", "password" => $password, "ldap_uid" => $ldap_uid, "type" => "weixin"); $staffdata = $staffMgr->createstaff($parameter); //注册用户账号 if ($staffdata["returncode"] == ReturnCode::$SUCCESS) { $re = $this->autologin($login_account, $password, $logintype); } else { $re = $staffdata; } } else { $password = DES::decrypt($staffdata["t_code"]); $re = $this->autologin($login_account, $password, $logintype); } //$staffdata["des"] = DES::decrypt($staffdata["t_code"]); $response = new Response(json_encode($re)); $response->headers->set('Content-Type', 'text/json'); return $response; }
public function getData($type, $code) { if (empty($code)) { $result = Utils::WrapResultError("无效的数据"); return $this->responseJson($result); } try { if (empty($type)) { $result = Utils::WrapResultError("无效的type参数"); return $this->responseJson($result); } //$this->logger->err($code); $code = DES::decrypt($code); $code = explode(",", $code); $result = call_user_func_array(array(self, $type), $code); return $this->responseJson($result); } catch (\Exception $e) { $this->logger->err($e); $result = Utils::WrapResultError($e->getMessage()); } return $this->responseJson($result); }
public function getByDsid($user, $re, $parameters, $container) { if (isset($re["inf_url"]) && isset($re["req_user"]) && isset($re["req_pass"]) && isset($re["req_action"])) { //{"type":"MySQL","server":"182.92.11.9","port":"3531","charset":"UTF-8","dbname":"we_im"} $configure = json_decode($re["inf_url"], true); //$configure = explode(";",$url); $data = array(); if (count($configure) > 1) { $charset = isset($configure["charset"]) && !empty($configure["charset"]) ? $configure["charset"] : "utf8"; $server = $configure["server"] . ":" . (isset($configure["port"]) && !empty($configure["port"]) ? $configure["port"] : "3306"); $dbname = $configure["dbname"]; $sql = $re["req_action"]; if (empty($server)) { throw new \Exception("请指定连接到的服务器!"); } else { if (empty($dbname)) { throw new \Exception("请指定连接到服务器的数据库名称!"); } else { if (empty($sql)) { throw new \Exception("请求的MySQL语句不能为空!"); } else { $dbuser = $re["req_user"]; $dbpassword = DES::decrypt($re["req_pass"]); $conn = mysql_connect($server, $dbuser, $dbpassword); if ($conn) { mysql_select_db($dbname, $conn); $utf = "set names '" . $charset . "'"; mysql_query($utf, $conn); $sqls = array(); $need_para = $re["inf_parameter"]; if (!empty($need_para) && is_string($need_para)) { $need_para = json_decode($need_para, true); } //如果有传入参数请,对传入参数的处理 if (strpos($sql, "@") !== false && !empty($need_para)) { $parameters = json_decode($parameters, true); //将json格式的参数转化为数组 for ($i = 0; $i < count($need_para); $i++) { $key = $need_para[$i]["paramname"]; $paraname = "@" . $key; if ($paraname == "@pageno" || $paraname == "@pagesize") { $pagesize = isset($parameters["pagesize"]) ? $parameters["pagesize"] : $need_para[$i]["paramvalue"]; $pageno = isset($parameters["pageno"]) ? $parameters["pageno"] : $need_para[$i]["paramvalue"]; //翻页参数处理 $limitstart = $pageno * $pagesize; $sql = preg_replace("/@pageno *\\* *@pagesize/is", $limitstart, $sql); } $val = isset($parameters[$key]) ? $parameters[$key] : $need_para[$i]["paramvalue"]; $sql = preg_replace("/" . $paraname . "/is", $val, $sql); } $sql = rtrim($sql, ";"); $sqls = explode(";", $sql); } else { $sqls = array($sql); } $container->get("logger")->err(json_encode($sqls)); for ($i = 0; $i < count($sqls); $i++) { $sql = $sqls[$i]; $table = mysql_query($sql); if ($table === false) { mysql_close($conn); throw new \Exception("SQL[" . $sql . "]操作失败,请检查!"); } else { $temp = array(); if (mysql_num_rows($table) > 0) { while ($row = mysql_fetch_array($table, MYSQL_ASSOC)) { array_push($temp, $row); } } if (count($sqls) == 1) { $data = array("returncode" => ReturnCode::$SUCCESS, "data" => $temp, "msg" => "操作成功!"); } else { $data["data" . $i] = array("returncode" => ReturnCode::$SUCCESS, "data" => $temp, "msg" => "操作成功!"); } } } //关闭数据库连接 mysql_close($conn); return $data; } else { throw new \Exception("连接数据库失败,请检查您的数据库连接配置!"); } } } } } else { throw new \Exception("数据库连接参数inf_url不详细!"); } } else { throw new \Exception("请指定连接属性!"); } }
public function pcSyncAction() { $res = $this->get("request"); $auth = $res->get("authcode"); $interviewee = $res->get("interviewee"); //$paras = explode(",", trim(DES::decrypt($interviewee))); if ($auth == null || $auth == "") { $this->get("logger")->err("=====pcSyncAction Error:authcode为空!"); return $this->render('JustsyBaseBundle:Account:pcsync_error.html.twig'); //$this->redirect($this->generateUrl('JustsyBaseBundle_login')); } try { $auth = trim(DES::decrypt($auth)); //解密参数串 $paras = explode(",", trim(DES::decrypt($interviewee))); //授权码已过期 $lng = time() - (int) $auth; if ($lng > 30 || $lng < 0) { $this->get("logger")->err("=====pcSyncAction Error:授权码已过期!"); return $this->render('JustsyBaseBundle:Account:pcsync_error.html.twig'); //$this->redirect($this->generateUrl('JustsyBaseBundle_login')); } } catch (\Exception $e) { $this->get("logger")->err($e); return $this->render('JustsyBaseBundle:Account:pcsync_error.html.twig'); //$this->redirect($this->generateUrl('JustsyBaseBundle_login')); } try { if (count($paras) != 2 && count($paras) != 1) { $this->get("logger")->err("=====pcSyncAction Error:参数{$paras不正确!}"); return $this->render('JustsyBaseBundle:Account:pcsync_error.html.twig'); //$this->redirect($this->generateUrl('JustsyBaseBundle_login')); } $ec = new \Justsy\BaseBundle\Controller\PersonalHomeController(); $ec->setContainer($this->container); //通过openID获取用户信息 $user = $ec->loadUserByUsername($paras[0]); if ($user == null) { $this->get("logger")->err("=====pcSyncAction Error:{$paras用户信息未找到!}"); return $this->render('JustsyBaseBundle:Account:pcsync_error.html.twig'); //$this->redirect($this->generateUrl('JustsyBaseBundle_login')); } $network_domain = $user->edomain; //登记seesion $token = new UsernamePasswordToken($user, $user->getPassword(), "secured_area", $user->getRoles()); $this->get("security.context")->setToken($token); $session = $res->getSession()->set('_security_' . 'secured_area', serialize($token)); $event = new InteractiveLoginEvent($this->get("request"), $token); $this->get("event_dispatcher")->dispatch("security.interactive_login", $event); $account = ""; if (count($paras) == 1) { $photo_url = $this->container->getParameter('FILE_WEBSERVER_URL') . $user->photo_path_big; $account = $user->getUsername(); $list["account"] = $account; $list["name"] = $user->nick_name; $list["deptid"] = $user->dept_id; $list["deptname"] = $user->dept_name; $list["birthday"] = $user->birthday; $list["year"] = date('Y', strtotime($user->birthday)); $list["month"] = date('n', strtotime($user->birthday)); $list["day"] = date('j', strtotime($user->birthday)); $list["birthday"] = $list["year"] . "年" . $list["month"] . "月" . $list["day"] . "日"; $list["work_phone"] = $user->work_phone; $list["mobile"] = $user->mobile; $list["duty"] = $user->duty; $list["sex_id"] = empty($user->sex_id) ? "" : $user->sex_id; $list["isself"] = "1"; } else { $user = $ec->getUserInfo($paras[1]); $user = $user["we_staff"]["rows"][0]; $photo_url = $this->container->getParameter('FILE_WEBSERVER_URL') . $user["photo_path_big"]; $account = $user["login_account"]; $list["account"] = $account; $list["name"] = $user["nick_name"]; $list["deptid"] = $user["dept_id"]; $list["deptname"] = $user["dept_name"]; $list["birthday"] = $user["birthday"]; $list["year"] = date('Y', strtotime($list["birthday"])); $list["month"] = date('n', strtotime($list["birthday"])); $list["day"] = date('j', strtotime($list["birthday"])); $list["birthday"] = $list["year"] . "年" . $list["month"] . "月" . $list["day"] . "日"; $list["work_phone"] = $user["work_phone"]; $list["mobile"] = $user["mobile"]; $list["duty"] = $user["duty"]; $list["sex_id"] = empty($user["sex_id"]) ? "" : $user["sex_id"]; $list["isself"] = "0"; } $sql = "select a.mobile, a.mobile_bind,a.hometown,a.graduated,a.work_his,a.self_desc,a.specialty,a.hobby from we_staff a where a.login_account=?"; $params = array(); $params[] = $account; $da = $this->get("we_data_access"); $ds = $da->GetData("we_staff_mobile", $sql, $params); $ds = $ds["we_staff_mobile"]["rows"][0]; $list["mobile_bind"] = $ds["mobile_bind"]; $list["self_desc"] = $ds["self_desc"]; $list["hometown"] = $ds["hometown"]; $list["graduated"] = $ds["graduated"]; $list["work_his"] = $ds["work_his"]; $list["specialty"] = $ds["specialty"]; $list["hobby"] = $ds["hobby"]; $list["direct_manages"] = ""; $list["report_object"] = ""; $list["path"] = $photo_url; $list["msg"] = null; $list["curr_network_domain"] = $network_domain; $perBase = new \Justsy\BaseBundle\Controller\CPerBaseInfoController(); $perBase->setContainer($this->container); $list["InfoCompletePercent"] = $perBase->GetInfoCompletePercent($account); return $this->render('JustsyBaseBundle:Account:pcsync.html.twig', $list); } catch (\Exception $e) { $this->get("logger")->err($e); return $this->render('JustsyBaseBundle:Account:pcsync_error.html.twig'); //$this->redirect($this->generateUrl('JustsyBaseBundle_login')); } }
public function getJidAction() { $request = $this->getRequest(); $token = $request->get("access_token"); $openid = $request->get("openid"); $da = $this->get("we_data_access"); $re = array("s" => 0); //判断token是否还有效 $tokenR = $da->GetData("tken", "select access_token_expires,appid from we_app_oauth_sessions where access_token=? and userid=?", array((string) $token, (string) $openid)); if (count($tokenR["tken"]["rows"]) > 0) { $appid = $tokenR["tken"]["rows"][0]["appid"]; $table = $da->GetData("app", "select appkey from we_appcenter_apps where appid=? and state=1", array((string) $appid)); if (count($table["app"]["rows"]) == 0) { $re["msg"] = "10009"; $response = new Response($request->get('jsoncallback') ? $request->get('jsoncallback') . "(" . json_encode($re) . ");" : json_encode($re)); $response->headers->set('Content-Type', 'text/json'); return $response; } $appkey = $table["app"]["rows"][0]["appkey"]; $table = $da->GetData("staff", "select fafa_jid,t_code from we_staff where openid=?", array((string) $openid)); if (count($table["staff"]["rows"]) == 0) { $re["msg"] = "10008"; $response = new Response($request->get('jsoncallback') ? $request->get('jsoncallback') . "(" . json_encode($re) . ");" : json_encode($re)); $response->headers->set('Content-Type', 'text/json'); return $response; } $p = trim(DES::decrypt($table["staff"]["rows"][0]["t_code"])); //获取原始密码 $pk = str_pad(substr($p, 0, 8), "0"); //$p = DES::encrypt2($p,$pk); //重新使用当前应用的key加密,应用得到后需解密才能使用 $u = $table["staff"]["rows"][0]["fafa_jid"]; $uk = str_pad(substr($u, 0, 8), "0"); //$u = DES::encrypt2($u,$uk); $re = array("s" => 1, "qa" => $u, "xs" => $p); } $response = new Response($request->get('jsoncallback') ? $request->get('jsoncallback') . "(" . json_encode($re) . ");" : json_encode($re)); $response->headers->set('Content-Type', 'text/json'); return $response; }
public function getByDsid($user, $re, $parameters, $container) { if (isset($re["inf_url"]) && isset($re["req_user"]) && isset($re["req_pass"]) && isset($re["req_action"])) { $configure = json_decode($re["inf_url"], true); $data = array(); if (count($configure) > 1) { $charset = isset($configure["charset"]) && !empty($configure["charset"]) ? $configure["charset"] : "GBK"; $server = $configure["server"] . (isset($configure["port"]) && !empty($configure["port"]) ? $configure["port"] : "3306"); $dbname = $configure["dbname"]; $sql = $re["req_action"]; //判断服务器连接属性不允许为空 if (empty($server)) { throw new \Exception("请指定服务器地址!"); } else { if (empty($dbname)) { throw new \Exception("请指定数据库名称!"); } else { if (empty($sql)) { throw new \Exception("请求的SQL语句不允许为空!"); } else { $uid = $re["req_user"]; $pwd = DES::decrypt($re["req_pass"]); $connectionInfo = array("UID" => $uid, "PWD" => $pwd, "Database" => $dbname); $conn = sqlsrv_connect($server, $connectionInfo); if ($conn) { $need_para = $re["inf_parameter"]; if (!empty($need_para) && is_string($need_para)) { $need_para = json_decode($need_para, true); } //如果有传入参数请,对传入参数的处理 if (strpos($sql, "@") !== false && !empty($need_para)) { $parameters = json_decode($parameters, true); //将json格式的参数转化为数组 foreach ($need_para as $key => $val) { $paraname = "@" . $key; if (isset($parameters[$key])) { $val = $parameters[$key]; } if ($paraname == "@pageno" || $paraname == "@pagesize") { $pagesize = isset($parameters["pagesize"]) ? $parameters["pagesize"] : $need_para["pagesize"]; $pageno = isset($parameters["pageno"]) ? $parameters["pageno"] : $need_para["pageno"]; //翻页参数处理 $limitstart = $pageno * $pagesize; $sql = preg_replace("/@pageno *\\* *@pagesize/is", $limitstart, $sql); } $sql = preg_replace("/" . $paraname . "/is", $val, $sql); } $sql = rtrim($sql, ";"); $sqls = explode(";", $sql); } else { $sqls = array($sql); } //执行有结果集的SQL语句 $table = sqlsrv_query($conn, $sql); if ($table === false) { throw new \Exception(json_encode(sqlsrv_errors())); } else { $data = array(); while ($row = sqlsrv_fetch_array($table, SQLSRV_FETCH_ASSOC)) { if ($charset != "UTF-8") { foreach ($row as $key => $value) { $row[$key] = iconv($charset, "UTF-8", $value); } } array_push($data, $row); } return array("returncode" => ReturnCode::$SUCCESS, "data" => $data, "msg" => ""); } } else { throw new \Exception(json_encode(sqlsrv_errors())); } } } } } else { throw new \Exception("请指定数据库连接详细参数!"); } } else { throw new \Exception("请指定数据库连接详细参数!"); } }
public function changeLoginAccount($newAccount, $factory) { $oldUser = $this->getInfo(); //原用户信息 $jid = $oldUser["fafa_jid"]; $t_code = $oldUser["t_code"]; $ldap_uid = $oldUser["ldap_uid"]; $pass = DES::decrypt($t_code); if (!strpos($newAccount, "@")) { $domain = $this->container->getParameter('edomain'); $ldap_uid = $newAccount; $newAccount .= "@" . $domain; } $user = new \Justsy\BaseBundle\Login\UserSession($newAccount, $pass, $newAccount, array("ROLE_USER")); $encoder = $factory->getEncoder($user); $micro_password = $encoder->encodePassword($pass, $newAccount); $sql = "update we_staff set password=?,t_code=?,ldap_uid=? where login_account=?"; $paras = array((string) $micro_password, (string) $t_code, (string) $ldap_uid, (string) $this->account); $result = array(); try { $dataexec = $this->conn->ExecSQL($sql, $paras); //更新帐号 $this->conn->ExecSQL("call p_change_login_account(?,?)", array((string) $this->account, (string) $newAccount)); //刷新缓存 $this->getInfo(true); $result = Utils::WrapResultOK(""); } catch (\Exception $e) { $result = Utils::WrapResultError($e->getMessage()); } return $result; }
$network_domain = $request->get("network_domain"); $group_id = (string) SysSeq::GetSeqNextValue($da, "we_groups", "group_id"); $sqls = array("insert into we_groups(group_id,circle_id,group_name,group_desc,group_photo_path,join_method,create_staff,create_date)value(?,?,?,?,?,?,?,now())", "insert into we_group_staff(group_id,login_account)values(?,?)"); $paras = array(array((string) $group_id, (string) $user->get_circle_id($network_domain), (string) $request->get("txtname"), (string) $request->get("txtdesc"), (string) $fileid == "" ? null : $fileid, (string) $request->get("radjoin"), (string) $user->getUsername()), array((string) $group_id, (string) $user->getUsername())); } else { $sqls = "update we_groups set group_name=?,group_desc=?,group_photo_path=?,join_method=? where group_id=?"; $sqls_im = "update im_group set groupname=?,groupdesc=?,join_method=? where groupid=?"; $paras = array((string) $request->get("txtname"), (string) $request->get("txtdesc"), (string) $fileid == "" ? null : $fileid, (string) $request->get("radjoin"), (string) $groupid); $paras_im = array((string) $request->get("txtname"), (string) $request->get("txtdesc"), (string) $request->get("radjoin"), (string) $groupid); } try { if ($groupid == 0) { $da->ExecSQLs($sqls, $paras); } else { $da->ExecSQL($sqls, $paras); $da_im->ExecSQL($sqls_im, $paras_im); } return $this->redirect($this->generateUrl("JustsyBaseBundle_group")); } catch (Exception $e) { return $this->render('JustsyBaseBundle:login:index.html.twig', array('name' => 'err')); } } //指定群的最新动态列表。专门为PC端提供 //参数data:由openid,groupid组成 public function trendListForPCAction() { $res = $this->get("request"); $auth = $res->get("authcode"); $paras = $res->get("data"); if ($auth == null || $auth == "") { $this->get("logger")->err("=====pcSyncAction Error:authcode为空!"); return $this->render('JustsyBaseBundle:Group:pcsync_error.html.twig'); //$this->redirect($this->generateUrl('JustsyBaseBundle_login')); } //$paras = explode(",", trim(DES::decrypt($paras))); try { $auth = trim(DES::decrypt($auth)); //解密参数串 $paras = explode(",", trim(DES::decrypt($paras))); //授权码已过期 $lng = time() - (int) $auth; if ($lng > 30 || $lng < 0) { $this->get("logger")->err("=====pcSyncAction Error:授权码已过期!"); return $this->render('JustsyBaseBundle:Group:pcsync_error.html.twig'); //$this->redirect($this->generateUrl('JustsyBaseBundle_login')); } } catch (\Exception $e) { $this->get("logger")->err($e); return $this->render('JustsyBaseBundle:Group:pcsync_error.html.twig'); //$this->redirect($this->generateUrl('JustsyBaseBundle_login')); } try { if (count($paras) != 2) { $this->get("logger")->err("=====pcSyncAction Error:参数{$paras不正确!}"); return $this->render('JustsyBaseBundle:Group:pcsync_error.html.twig'); //$this->redirect($this->generateUrl('JustsyBaseBundle_login')); } $ec = new \Justsy\BaseBundle\Controller\PersonalHomeController(); $ec->setContainer($this->container); //通过openID获取用户信息 $user = $ec->loadUserByUsername($paras[0]); if ($user == null) { $this->get("logger")->err("=====pcSyncAction Error:{$paras用户信息未找到!}"); return $this->render('JustsyBaseBundle:Group:pcsync_error.html.twig'); //$this->redirect($this->generateUrl('JustsyBaseBundle_login')); } //登记seesion $token = new UsernamePasswordToken($user, $user->getPassword(), "secured_area", $user->getRoles()); $this->get("security.context")->setToken($token); $session = $res->getSession()->set('_security_' . 'secured_area', serialize($token)); $event = new InteractiveLoginEvent($this->get("request"), $token); $this->get("event_dispatcher")->dispatch("security.interactive_login", $event); $photo_url = $this->container->getParameter('FILE_WEBSERVER_URL') . $user->photo_path_small;
public function refuseJoinAction() { $para = $this->getRequest()->get('para'); $paraArr = explode(",", trim(DES::decrypt($para))); $da = $this->get("we_data_access"); $user = $this->get('security.context')->getToken()->getUser(); //检查帐号是否存在 $sql = "select eno from we_staff where login_account=?"; $ds = $da->GetData('we_staff', $sql, array((string) $paraArr[1])); if (!$ds || $ds['we_staff']['recordcount'] == 0) { return new Response("0"); } $eno = $ds['we_staff']['rows'][0]['eno']; $sql = "select count(1) as cnt from we_circle_staff where circle_id=? and login_account=?"; $ds = $da->GetData('we_circle_staff', $sql, array((string) $paraArr[0], (string) $paraArr[1])); if ($ds && $ds['we_circle_staff']['rows'][0]['cnt'] > 0) { return new Response("0"); } else { $txt = "您加入圈子【" . $paraArr[3] . "】的请求被拒绝了!"; $msgId = SysSeq::GetSeqNextValue($da, "we_message", "msg_id"); $sql = "insert into we_message(msg_id,sender,recver,send_date,title,content)values(?,?,?,now(),?,?)"; $param = array((int) $msgId, (string) $user->getUserName(), (string) $paraArr[1], "申请加入圈子被拒绝", $txt); $da->ExecSQL($sql, $param); $apply = new \Justsy\BaseBundle\Management\ApplyMgr($da, null); $apply->SetCircleApplyInvalid($paraArr[1], $paraArr[0]); //发送即时消息通知申请人 $im_sender = $this->container->getParameter('im_sender'); $message = $txt; Utils::sendImMessage($im_sender, $paraArr[1], "圈子消息", $message, $this->container, "", "", true, Utils::$systemmessage_code); return new Response("1"); } }
public function agreeJoinCircleAction($para) { if (empty($para)) { return $this->render('JustsyBaseBundle:Error:index.html.twig', array('error' => '参数错误!')); } $da = $this->get('we_data_access'); $res = $this->get('request'); $urlSource = $res->get("_urlSource"); //获取操作源。FaFaWin:从PC客户端操作的 //受邀人员帐号,圈子id,邀请人帐号 $paraArr = explode(",", trim(DES::decrypt($para))); //是否有帐号 $sql = "select nick_name,fafa_jid from we_staff where login_account=?"; $ds = $da->GetData("we_staff", $sql, array((string) $paraArr[0])); if (!$ds || $ds['we_staff']['recordcount'] == 0) { if (empty($urlSource)) { return $this->render('JustsyBaseBundle:Error:index.html.twig', array('error' => '您还没有微发发帐号,请先注册!')); } else { $response = new Response("{\"succeed\":0,\"msg\":\"您还没有微发发帐号,请先注册!\"}"); $response->headers->set('Content-Type', 'text/json'); return $response; } } //判断是否是邀请加入人脉圈子,则在互相关注 if ($paraArr[1] == "9999") { //互相添加好友 $staffMgr = new \Justsy\BaseBundle\Management\Staff($da, $this->get('we_data_access_im'), $paraArr[2], $this->get("logger")); try { $staffMgr->attentionTo($paraArr[0]); } catch (\Exception $e) { } try { $staffMgr->attentionMe($paraArr[0]); } catch (\Exception $e) { } try { $staffMgr->bothAddFriend($this->container, $paraArr[0]); } catch (\Exception $e) { } $response = new Response("{\"succeed\":1,\"name\":\"人脉圈\",\"circleurl\":\"" . $this->generateUrl("JustsyBaseBundle_enterprise", array('network_domain' => "9999"), true) . "\"}"); $response->headers->set('Content-Type', 'text/json'); return $response; } $nick_name = $ds['we_staff']['rows'][0]['nick_name']; $fafa_jid = $ds['we_staff']['rows'][0]['fafa_jid']; //圈子是否存在 $sql = "select network_domain,circle_name,fafa_groupid from we_circle where circle_id=?"; $ds = $da->GetData("we_circle", $sql, array((string) $paraArr[1])); if (!$ds || $ds['we_circle']['recordcount'] == 0) { if (empty($urlSource)) { return $this->render('JustsyBaseBundle:Error:index.html.twig', array('error' => '您要加入的圈子不存在!')); } else { $response = new Response("{\"succeed\":0,\"msg\":\"您要加入的圈子不存在!\"}"); $response->headers->set('Content-Type', 'text/json'); return $response; } } $fafa_groupid = $ds['we_circle']['rows'][0]['fafa_groupid']; $network_domain = $ds['we_circle']['rows'][0]['network_domain']; $circle_name = $ds['we_circle']['rows'][0]['circle_name']; //是否已经加入圈子 $sql = "select count(1) cnt from we_circle_staff where login_account=? and circle_id=?"; $ds = $da->GetData("cnt", $sql, array((string) $paraArr[0], (string) $paraArr[1])); if ($ds && $ds['cnt']['rows'][0]['cnt'] > 0) { if (empty($urlSource)) { return $this->render('JustsyBaseBundle:Error:index.html.twig', array('error' => '您已经加入该圈子!')); } else { $response = new Response("{\"succeed\":0,\"msg\":\"您已经加入该圈子!\"}"); $response->headers->set('Content-Type', 'text/json'); return $response; } } //圈子id+nick_name不能重复 $sql = "select count(1) cnt from we_circle_staff where circle_id=? and nick_name=?"; $ds = $da->GetData("cnt", $sql, array((string) $paraArr[1], (string) $nick_name)); if ($ds && $ds['cnt']['rows'][0]['cnt'] > 0) { $user = $this->get('security.context')->getToken()->getUser(); $nick_name = $nick_name . "(" . $user->eshortname . ")"; } //判断圈子是否有人 $sql = "select count(1) as cnt from we_circle_staff where circle_id=?"; $ds = $da->GetData('we_circle_staff', $sql, array((string) $paraArr[1])); if ($ds && $ds['we_circle_staff']['rows'][0]['cnt'] == 0) { $sql = "update we_circle set create_staff=? where circle_id=?"; $da->ExecSQL($sql, array((string) $paraArr[0], (string) $paraArr[1])); } $sql = "insert into we_circle_staff (circle_id,login_account,nick_name) values (?,?,?)"; $da->ExecSQL($sql, array((string) $paraArr[1], (string) $paraArr[0], (string) $nick_name)); //更新邀请信息 $sql = "update we_invite set real_active_email=?,active_date=now() where invite_send_email=? and invite_recv_email=? and eno=?"; $da->ExecSQL($sql, array((string) $paraArr[0], (string) $paraArr[2], (string) $paraArr[0], (string) ("c" . $paraArr[1]))); //10-加入外部圈子-5 $sql = "insert into we_staff_points (login_account,point_type,point_desc,point,point_date) values (?,?,?,?,now())"; $da->ExecSQL($sql, array((string) $paraArr[0], (string) '10', (string) '成功加入外部圈子' . $circle_name . ',获得积分5', (int) 5)); $apply = new \Justsy\BaseBundle\Management\ApplyMgr($da, null); $apply->SetCircleApplyInvalid($paraArr[0], $paraArr[1]); //发送即时消息通知申请人及成员 $circleObj = new \Justsy\BaseBundle\Controller\CircleController(); $circleObj->setContainer($this->container); $message = Utils::makeHTMLElementTag('employee', $fafa_jid, $nick_name) . "加入了圈子【" . Utils::makeHTMLElementTag('circle', $fafa_groupid, $circle_name) . "】"; $circleObj->sendPresenceCirlce($paraArr[1], "circle_addmember", $message); $backurl = $this->generateUrl("JustsyBaseBundle_enterprise", array('network_domain' => $paraArr[0]), true); if (empty($urlSource)) { return $this->render('JustsyBaseBundle:Error:success.html.twig', array('backurl' => $backurl)); } else { $response = new Response("{\"succeed\":1,\"name\":\"" . $circle_name . "\",\"circleurl\":\"" . $backurl . "\"}"); $response->headers->set('Content-Type', 'text/json'); return $response; } }
public static function tokenAction($container, $con, $appid, $code, $encrypt) { $app = new \Justsy\BaseBundle\Management\App($container->container); $stat_v = explode(",", $appid); $appid = $stat_v[0]; $openid = $stat_v[1]; $isLogin = null; if (strpos($appid, "SSO_") !== false) { $isLogin = $appid; //新浪微博集成登录 //获取微博对应的业务系统认证配置 $syspara = new \Justsy\BaseBundle\DataAccess\SysParam($container); $appid = $syspara->GetSysParam(strtolower($appid) . "_appid"); if (empty($appid)) { $resp = new Response("未配置微博业务系统或参数sso_sina_appid"); $resp->headers->set('Content-Type', 'text/html'); return $resp; } $appdata = $app->getbussysteminfo(array("appid" => $appid)); $appid = $isLogin; //把appid还原成sso集成登录标识 } else { if (strpos($appid, "SYS_") !== false) { //业务系统直接对接 $appdata = $app->getbussysteminfo(array("appid" => substr($appid, 4))); } else { $appdata = $app->getappinfo(array("appid" => $appid)); } } if (empty($appdata)) { return "无效的APPID"; } $token_url = $appdata["token_url"]; if (empty($token_url)) { return "无效的配置:令牌获取地址无效"; } $token_method = $appdata["token_method"]; $token_method = empty($token_method) ? "POST" : $token_method; $auth_url = $token_url; $para_name = $appdata["redirecturl_para_name"]; if (empty($para_name)) { $para_name = "redirect_uri"; } $paraString = ""; if (empty($code)) { $paraString .= "grant_type=client_credentials&" . $para_name . "=" . $appdata["redirection_url"]; } else { $paraString .= "grant_type=authorization_code&" . $para_name . "=" . $appdata["redirection_url"]; } $para_name = $appdata["clientid_para_name"]; if (empty($para_name)) { $para_name = "client_id"; } $paraString .= "&" . $para_name . "=" . $appdata["clientid"]; $para_name = $appdata["clientkey_para_name"]; if (empty($para_name)) { $para_name = "client_secret"; } $paraString .= "&" . $para_name . "=" . $appdata["clientkey"]; $paraString .= "&code=" . $code; $paraString .= "&state=" . $appid . "," . $openid; $container->get("logger")->err($auth_url . " -- " . $paraString); if (strtoupper($token_method) == "POST") { $token = Utils::do_post_request($auth_url, $paraString); } else { $token = Utils::do_post_request($auth_url . "?" . $paraString, null); } $container->get("logger")->err("token value:" . $token); $retuenAry = array(); if (substr($token, 0, 1) == "{") { $retuenAry = json_decode($token, true); } else { $rv = explode("&", $token); for ($i = 0; $i < count($rv); $i++) { $rv_i = explode("=", $rv[$i]); $retuenAry[$rv_i[0]] = preg_replace("/'/is", "", $rv_i[1]); } } $result = array("returncode" => "0000", "data" => null); $para_name = $appdata["token_para_name"]; if (empty($para_name)) { $para_name = "access_token"; } if (isset($retuenAry[$para_name])) { $retuenAry[$appdata["clientid_para_name"]] = $appdata["clientid"]; $retuenAry[$appdata["clientkey_para_name"]] = $appdata["clientkey"]; $result["returncode"] = "0000"; $retuenAry[$appdata["token_para_name"]] = $retuenAry[$para_name]; $app->setappsession(array("session" => $retuenAry, "openid" => $openid, "appid" => $appid)); } else { $result["returncode"] = "9999"; } $result["data"] = $retuenAry; if (!empty($isLogin)) { if (strpos($isLogin, "SSO_") !== false) { if ($isLogin == "SSO_SINA") { $uid = $retuenAry["uid"]; } else { if ($isLogin == "SSO_WECHAT") { $uid = $retuenAry["openid"]; } } //判断并注册用户 $staffobj = new \Justsy\BaseBundle\Management\Staff($container->get("we_data_access"), $container->get("we_data_access_im"), $uid, null, $container->container); $re = $staffobj->createstaff(array("password" => rand(100000, 999999), "eno" => Utils::$PUBLIC_ENO, "nick_name" => $uid, "ldap_uid" => $uid, "account" => "")); $re["data"]["des"] = DES::decrypt($re["data"]["t_code"]); } return self::responseLoginJson(json_encode($re)); } else { if (strpos($appid, "SYS_") !== false) { return self::responseJsonStr(json_encode($result)); } else { return self::responseJson(json_encode($result)); } } }
public function releaseTogetherAttentionAction($attenaccount) { $da = $this->get('we_data_access'); $paras = explode(",", DES::decrypt($attenaccount)); if (count($paras) != 2) { return new Response("{\"succeed\":0,\"msg\":\"parameter error\"}"); } $sql = "select (select login_account from we_staff where fafa_jid=?) account1,(select login_account from we_staff where fafa_jid=?) account2"; $dataset = $da->GetData("accounts", $sql, array((string) $paras[0], (string) $paras[1])); if (empty($dataset) || $dataset["accounts"]["recordcount"] == 0) { return new Response("{\"succeed\":1}"); } $isme = $dataset["accounts"]["rows"][0]["account1"]; $attenaccount = $dataset["accounts"]["rows"][0]["account2"]; $da = $this->get('we_data_access'); $attention_type = '01'; //关注人员 $sqls = array("delete from we_staff_atten where login_account=? and atten_type=? and atten_id=?", "delete from we_staff_atten where login_account=? and atten_type=? and atten_id=?"); $para = array(); $para[] = array((string) $isme, (string) $attention_type, (string) $attenaccount); $para[] = array((string) $attenaccount, (string) $attention_type, (string) $isme); $da->ExecSQLs($sqls, $para); $response = new Response("{\"succeed\":1,\"both\":0}"); $response->headers->set('Content-Type', 'text/json'); return $response; }
public static function bindAction($controller, $con, $appid, $openid, $params) { $re = array("returncode" => "0000"); try { $bindinfo = $params->get("auth"); $bindinfo = explode(",", $bindinfo); $bind_uid = $bindinfo[0]; $authkey = count($bindinfo) == 1 ? "" : DES::encrypt($bindinfo[1]); $app = new \Justsy\BaseBundle\Management\App($controller->container); $appdata = $app->getappinfo(array("appid" => $appid)); //获取应用信息 //自动身份认证 $cookie_key = self::$bind_type . "_" . $openid; $loginUrl = $appdata["authorization_url"]; if (!empty($loginUrl)) { $authResult = Utils::do_get_request_cookie($loginUrl . "&" . http_build_query(array("uid" => $bind_uid, "upwd" => md5(DES::decrypt($authkey)))), null, null, $cookie_key); $authResult = json_decode($authResult, true); if (!isset($authResult["islogin"]) || $authResult["islogin"] != "1") { return $controller->render("JustsyBaseBundle:AppCenter:h5bundle.html.twig", array('appid' => $appid, 'openid' => $openid, 'errormsg' => '绑定的帐号或密码不正确', 'ssomodule' => self::$bind_type . "Controller")); } } $app->setappbind(array("appid" => $appid, "openid" => $openid, "bind_type" => self::$bind_type, "bind_uid" => $bind_uid, "authkey" => $authkey)); } catch (\Exception $e) { $response = new Response($e->getMessage()); $response->headers->set('Content-Type', 'text/html'); return $response; } return self::responseJson(json_encode($re)); }
public function loadUserByUsername($username) { $dataset = $this->getUserInfo($username); $DataAccess = $this->get('we_data_access'); if ($dataset && $dataset["we_staff"]["recordcount"] > 0) { $we_staff_row = $dataset["we_staff"]["rows"][0]; $password = $we_staff_row['password']; $salt = $we_staff_row['login_account']; $roles = array('ROLE_USER'); $sqls = array(); $params = array(); //获取用户角色和对应功能点数据 $sqls[] = "select DISTINCT d.`code`,d.`name`\n\t from we_staff_role a ,we_role b, we_role_function c,we_function d \n\t\t\twhere a.roleid=b.id and b.id=c.roleid and c.functionid=d.id and a.staff=? ;"; //获取用户角色 $sqls[] = "select DISTINCT b.name,b.code from we_staff_role a,we_role b where a.roleid=b.id and a.staff=?"; $params[] = array((string) $salt); $params[] = array((string) $salt); $ds = $DataAccess->GetDatas(array("we_function", "we_role"), $sqls, $params); $us = new UserSession($we_staff_row['login_account'], $password, $salt, $roles); $us->nick_name = $we_staff_row['nick_name']; //$us->identify = $we_staff_row['identify']; $us->photo_path = $we_staff_row['photo_path']; $us->photo_path_small = $we_staff_row['photo_path_small']; $us->photo_path_big = $we_staff_row['photo_path_big']; $us->dept_id = $we_staff_row['dept_id']; $us->dept_name = $we_staff_row['dept_name']; $us->dept_name = $us->dept_name == null ? "[未设置部门]" : $us->dept_name; $us->eno = $we_staff_row['eno']; $us->fafa_jid = $we_staff_row['fafa_jid']; $us->duty = $we_staff_row['duty']; $us->work_phone = $we_staff_row['work_phone']; $us->mobile = $we_staff_row['mobile']; $us->birthday = $we_staff_row['birthday']; $us->sex_id = $we_staff_row['sex_id']; $us->openid = $we_staff_row['openid']; $us->t_code = trim(DES::decrypt($we_staff_row['t_code'])); $us->edomain = $we_staff_row['edomain']; $us->ename = $we_staff_row['ename']; $us->eshortname = $we_staff_row['eshortname']; $us->total_point = $we_staff_row['total_point']; $us->level = \Justsy\BaseBundle\Common\ExperienceLevel::getLevel($us->total_point); $us->vip_level = empty($we_staff_row['vip_level']) ? '1' : $we_staff_row['vip_level']; $us->auth_level = empty($we_staff_row['auth_level']) ? 'J' : $we_staff_row['auth_level']; if ($us->auth_level != 'S') { $us->vip_level = $us->level; } $us->eno_level = $we_staff_row['eno_level']; $us->we_level = $we_staff_row['we_level']; foreach ($dataset["we_circle"]["rows"] as &$row) { $us->circle_ids[] = $row['circle_id']; $us->circle_names[] = $row['circle_name']; $us->network_domains[] = $row['network_domain']; $us->circle_logo_path_small[] = $row['logo_path_small']; } $us->manager_circles = $this->get_manager_circles($we_staff_row['login_account']); foreach ($ds["we_function"]["rows"] as &$row) { $us->function_names[] = $row['name']; $us->function_codes[] = $row['code']; $us->function_array[] = array("name" => $row['name'], "code" => $row['code']); } foreach ($ds["we_role"]["rows"] as &$row) { $us->role_names[] = $row['name']; $us->role_codes[] = $row['code']; $us->role_array[] = array("name" => $row['name'], "code" => $row['code']); } return $us; } else { return null; } }
public function resetPwdAction($para) { $da = $this->get('we_data_access'); $state = 1; try { $arr = explode(",", trim(DES::decrypt($para))); $sql = "select count(1) as cnt from we_retrieve_password where id=? and login_account=? \n\t and now()<valid_date and valid='1'"; $ds = $da->GetData('we_retrieve_password', $sql, array((string) $arr[1], (string) $arr[0])); if (!$ds || $ds['we_retrieve_password']['rows'][0]['cnt'] == 0) { $state = 0; } return $this->render('JustsyBaseBundle:Register:retrieve_pwd_modify.html.twig', array('login_account' => $arr[0], 'id' => $arr[1], 'state' => $state)); } catch (\Exception $e) { return $this->render('JustsyBaseBundle:Register:retrieve_pwd_modify.html.twig', array('login_account' => '', 'id' => '', 'state' => 0)); } }