public function before($context) { $session = SessionDefault::singleton(); if (false == $session->IsLogin) { throw new BizException('你没有权限访问'); } $privilege = PrivilegeClient::getInstance()->getByUserName($session->UserName); if ($privilege->isNull()) { die("<font color='color'>你没有权限访问!</font><!-- privilegeinterceptor -->"); } $controller = $context->controller; $action = $context->action; $privValue = ''; if (isset(self::$AclMap[$controller])) { if (isset(self::$AclMap[$controller][$action]) == false) { $action = 'readaction'; } $privValue = self::$AclMap[$controller][$action]; } if ($privValue != '' && ($privilege->value & $privValue) == false) { echo "<font color='red'>你没有本模块的写权限</font>"; echo '<!--'; printf('%b | %b', $privilege->value, $privValue); echo '-->'; exit; } $context->response->privilege = $privilege; }
public function before($context) { $session = SessionDefault::singleton(); $privilege = PrivilegeClient::getInstance()->getByUserName($session->UserName); if ((Privilege::PRV_CALL_DOCTOR & $privilege->value) == false) { die("<font color='color'>你没有权限访问!</font><!-- calldoctorinterceptor -->"); } }
public function update($request, $response) { /*{{{*/ $ids = DAL::get()->find_id_by_doctorid('TelDoctorCommentIndex', $request->id); $resultAllIds = DAL::get()->queryTelInspectResultCntByStatus('TelInspectResult', $ids); $response->trueCnt = $resultAllIds['trueCnt']; $response->falseCnt = $resultAllIds['falseCnt']; $response->cheatCnt = $resultAllIds['cheatCnt']; $response->notFindCnt = $resultAllIds['notFindCnt']; $response->unDefineCnt = $resultAllIds['unDefineCnt']; $response->privilege = PrivilegeClient::getInstance()->getByUserName($this->curOperatorUser->name); $response->title = '点评医生列表编辑'; $response->commentDoctor = DAL::get()->find('commentdoctorext', $request->id); $response->goodCnts = DAL::get()->queryCntOfCommentDoctorIds('doctorcomment', array($request->id)); $response->trashCnts = DAL::get()->query_cnt_of_doctorIds('TrashDoctorCommentIndex', array($request->id)); }
public function showUserDetail($request, $response) { $id = $request->id; $user = DAL::get()->find('user', $id); $session = SessionDefault::singleton(); $privilege = PrivilegeClient::getInstance()->getByUserName($session->UserName); //todo: //是否允许操作者查看用户手机 //这个suck的功能不知道谁加的,暂时这样,以后要使用权限控制 --by ysq $response->allowMobile = false; if ('QAZfjewof98@wweduiny' == $request->key) { $response->allowMobile = true; } $response->user = $user; $response->privilege = $privilege; $response->msg = $request->msg; if (DoctorComment::hasRightToUpdateUserContent($this->inspector->id)) { $response->logLists = S3LogClient::getInstance()->getLogList($user, false); } }
public function auth($request, $response) { /*{{{*/ $userName = $request->field1; $password = $request->field4; $userToken = $request->bk2; if (false == empty($userName) && false == empty($password)) { $user = UserClient::getInstance()->checkPassword($userName, $password); if ($user->isNull()) { echo "系统错误,请联系技术人员!!!!"; exit; } else { if (false == isset($_COOKIE['bk']) || $userToken != $_COOKIE['bk']) { if (@setcookie('bk', $userToken, 0, '/', 'haodf.com')) { $_COOKIE['bk'] = $userToken; } } $ip = RequestDelegate::getIp(); PrivilegeClient::getInstance()->bindUser($user->id, $userToken, $ip); echo "成功"; exit; } } }
require __DIR__ . '/../assembly.php'; include __DIR__ . '/../mywebapp.php'; EnvSetupHelper::initForWeb(__DIR__ . '/..'); if (false == BackYardAuth::authAdmin4Interceptor()) { echo '系统错误,请联系技术人员!!!'; exit; } ?> <?php $userId = UserClient::getInstance()->getCheckedSeed('id'); $user = DAL::get()->find('user', $userId); $priv = ''; if ($user instanceof User) { $privs = PrivilegeClient::getInstance()->getByUserName($user->name); if ($privs instanceof Privilege) { $priv = $privs->value; } } if (!$priv) { die("权限不够"); } ?> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=gb2312" /> <title>目录</title> <link href="css/admin.css" rel="stylesheet" type="text/css" /> <style type="text/css">
public function remarkList($request, $response) { $s1 = $request->getRequest('s1'); $s2 = $request->getRequest('s2'); $s3 = $request->getRequest('s3'); $s4 = $request->getRequest('s4'); $nowPage = $request->getRequest('page') ? $request->getRequest('page') : 1; $session = SessionDefault::singleton(); $privilege = PrivilegeClient::getInstance()->getByUserName($session->UserName); $options = array('s1' => $s1, 's2' => $s2, 's3' => $s3, 's4' => $s4, 'privProvince' => $privilege->doctorDistrict); $userList = UserClient::getInstance()->getUserListOfAdmin($nowPage, 50, $options); $pageLink = PageNav::getNavLink(PageNav::getPageNavTemplate("/space/remarklist?s1=" . $s1 . "&s2=" . $s2 . "&s3=" . $s3 . "&s4=" . $s4 . "&page="), $userList['pageInfo']['nowpage'], $userList['pageInfo']['pagesize'], $userList['pageInfo']['total']); $response->userList = isset($userList['info']) ? $userList['info'] : array(); $response->pageLink = $pageLink; $response->totalrecords = isset($userList['pageInfo']['total']) ? $userList['pageInfo']['total'] : 0; $response->s1 = $s1; $response->s2 = $s2; }
public function showOneDetail($request, $response) { /*{{{*/ $doctorComment = null; $ticket = new NullEntity(); $doctorComment = DoctorCommentClient::getInstance()->getDoctorCommentSubClass($request->id); if ($request->msg == 'delete') { echo '此点评已经删除'; exit; } if ($doctorComment->isNull()) { echo '没有相关的点评数据'; exit; } $diseaseDoctorList = array(); if (!$doctorComment->doctor->isNull()) { $diseaseDoctorList = DiseaseDoctorClient::getInstance()->getDoctorExpertDisease($doctorComment->doctor->id, 10); } $jiaHaoStatus = ''; $userPhoneThreadList = ''; $doctor = DAL::get()->find('doctor', $doctorComment->doctor->id); if ($doctor->hasSpace()) { $spaceId = $doctor->space->id; if ($doctorComment->patientId) { $jiaHaoStatus = BookingClient::getInstance()->getPatientBookingStatus($doctorComment->patientId, $spaceId); $userPhoneThreadList = PaymentClient::getInstance()->getPatientSuccessServiceList($doctorComment->patientId, $spaceId); } } $session = SessionDefault::singleton(); $privilege = PrivilegeClient::getInstance()->getByUserName($session->UserName); $srcException = DAL::get()->queryException4Comment('doctorcomment', $doctorComment); $response->srcException = $srcException; $response->doctorComment = $doctorComment; $response->diseaseDoctorList = $diseaseDoctorList; $response->jiaHaoStatus = $jiaHaoStatus; $response->userPhoneThreadList = $userPhoneThreadList; $response->privilege = $privilege; $response->msg = $request->msg; $response->textInspectResult = DAL::get()->find_by_sourceid_and_sourcetype('DoctorCommentInspectResult', $doctorComment->id, get_class($doctorComment)); $readonlyContent = $doctorComment->getOriginalContent(); $sensContentArr = BeanFinder::get('ContentFilter')->getSensitiveWordsRecursive('comment', $readonlyContent); foreach ($sensContentArr as $sensContent) { $readonlyContent = str_replace($sensContent, "<span class='red'>{$sensContent}</span>", $readonlyContent); } $response->readonlyContent = $readonlyContent; $response->ticket = $ticket; }
public function deletePrivilegeById($request, $response) { /*{{{*/ $result = PrivilegeClient::getInstance()->delete($request->id); $response->result = $result; $response->actionDesc = "删除"; $response->id = $request->id; $response->_my_template = '/default/processmsg'; }