public function before($context) { $session = SessionDefault::singleton(); if (false == $session->IsLogin) { throw new BizException('你没有权限访问'); } $privilege = PrivilegeClient::getInstance()->getByUserName($session->UserName); if ($privilege->isNull()) { die("<font color='color'>你没有权限访问!</font><!-- privilegeinterceptor -->"); } $controller = $context->controller; $action = $context->action; $privValue = ''; if (isset(self::$AclMap[$controller])) { if (isset(self::$AclMap[$controller][$action]) == false) { $action = 'readaction'; } $privValue = self::$AclMap[$controller][$action]; } if ($privValue != '' && ($privilege->value & $privValue) == false) { echo "<font color='red'>你没有本模块的写权限</font>"; echo '<!--'; printf('%b | %b', $privilege->value, $privValue); echo '-->'; exit; } $context->response->privilege = $privilege; }
public function before($context) { $session = SessionDefault::singleton(); if (!in_array($session->UserName,self::$userAuditor)){ die("<font color='color'>你没有权限访问!</font>"); } }
public function before($context) { /*{{{*/ $curOperator = DAL::get()->find("TeleOperator", $context->request->getCookie('operator')); /** * 如果没有登录,调到登录页面 */ if ($curOperator->isNull()) { header('Location:http://' . URL_PREFIX . 'callcenter.haodf.com/operator/login'); exit; } $bk = $context->request->getCookie('bk'); $ip = RequestDelegate::getIp(); $session = SessionDefault::singleton(); /** * 网站用户已登录,而且允许在外网访问管理后台 * 或者 * 是超级管理员 * 可以在外放访问呼叫中心 */ if (false == RequestDelegate::isOfficeIp()) { if ($bk && isset($session->UserId) && BackYardAuth::authVerificationCode($bk, $session->UserId, $ip) || $curOperator->isSupperAdmin()) { } else { echo "本系统只允许在办公室内使用!"; exit; } } }
public function before($context) { $session = SessionDefault::singleton(); $privilege = PrivilegeClient::getInstance()->getByUserName($session->UserName); if ((Privilege::PRV_CALL_DOCTOR & $privilege->value) == false) { die("<font color='color'>你没有权限访问!</font><!-- calldoctorinterceptor -->"); } }
public function before($context) { /*{{{*/ $session = SessionDefault::singleton(); $user = DAL::get()->find('user', $session->UserId); if (false == in_array($user->name, self::$opsUserNames)) { exit('дЗц╩спх╗оч'); } }
public function before($context) { $session = SessionDefault::singleton(); $user = DAL::get()->mustFind('user', $session->UserId); $inspector = DAL::get()->find_actived('inspector', $user); if ($inspector->isNull() || false == $inspector->isActived()) { echo 'ÄãûÓÐȨÏÞ!!!'; exit; } }
public function before($context) {/*{{{*/ $session = SessionDefault::singleton(); $currentUrl = 'http://'.$_SERVER['SERVER_NAME'].$_SERVER["REQUEST_URI"]; if (false == $session->IsLogin) { header('Location:http://'.URL_PREFIX.'passport.haodf.com/user/login?forward='.urlencode($currentUrl)); exit; } $context->response->user = DAL::get()->find('user', $session->UserId); }/*}}}*/
public function before($context) {/*{{{*/ $session = SessionDefault::singleton(); //$session->UserId = 1013705; if (false == $session->IsLogin) { header('Location: /user/login'); exit; } $context->response->user = DAL::get()->find('user', $session->UserId); }/*}}}*/
public function before($context) { $session = SessionDefault::singleton(); //for debug //$session->UserId = 1013705; $auditors = AuditorClient::getInstance()->getByUserIds(array($session->UserId)); $auditor = isset($auditors[$session->UserId])?$auditors[$session->UserId]:false; if (false == $auditor || false==$this->checkAuth($auditor->role, $context->controller, $context->action)) throw new BizException('你没有权限访问'); $context->response->auditor = $auditor; $context->response->user = $auditor->user; }
public function before($context) {/*{{{*/ $tmpRequest = new Request(); $enhospitalId = $tmpRequest->hospitalId; $hospitalId = (int)Codec::getInstance()->decodeId($enhospitalId); $session = SessionDefault::singleton(); if (false == $session->IsLogin) { header("Location: http://".URL_PREFIX."publish.haodf.com/officialpublish/showadmin?hospitalId=$hospitalId"); exit; } $userId = $session->UserId; $publisher = DAL::get()->find_by_userId_and_hospitalId('HospitalPublisher',$userId,$hospitalId); if($publisher == null || $publisher->isNull()) { header("Location: http://".URL_PREFIX."publish.haodf.com/officialpublish/showadmin?hospitalId=$enhospitalId"); exit; } }/*}}}*/
public function showUserDetail($request, $response) { $id = $request->id; $user = DAL::get()->find('user', $id); $session = SessionDefault::singleton(); $privilege = PrivilegeClient::getInstance()->getByUserName($session->UserName); //todo: //是否允许操作者查看用户手机 //这个suck的功能不知道谁加的,暂时这样,以后要使用权限控制 --by ysq $response->allowMobile = false; if ('QAZfjewof98@wweduiny' == $request->key) { $response->allowMobile = true; } $response->user = $user; $response->privilege = $privilege; $response->msg = $request->msg; if (DoctorComment::hasRightToUpdateUserContent($this->inspector->id)) { $response->logLists = S3LogClient::getInstance()->getLogList($user, false); } }
public function after($context) { $oldData = $context->response->oldData; $newData = $context->response->newData; $action = $context->action; $session = SessionDefault::singleton(); //用来记录点评审核修改内容, if (!empty($oldData) && $newData != 'delete' && $newData != 'recover' && $newData != "back" && $newData != "content_audit_pass" && $newData != "content_audit_refuse") { $indexs = array_keys($oldData); $tab = $indexs[0]; unset($newData['summary']); unset($newData['ver']); $model = "Hdf_" . $tab; $id = $oldData[$tab]['id']; $data = array(); foreach ($newData as $key => $value) { if (isset($oldData[$tab][$key]) && $value != $oldData[$tab][$key]) { $data['from'][$key] = $oldData[$tab][$key]; $data['to'][$key] = $value; } else { $data['from'][$key] = ""; $data['to'][$key] = $value; } } LogClient::getInstance()->addLog($session->UserId, $session->UserName, $model, $id, $action, $data); } //用来记录点评操作记录 if (!empty($oldData) && ($newData == 'delete' || $newData == 'recover' || $newData == 'back' || $newData == "content_audit_pass" || $newData == "content_audit_refuse")) { $indexs = array_keys($oldData); $tab = $indexs[0]; $ids = $context->response->ids; $model = "Hdf_" . $tab; foreach ($ids as $id) { LogClient::getInstance()->addLog($session->UserId, $session->UserName, $model, $id, $newData, array()); } } }
public function before($context) {/*{{{*/ $session = SessionDefault::singleton(); $this->checkTester($session, $context); }/*}}}*/
private function recordLoginInfo($space) {/*{{{*/ $session = SessionDefault::singleton(); $configs = BeanFinder::get('configs'); $logdir = $configs->logDir; @file_put_contents($logdir.'/login/'.XIpLocation::getIp().'|'.$session->GuestId.'|'.$space->user->id.'.log', '+', FILE_APPEND); }/*}}}*/
public function before($context) { /*{{{*/ $session = SessionDefault::singleton(); $this->checkProjectOperator($session, $context); }
public function showOneDetail($request, $response) { /*{{{*/ $doctorComment = null; $ticket = new NullEntity(); $doctorComment = DoctorCommentClient::getInstance()->getDoctorCommentSubClass($request->id); if ($request->msg == 'delete') { echo '此点评已经删除'; exit; } if ($doctorComment->isNull()) { echo '没有相关的点评数据'; exit; } $diseaseDoctorList = array(); if (!$doctorComment->doctor->isNull()) { $diseaseDoctorList = DiseaseDoctorClient::getInstance()->getDoctorExpertDisease($doctorComment->doctor->id, 10); } $jiaHaoStatus = ''; $userPhoneThreadList = ''; $doctor = DAL::get()->find('doctor', $doctorComment->doctor->id); if ($doctor->hasSpace()) { $spaceId = $doctor->space->id; if ($doctorComment->patientId) { $jiaHaoStatus = BookingClient::getInstance()->getPatientBookingStatus($doctorComment->patientId, $spaceId); $userPhoneThreadList = PaymentClient::getInstance()->getPatientSuccessServiceList($doctorComment->patientId, $spaceId); } } $session = SessionDefault::singleton(); $privilege = PrivilegeClient::getInstance()->getByUserName($session->UserName); $srcException = DAL::get()->queryException4Comment('doctorcomment', $doctorComment); $response->srcException = $srcException; $response->doctorComment = $doctorComment; $response->diseaseDoctorList = $diseaseDoctorList; $response->jiaHaoStatus = $jiaHaoStatus; $response->userPhoneThreadList = $userPhoneThreadList; $response->privilege = $privilege; $response->msg = $request->msg; $response->textInspectResult = DAL::get()->find_by_sourceid_and_sourcetype('DoctorCommentInspectResult', $doctorComment->id, get_class($doctorComment)); $readonlyContent = $doctorComment->getOriginalContent(); $sensContentArr = BeanFinder::get('ContentFilter')->getSensitiveWordsRecursive('comment', $readonlyContent); foreach ($sensContentArr as $sensContent) { $readonlyContent = str_replace($sensContent, "<span class='red'>{$sensContent}</span>", $readonlyContent); } $response->readonlyContent = $readonlyContent; $response->ticket = $ticket; }
<?php $session = SessionDefault::singleton(); $user = DAL::get()->find('user', $session->UserId); $followupTitle = '随访服务条款'; $isOpenFollowup = false; if($user->isNull() == false) { $patientSignin = DAL::get()->find_by_userid('FollowupOwner', $user->id); if($patientSignin->isNull() == false && $patientSignin->isOpenFollowup()) { $followupTitle = '我同意并签属的随访服务条款'; $isOpenFollowup = true; } } $tab_left = isset($tab_left) ? $tab_left : ''; $tab_left_row = array( 'aboutus' => array('name' => '关于我们', 'link' => "/info/aboutus.php"), 'links' => array('name' => '友情链接', 'link' => "/info/links.php"), 'job' => array('name' => '招聘启事', 'link' => "/info/job.php"), 'copyrights' => array('name' => '版权声明', 'link' => "/info/copyrights.php"), 'hz' => array('name' => '合作方式', 'link' => "/info/hz.php"), 'suggestion' => array('name' => '意见和建议', 'link' => "/suggestion/suggestion"), 'contactus' => array('name' => '联系我们', 'link' => "/info/contactus.php"), 'eula' => array('name' => '内容管理声明', 'link' => "/info/eula.php"), 'eula_followup' => array('name' => $followupTitle, 'link' => "/info/eula_followup.php"), ); foreach($tab_left_row as $key=>$value){ ?> <table width="100%" border="0" cellspacing="0" cellpadding="0" class="bt">
protected function _log() { if ($this->_newSpace->activated == 0) return; $configs = BeanFinder::get('configs'); $logdir = $configs->logDir; //记录医生登录时间,IP及GUESTID(ADMIN账户代替操作时不记录时间) //$this->_newUser在admin登录情况下,取得是当前space的用户信息 //要判断是否医生本人登录,只能从登录信息中去取 //问题:现在的管理员仅指admin一个用户,而不是具有管理员角色的人 if ($this->_spaceIsLogin && false == $this->_adminIsLogin) { $session = SessionDefault::singleton(); @file_put_contents($logdir.'/login/'.XIpLocation::getIp().'|'.$session->GuestId.'|'.$this->_newSpace->user->id.'.log', '+', FILE_APPEND); } //此为记录仅供医生没有更新时查询日志使用 //记这么复杂就是为了寻找上面日志没有生成的原因 if ($this->_spaceIsLogin) { @file_put_contents('/tmp/spaceactioncronlogin_all_'.XDateTime::today()->getDate().'.log', $this->_newSpace->user->id."\n", FILE_APPEND); @file_put_contents('/tmp/spaceactioncronlogin_all_'.XDateTime::today()->getDate().'.log', XIpLocation::getIp().'|'.$session->GuestId.'|'.$this->_newSpace->user->id."\n", FILE_APPEND); } }
private function getUserFromSessionUserId() {/*{{{*/ $session = SessionDefault::singleton(); return DAL::get()->find('user', $session->UserId); }/*}}}*/
public function modifyadminphone($request, $response) {/*{{{*/ $session = SessionDefault::singleton(); if (false == $session->IsLogin) { header('Location:http://'.URL_PREFIX.'passport.haodf.com/user/login'); return parent::DIRECT_OUTPUT; } $user = DAL::get()->find('user', $session->UserId); $owner = DAL::get()->find_by_relatedobjectid('TelOwner', $user->id); $selectname = $request->selectname; PaymentClient::getInstance()->updateAdminTel($owner, $request->$selectname, $request->tel1, $request->tel2, $request->tel3, $request->tel4, $request->tel5); $url = $response->router->urlfor('telorder/myadminphone', array()); $response->setRedirect($url); }/*}}}*/
public function remarkList($request, $response) { $s1 = $request->getRequest('s1'); $s2 = $request->getRequest('s2'); $s3 = $request->getRequest('s3'); $s4 = $request->getRequest('s4'); $nowPage = $request->getRequest('page') ? $request->getRequest('page') : 1; $session = SessionDefault::singleton(); $privilege = PrivilegeClient::getInstance()->getByUserName($session->UserName); $options = array('s1' => $s1, 's2' => $s2, 's3' => $s3, 's4' => $s4, 'privProvince' => $privilege->doctorDistrict); $userList = UserClient::getInstance()->getUserListOfAdmin($nowPage, 50, $options); $pageLink = PageNav::getNavLink(PageNav::getPageNavTemplate("/space/remarklist?s1=" . $s1 . "&s2=" . $s2 . "&s3=" . $s3 . "&s4=" . $s4 . "&page="), $userList['pageInfo']['nowpage'], $userList['pageInfo']['pagesize'], $userList['pageInfo']['total']); $response->userList = isset($userList['info']) ? $userList['info'] : array(); $response->pageLink = $pageLink; $response->totalrecords = isset($userList['pageInfo']['total']) ? $userList['pageInfo']['total'] : 0; $response->s1 = $s1; $response->s2 = $s2; }