/**
* 更新或者新建一个快递公司
*
* @param $f3
*/
public function Edit($f3)
{
// 权限检查
$this->requirePrivilege('manage_misc_express_edit');
global $smarty;
// 参数验证
$validator = new Validator($f3->get('GET'));
$meta_id = $validator->digits()->validate('meta_id');
$meta_id = $meta_id ?: 0;
// 加载 快递信息
$expressService = new ExpressService();
$expressInfo = $expressService->loadMetaById($meta_id);
if (Request::isRequestGet()) {
goto out_assign;
}
// 安全性检查
if ($meta_id > 0) {
if ($expressInfo->isEmpty() || ExpressService::META_TYPE != $expressInfo->meta_type) {
$this->addFlashMessage('非法ID[' . $meta_id . ']');
goto out;
}
}
unset($validator);
$validator = new Validator($f3->get('POST'));
$inputArray = array();
$inputArray['meta_type'] = ExpressService::META_TYPE;
$inputArray['meta_name'] = $validator->required()->validate('meta_name');
$inputArray['meta_ename'] = $validator->required()->validate('meta_ename');
$inputArray['meta_sort_order'] = $validator->digits()->validate('meta_sort_order');
$inputArray['meta_status'] = $validator->digits()->validate('meta_status');
$inputArray['meta_desc'] = $validator->validate('meta_desc');
if (!$this->validate($validator)) {
goto out;
}
// 保存
$expressInfo->copyFrom($inputArray);
$expressInfo->save();
$this->addFlashMessage('快递信息保存成功');
// POST 成功从这里退出
RouteHelper::reRoute($this, RouteHelper::makeUrl('/Misc/Express/Edit', array('meta_id' => $expressInfo->meta_id), true));
return;
out_assign:
$smarty->assign($expressInfo->toArray());
out:
$smarty->display('misc_express_edit.tpl');
}
public function Edit($f3)
{
// 权限检查
$this->requirePrivilege('manage_article_category_edit');
global $smarty;
// 参数验证
$validator = new Validator($f3->get('GET'));
$meta_id = $validator->digits()->validate('meta_id');
$meta_id = $meta_id ?: 0;
// 加载 分类信息
$articleCategoryService = new ArticleCategoryService();
$articleCategory = $articleCategoryService->loadArticleCategoryById($meta_id);
if (Request::isRequestGet()) {
goto out_assign;
}
// 安全性检查
if ($meta_id > 0) {
if ($articleCategory->isEmpty() || ArticleCategoryService::META_TYPE != $articleCategory->meta_type) {
$this->addFlashMessage('非法ID[' . $meta_id . ']');
goto out;
}
}
unset($validator);
$validator = new Validator($f3->get('POST'));
$inputArray = array();
$inputArray['meta_type'] = ArticleCategoryService::META_TYPE;
$inputArray['meta_name'] = $validator->required()->validate('meta_name');
$inputArray['meta_sort_order'] = $validator->digits()->validate('meta_sort_order');
$inputArray['meta_desc'] = $validator->validate('meta_desc');
if (!$this->validate($validator)) {
goto out;
}
// 保存
$articleCategory->copyFrom($inputArray);
$articleCategory->save();
$this->addFlashMessage('分类信息保存成功');
// POST 成功从这里退出
RouteHelper::reRoute($this, RouteHelper::makeUrl('/Article/Category/Edit', array('meta_id' => $articleCategory->meta_id), true));
return;
out_assign:
$smarty->assign($articleCategory->toArray());
out:
$smarty->display('article_category_edit.tpl');
}
public function Edit($f3)
{
global $smarty;
// 参数验证
$validator = new Validator($f3->get('GET'));
$article_id = $validator->digits()->min(0)->filter('ValidatorIntValue')->validate('article_id');
if (!$this->validate($validator)) {
goto out_fail;
}
// 取得文章
$articleService = new ArticleService();
$article = $articleService->loadArticleById($article_id);
if ($article_id > 0 && $article->isEmpty()) {
$this->addFlashMessage('文章ID[' . $article_id . ']非法');
goto out_fail;
}
// 只是显示文章内容而已
if (Request::isRequestGet()) {
$smarty->assign('article', $article->toArray());
goto out_get;
}
// 权限检查
$this->requirePrivilege('manage_article_article_edit');
// 从这里开始是修改文章内容
unset($validator);
$articleInfoArray = $f3->get('POST[article]');
$validator = new Validator($articleInfoArray);
// 获得修改数据
$inputArray = array();
$inputArray['title'] = $validator->required()->validate('title');
$inputArray['seo_keyword'] = $validator->validate('seo_keyword');
$inputArray['cat_id'] = $validator->validate('cat_id');
$inputArray['is_open'] = $validator->validate('is_open');
$inputArray['description'] = $validator->validate('description');
$inputArray['content'] = $articleInfoArray['content'];
// 不要过滤 html
if (!$this->validate($validator)) {
goto out_get;
}
$authAdminUser = AuthHelper::getAuthUser();
// 新建文章
if ($article_id <= 0) {
$inputArray['admin_user_id'] = $authAdminUser['user_id'];
$inputArray['admin_user_name'] = $authAdminUser['user_name'];
$inputArray['add_time'] = Time::gmTime();
}
// 文章更新
$inputArray['update_user_id'] = $authAdminUser['user_id'];
$inputArray['update_user_name'] = $authAdminUser['user_name'];
$inputArray['update_time'] = Time::gmTime();
// 保存修改
$article->copyFrom($inputArray);
$article->save();
// 清除文章缓存
ClearHelper::clearArticleCacheById($article->article_id);
$this->addFlashMessage('文章保存成功');
RouteHelper::reRoute($this, RouteHelper::makeUrl('/Article/Article/Edit', array('article_id' => $article->article_id), true));
return;
// POST 从这里退出
out_get:
// GET 从这里退出
$smarty->display('article_article_edit.tpl');
return;
out_fail:
// 失败从这里退出
RouteHelper::reRoute($this, '/Article/Article/Search');
}
/**
* 角色权限管理
*
* @param $f3
*/
public function Privilege($f3)
{
// 权限检查
$this->requirePrivilege('manage_account_role_privilege_get');
global $smarty;
// 参数验证
$validator = new Validator($f3->get('GET'));
$meta_id = $validator->required()->digits()->min(1)->validate('meta_id');
if (!$this->validate($validator)) {
goto out_fail;
}
// 查询角色信息
$metaRoleService = new MetaRoleService();
$role = $metaRoleService->loadRoleById($meta_id);
if ($role->isEmpty()) {
// 不存在的角色
$this->addFlashMessage('角色不存在');
goto out_fail;
}
if (!Request::isRequestPost()) {
// 没有 post ,只是普通的显示
goto out_display;
}
// 权限检查
$this->requirePrivilege('manage_account_role_privilege_post');
$action_list_str = '';
$actionCodeArray = $f3->get('POST[action_code]');
if (empty($actionCodeArray)) {
// 清空了所有权限
$action_list_str = '';
goto update_privilege;
}
// 清除掉 privilegeAll,角色不能设置最高权限
while ($actionCodeArrayIndex = array_search(AdminUserService::privilegeAll, $actionCodeArray)) {
unset($actionCodeArray[$actionCodeArrayIndex]);
}
// 生成权限字符串
$action_list_str = implode(',', $actionCodeArray);
update_privilege:
$role->meta_data = $action_list_str;
$role->save();
$this->addFlashMessage('角色权限保存成功');
out_display:
$smarty->assign($role->toArray());
// 取得权限显示列表
$metaPrivilegeService = new MetaPrivilegeService();
$smarty->assign('privilegeArray', $metaPrivilegeService->fetchPrivilegeArray());
$smarty->display('account_role_privilege.tpl');
return;
// 正常从这里返回
out_fail:
// 失败,返回角色列表
RouteHelper::reRoute($this, '/Account/Role/ListRole');
}
/**
* 管理员权限管理
*
* @param $f3
*/
public function Privilege($f3)
{
// 权限检查
$this->requirePrivilege('manage_account_admin_privilege_get');
global $smarty;
// 参数验证
$validator = new Validator($f3->get('GET'));
$user_id = $validator->required()->digits()->min(1)->validate('user_id');
if (!$this->validate($validator)) {
goto out_fail;
}
// 查询管理员信息
$adminUserService = new AdminUserService();
$adminUser = $adminUserService->loadAdminById($user_id);
if ($adminUser->isEmpty()) {
// 不存在的管理员
$this->addFlashMessage('管理员不存在');
goto out_fail;
} else {
if (AdminUserService::verifyPrivilege(AdminUserService::privilegeAll, $adminUser['action_list'])) {
// 拥有最高权限的管理员只有他自己能编辑自己
$authAdminUser = AuthHelper::getAuthUser();
if ($authAdminUser['user_id'] != $adminUser['user_id']) {
$this->addFlashMessage('超级管理员只有他自己能操作自己的信息');
RouteHelper::reRoute($this, '/Account/Admin/ListUser');
}
}
}
if (!Request::isRequestPost()) {
// 没有 post ,只是普通的显示
goto out_display;
}
// 权限检查
$this->requirePrivilege('manage_account_admin_privilege_post');
$action_list_str = '';
$actionCodeArray = $f3->get('POST[action_code]');
if (empty($actionCodeArray)) {
// 清空了所有权限
$action_list_str = '';
goto update_privilege;
}
if (in_array(AdminUserService::privilegeAll, $actionCodeArray)) {
// 权限检查,只有自身拥有 privilegeAll 权限的人才能给别人授权 privilegeAll
$this->requirePrivilege(AdminUserService::privilegeAll);
// 用户有所有的权限
$action_list_str = AdminUserService::privilegeAll;
goto update_privilege;
}
// 生成权限字符串
$action_list_str = implode(',', $actionCodeArray);
update_privilege:
$adminUser->role_id = $f3->get('POST[role_id]');
$adminUser->action_list = $action_list_str;
$adminUser->save();
$this->addFlashMessage('管理员权限保存成功');
out_display:
$smarty->assign($adminUser->toArray());
// 取得权限显示列表
$metaPrivilegeService = new MetaPrivilegeService();
$smarty->assign('privilegeArray', $metaPrivilegeService->fetchPrivilegeArray());
$smarty->display('account_admin_privilege.tpl');
return;
// 正常从这里返回
out_fail:
// 失败,返回管理员列表
RouteHelper::reRoute($this, RouteHelper::makeUrl('/Account/Admin/ListUser', array('user_id' => $user_id), true));
}
/**
* 订单商品评价
*
* @param $f3
*/
public function GoodsComment($f3)
{
global $smarty;
$errorMessage = '';
// 参数验证
$validator = new Validator($f3->get('GET'));
$rec_id = $validator->required()->digits()->min(1)->validate('rec_id');
if (!$this->validate($validator)) {
$errorMessage = '订单ID非法';
goto out_fail;
}
$orderBasicService = new OrderBasicService();
// 查询 order_goods
$orderGoods = $orderBasicService->loadOrderGoodsById($rec_id, 10);
// 缓存 10 秒钟
if ($orderGoods->isEmpty()) {
$errorMessage = '订单ID非法';
goto out_fail;
}
// 查询 order_info
$orderInfo = $orderBasicService->loadOrderInfoById($orderGoods['order_id'], 10);
// 缓存 10 秒钟
// 权限检查,用户只能查看自己的订单
$userInfo = AuthHelper::getAuthUser();
if ($orderInfo->isEmpty() || $userInfo['user_id'] != $orderInfo['user_id'] || !$this->verifyOrderSystem($orderInfo)) {
$errorMessage = '订单ID非法';
goto out_fail;
}
// 加载订单评论
$goodsCommentService = new GoodsCommentService();
$goodsComment = $goodsCommentService->loadGoodsCommentByOrderGoodsRecId($rec_id, 1);
// 缓存1秒
if ($goodsComment->isEmpty() || $goodsComment['user_id'] != $userInfo['user_id']) {
$errorMessage = '无法评论此订单';
goto out_fail;
}
// post 请求
if (Request::isRequestPost()) {
goto do_post;
}
// 赋值评论信息
$smarty->assign('goodsComment', $goodsComment->toArray());
out_fail:
// GET 从这里退出
$smarty->assign('errorMessage', $errorMessage);
$smarty->display('my_order_goodscomment.tpl');
return;
do_post:
// 这里处理 post 请求
// 用户评论缺省不显示,需要等管理员审核通过才能显示
$goodsComment->is_show = 0;
$goodsComment->comment_time = Time::gmTime();
// 过滤用户提交的数据
unset($validator);
$validator = new Validator($f3->get('POST'));
$goodsComment->comment_rate = $validator->filter('ValidatorIntValue')->validate('comment_rate');
$goodsComment->comment = $validator->validate('comment');
$goodsComment->save();
$this->addFlashMessage('评论发表成功,请等待管理员审核通过才能显示');
// 回到前面的页面
RouteHelper::reRoute($this, RouteHelper::getRefer(), false);
}