示例#1
0
 /**
  * 更新或者新建一个快递公司
  *
  * @param $f3
  */
 public function Edit($f3)
 {
     // 权限检查
     $this->requirePrivilege('manage_misc_express_edit');
     global $smarty;
     // 参数验证
     $validator = new Validator($f3->get('GET'));
     $meta_id = $validator->digits()->validate('meta_id');
     $meta_id = $meta_id ?: 0;
     //  加载 快递信息
     $expressService = new ExpressService();
     $expressInfo = $expressService->loadMetaById($meta_id);
     if (Request::isRequestGet()) {
         goto out_assign;
     }
     // 安全性检查
     if ($meta_id > 0) {
         if ($expressInfo->isEmpty() || ExpressService::META_TYPE != $expressInfo->meta_type) {
             $this->addFlashMessage('非法ID[' . $meta_id . ']');
             goto out;
         }
     }
     unset($validator);
     $validator = new Validator($f3->get('POST'));
     $inputArray = array();
     $inputArray['meta_type'] = ExpressService::META_TYPE;
     $inputArray['meta_name'] = $validator->required()->validate('meta_name');
     $inputArray['meta_ename'] = $validator->required()->validate('meta_ename');
     $inputArray['meta_sort_order'] = $validator->digits()->validate('meta_sort_order');
     $inputArray['meta_status'] = $validator->digits()->validate('meta_status');
     $inputArray['meta_desc'] = $validator->validate('meta_desc');
     if (!$this->validate($validator)) {
         goto out;
     }
     // 保存
     $expressInfo->copyFrom($inputArray);
     $expressInfo->save();
     $this->addFlashMessage('快递信息保存成功');
     // POST 成功从这里退出
     RouteHelper::reRoute($this, RouteHelper::makeUrl('/Misc/Express/Edit', array('meta_id' => $expressInfo->meta_id), true));
     return;
     out_assign:
     $smarty->assign($expressInfo->toArray());
     out:
     $smarty->display('misc_express_edit.tpl');
 }
示例#2
0
 public function Edit($f3)
 {
     // 权限检查
     $this->requirePrivilege('manage_article_category_edit');
     global $smarty;
     // 参数验证
     $validator = new Validator($f3->get('GET'));
     $meta_id = $validator->digits()->validate('meta_id');
     $meta_id = $meta_id ?: 0;
     //  加载 分类信息
     $articleCategoryService = new ArticleCategoryService();
     $articleCategory = $articleCategoryService->loadArticleCategoryById($meta_id);
     if (Request::isRequestGet()) {
         goto out_assign;
     }
     // 安全性检查
     if ($meta_id > 0) {
         if ($articleCategory->isEmpty() || ArticleCategoryService::META_TYPE != $articleCategory->meta_type) {
             $this->addFlashMessage('非法ID[' . $meta_id . ']');
             goto out;
         }
     }
     unset($validator);
     $validator = new Validator($f3->get('POST'));
     $inputArray = array();
     $inputArray['meta_type'] = ArticleCategoryService::META_TYPE;
     $inputArray['meta_name'] = $validator->required()->validate('meta_name');
     $inputArray['meta_sort_order'] = $validator->digits()->validate('meta_sort_order');
     $inputArray['meta_desc'] = $validator->validate('meta_desc');
     if (!$this->validate($validator)) {
         goto out;
     }
     // 保存
     $articleCategory->copyFrom($inputArray);
     $articleCategory->save();
     $this->addFlashMessage('分类信息保存成功');
     // POST 成功从这里退出
     RouteHelper::reRoute($this, RouteHelper::makeUrl('/Article/Category/Edit', array('meta_id' => $articleCategory->meta_id), true));
     return;
     out_assign:
     $smarty->assign($articleCategory->toArray());
     out:
     $smarty->display('article_category_edit.tpl');
 }
示例#3
0
 public function Edit($f3)
 {
     global $smarty;
     // 参数验证
     $validator = new Validator($f3->get('GET'));
     $article_id = $validator->digits()->min(0)->filter('ValidatorIntValue')->validate('article_id');
     if (!$this->validate($validator)) {
         goto out_fail;
     }
     // 取得文章
     $articleService = new ArticleService();
     $article = $articleService->loadArticleById($article_id);
     if ($article_id > 0 && $article->isEmpty()) {
         $this->addFlashMessage('文章ID[' . $article_id . ']非法');
         goto out_fail;
     }
     // 只是显示文章内容而已
     if (Request::isRequestGet()) {
         $smarty->assign('article', $article->toArray());
         goto out_get;
     }
     // 权限检查
     $this->requirePrivilege('manage_article_article_edit');
     // 从这里开始是修改文章内容
     unset($validator);
     $articleInfoArray = $f3->get('POST[article]');
     $validator = new Validator($articleInfoArray);
     // 获得修改数据
     $inputArray = array();
     $inputArray['title'] = $validator->required()->validate('title');
     $inputArray['seo_keyword'] = $validator->validate('seo_keyword');
     $inputArray['cat_id'] = $validator->validate('cat_id');
     $inputArray['is_open'] = $validator->validate('is_open');
     $inputArray['description'] = $validator->validate('description');
     $inputArray['content'] = $articleInfoArray['content'];
     // 不要过滤 html
     if (!$this->validate($validator)) {
         goto out_get;
     }
     $authAdminUser = AuthHelper::getAuthUser();
     // 新建文章
     if ($article_id <= 0) {
         $inputArray['admin_user_id'] = $authAdminUser['user_id'];
         $inputArray['admin_user_name'] = $authAdminUser['user_name'];
         $inputArray['add_time'] = Time::gmTime();
     }
     // 文章更新
     $inputArray['update_user_id'] = $authAdminUser['user_id'];
     $inputArray['update_user_name'] = $authAdminUser['user_name'];
     $inputArray['update_time'] = Time::gmTime();
     // 保存修改
     $article->copyFrom($inputArray);
     $article->save();
     // 清除文章缓存
     ClearHelper::clearArticleCacheById($article->article_id);
     $this->addFlashMessage('文章保存成功');
     RouteHelper::reRoute($this, RouteHelper::makeUrl('/Article/Article/Edit', array('article_id' => $article->article_id), true));
     return;
     // POST 从这里退出
     out_get:
     // GET 从这里退出
     $smarty->display('article_article_edit.tpl');
     return;
     out_fail:
     // 失败从这里退出
     RouteHelper::reRoute($this, '/Article/Article/Search');
 }
示例#4
0
文件: Role.php 项目: jackycgq/bzfshop
 /**
  * 角色权限管理
  *
  * @param $f3
  */
 public function Privilege($f3)
 {
     // 权限检查
     $this->requirePrivilege('manage_account_role_privilege_get');
     global $smarty;
     // 参数验证
     $validator = new Validator($f3->get('GET'));
     $meta_id = $validator->required()->digits()->min(1)->validate('meta_id');
     if (!$this->validate($validator)) {
         goto out_fail;
     }
     // 查询角色信息
     $metaRoleService = new MetaRoleService();
     $role = $metaRoleService->loadRoleById($meta_id);
     if ($role->isEmpty()) {
         // 不存在的角色
         $this->addFlashMessage('角色不存在');
         goto out_fail;
     }
     if (!Request::isRequestPost()) {
         // 没有 post ,只是普通的显示
         goto out_display;
     }
     // 权限检查
     $this->requirePrivilege('manage_account_role_privilege_post');
     $action_list_str = '';
     $actionCodeArray = $f3->get('POST[action_code]');
     if (empty($actionCodeArray)) {
         // 清空了所有权限
         $action_list_str = '';
         goto update_privilege;
     }
     // 清除掉 privilegeAll,角色不能设置最高权限
     while ($actionCodeArrayIndex = array_search(AdminUserService::privilegeAll, $actionCodeArray)) {
         unset($actionCodeArray[$actionCodeArrayIndex]);
     }
     // 生成权限字符串
     $action_list_str = implode(',', $actionCodeArray);
     update_privilege:
     $role->meta_data = $action_list_str;
     $role->save();
     $this->addFlashMessage('角色权限保存成功');
     out_display:
     $smarty->assign($role->toArray());
     // 取得权限显示列表
     $metaPrivilegeService = new MetaPrivilegeService();
     $smarty->assign('privilegeArray', $metaPrivilegeService->fetchPrivilegeArray());
     $smarty->display('account_role_privilege.tpl');
     return;
     // 正常从这里返回
     out_fail:
     // 失败,返回角色列表
     RouteHelper::reRoute($this, '/Account/Role/ListRole');
 }
示例#5
0
 /**
  * 管理员权限管理
  *
  * @param $f3
  */
 public function Privilege($f3)
 {
     // 权限检查
     $this->requirePrivilege('manage_account_admin_privilege_get');
     global $smarty;
     // 参数验证
     $validator = new Validator($f3->get('GET'));
     $user_id = $validator->required()->digits()->min(1)->validate('user_id');
     if (!$this->validate($validator)) {
         goto out_fail;
     }
     // 查询管理员信息
     $adminUserService = new AdminUserService();
     $adminUser = $adminUserService->loadAdminById($user_id);
     if ($adminUser->isEmpty()) {
         // 不存在的管理员
         $this->addFlashMessage('管理员不存在');
         goto out_fail;
     } else {
         if (AdminUserService::verifyPrivilege(AdminUserService::privilegeAll, $adminUser['action_list'])) {
             // 拥有最高权限的管理员只有他自己能编辑自己
             $authAdminUser = AuthHelper::getAuthUser();
             if ($authAdminUser['user_id'] != $adminUser['user_id']) {
                 $this->addFlashMessage('超级管理员只有他自己能操作自己的信息');
                 RouteHelper::reRoute($this, '/Account/Admin/ListUser');
             }
         }
     }
     if (!Request::isRequestPost()) {
         // 没有 post ,只是普通的显示
         goto out_display;
     }
     // 权限检查
     $this->requirePrivilege('manage_account_admin_privilege_post');
     $action_list_str = '';
     $actionCodeArray = $f3->get('POST[action_code]');
     if (empty($actionCodeArray)) {
         // 清空了所有权限
         $action_list_str = '';
         goto update_privilege;
     }
     if (in_array(AdminUserService::privilegeAll, $actionCodeArray)) {
         // 权限检查,只有自身拥有 privilegeAll 权限的人才能给别人授权 privilegeAll
         $this->requirePrivilege(AdminUserService::privilegeAll);
         // 用户有所有的权限
         $action_list_str = AdminUserService::privilegeAll;
         goto update_privilege;
     }
     // 生成权限字符串
     $action_list_str = implode(',', $actionCodeArray);
     update_privilege:
     $adminUser->role_id = $f3->get('POST[role_id]');
     $adminUser->action_list = $action_list_str;
     $adminUser->save();
     $this->addFlashMessage('管理员权限保存成功');
     out_display:
     $smarty->assign($adminUser->toArray());
     // 取得权限显示列表
     $metaPrivilegeService = new MetaPrivilegeService();
     $smarty->assign('privilegeArray', $metaPrivilegeService->fetchPrivilegeArray());
     $smarty->display('account_admin_privilege.tpl');
     return;
     // 正常从这里返回
     out_fail:
     // 失败,返回管理员列表
     RouteHelper::reRoute($this, RouteHelper::makeUrl('/Account/Admin/ListUser', array('user_id' => $user_id), true));
 }
示例#6
0
 /**
  * 订单商品评价
  *
  * @param $f3
  */
 public function GoodsComment($f3)
 {
     global $smarty;
     $errorMessage = '';
     // 参数验证
     $validator = new Validator($f3->get('GET'));
     $rec_id = $validator->required()->digits()->min(1)->validate('rec_id');
     if (!$this->validate($validator)) {
         $errorMessage = '订单ID非法';
         goto out_fail;
     }
     $orderBasicService = new OrderBasicService();
     // 查询 order_goods
     $orderGoods = $orderBasicService->loadOrderGoodsById($rec_id, 10);
     // 缓存 10 秒钟
     if ($orderGoods->isEmpty()) {
         $errorMessage = '订单ID非法';
         goto out_fail;
     }
     // 查询 order_info
     $orderInfo = $orderBasicService->loadOrderInfoById($orderGoods['order_id'], 10);
     // 缓存 10 秒钟
     // 权限检查,用户只能查看自己的订单
     $userInfo = AuthHelper::getAuthUser();
     if ($orderInfo->isEmpty() || $userInfo['user_id'] != $orderInfo['user_id'] || !$this->verifyOrderSystem($orderInfo)) {
         $errorMessage = '订单ID非法';
         goto out_fail;
     }
     // 加载订单评论
     $goodsCommentService = new GoodsCommentService();
     $goodsComment = $goodsCommentService->loadGoodsCommentByOrderGoodsRecId($rec_id, 1);
     // 缓存1秒
     if ($goodsComment->isEmpty() || $goodsComment['user_id'] != $userInfo['user_id']) {
         $errorMessage = '无法评论此订单';
         goto out_fail;
     }
     // post 请求
     if (Request::isRequestPost()) {
         goto do_post;
     }
     // 赋值评论信息
     $smarty->assign('goodsComment', $goodsComment->toArray());
     out_fail:
     // GET 从这里退出
     $smarty->assign('errorMessage', $errorMessage);
     $smarty->display('my_order_goodscomment.tpl');
     return;
     do_post:
     // 这里处理 post 请求
     // 用户评论缺省不显示,需要等管理员审核通过才能显示
     $goodsComment->is_show = 0;
     $goodsComment->comment_time = Time::gmTime();
     // 过滤用户提交的数据
     unset($validator);
     $validator = new Validator($f3->get('POST'));
     $goodsComment->comment_rate = $validator->filter('ValidatorIntValue')->validate('comment_rate');
     $goodsComment->comment = $validator->validate('comment');
     $goodsComment->save();
     $this->addFlashMessage('评论发表成功,请等待管理员审核通过才能显示');
     // 回到前面的页面
     RouteHelper::reRoute($this, RouteHelper::getRefer(), false);
 }