$loginName, "loginPwd" => $loginPwd); } function bizPlater_cryptLoginPwd($loginPwd) { return md5(md5($loginPwd)); } function bizPlater_verifyToken() { $GPC = input_param_handle(false); $ajaxdata = input_getPostObj(); $loginName = isset($ajaxdata["loginName"]) ? $ajaxdata["loginName"] : $GPC["loginName"]; if (empty($loginName)) { throw new GeneralException("", "没有传递必要的loginName参数，或者登录名为空！"); } $subSystem = intval(SUBSYS_PLAT_PCWEB); $loginInfo = bizPlater_getFELoginInfo(false); $loginName = $loginInfo["loginName"]; $baseUser = pdo_fetch("select * from base_user where deleted=0 and subsystem=:subsystem and `login_name`=:login_name limit 1;", array( ":subsystem" => intval($subSystem), ":login_name" => trim($loginName), )); if (empty($baseUser)) { throw new GeneralException("", "没有定位到此登录名的用户记录,请确认输入是否正确！"); } base_verifyForendToken($baseUser); //前端会话TOKEN校验 return array("baseUser" => $baseUser); } //获取当前用户所赋予的角色列表 function bizPlater_getRoleSet($bizPlater) { $subSystem = intval(SUBSYS_PLAT_PCWEB); $roleList = pdo_fetchall("select r.* from base_roleuser ru left join base_role r on r.id=ru.roleid where ru.`userid`=:userid and r.subsystem=:subsystem and r.deleted=0;", array( ":userid" => intval($bizPlater["id"]), ":subsystem" => intval($subSystem), )); if (empty($roleList)) { throw new GeneralException("", "此用户没有被赋予任何角色,请联系平台超级管理员！"); } return $roleList; } //获取当前用户所属角色下可用的页面模块列表 function bizPlater_getModuleSet($bizPlater) { $subSystem = intval(SUBSYS_PLAT_PCWEB); $roleList = bizPlater_getRoleSet($bizPlater); //先确定当前用户有角色身份 $moduleList = pdo_fetchall("select * from base_permission_object where `subsystem`=:subsystem and deleted=0 order by `parentid` asc,`ranksn` asc;", array(":subsystem" => intval($subSystem))); if (empty($moduleList)) { throw new GeneralException("", "竟然没有配置任何模块,请联系平台超级管理员！"); } $tmpModuleSet = array(); foreach ($moduleList as $module) { $module["AAA_allowed"] = false; //默认都不可用，将来可根据模块本身的配置进行预设 $tmpModuleSet[$module["id"]] = $module; } foreach ($roleList as $role) { if (trim($role["role_code"]) == "SuperAdmin") { //超管一票允许 foreach ($tmpModuleSet as $key => &$moduleA) { $moduleA["AAA_allowed"] = true; } break; } $roleModIdSet = pdo_fetchall("select bpo.id as id from base_role_permission brp left join base_permission_object bpo on bpo.id=brp.objectid where bpo.deleted=0 and brp.`roleid`=:roleid and brp.`permission_run`='1' and bpo.id>0;", array(":roleid" => $role["id"])); foreach ($roleModIdSet as $roleModuleId) { $tmpModuleSet[$roleModuleId["id"]]["AAA_allowed"] = true; } } $forendSet = array( "navIcon" => array(), "states" => array(), "mainRoleName" => $roleList[0]["role_name"], "undoList" => bizPlater_undoList(), ); $orderSN = 0; foreach ($tmpModuleSet as $key => $moduleB) { if ($moduleB["AAA_allowed"] == true && intval($moduleB["parentid"]) == 0) { array_push($forendSet["navIcon"], array( "id_id" => $moduleB["id"], "id" => $orderSN++, "name" => $moduleB["obj_name"], "icon" => $moduleB["obj_icon"], "dda" => array(), "alink" => $moduleB["obj_attach"], ) ); } } foreach ($forendSet["navIcon"] as &$topModule) { $orderSN = 0; foreach ($tmpModuleSet as $key => $subModule) { if ($subModule["AAA_allowed"] == true && intval($subModule["parentid"]) == $topModule["id_id"]) { array_push($topModule["dda"], array( "name" => $subModule["obj_name"], "alink" => $subModule["obj_attach"], )); array_push($forendSet["states"], array( "name" => $subModule["obj_name"], "alink" => $subModule["obj_attach"], )); } } unset($topModule["id_id"]); } return $forendSet; } //核查当前用户是否对某个模块具有权限 function bizPlater_verifyPermisson($bizPlater, $objCatalog, $arrObjCodes) { // 就像外国名字一样 祖先姓-父辈姓-...-自己的姓 $subSystem = intval(SUBSYS_PLAT_PCWEB); $roleList = bizPlater_getRoleSet($bizPlater); if (empty($arrObjCodes) || !is_array($arrObjCodes) || count($arrObjCodes) <= 0) { throw new GeneralException("", "授权目标对象的arrObjCodes集合不能为空！"); } $allowed = false; foreach ($arrObjCodes as $objCode) { $allowed = false; foreach ($roleList as $role) { $isSysRole = (intval($role["issysrole"]) > 0); //是否系统内建角色，不可修改/删除； switch (trim($role["role_code"])) { case "SuperAdmin": return true; //一票允许 return true; 熔断直返 break; default: $roleModIdSet = pdo_fetch("select bpo.id as id from base_role_permission brp inner join base_permission_object bpo on bpo.id=brp.objectid and bpo.`obj_code`=:obj_code where brp.`roleid`=:roleid and brp.`permission_run`='1';", array(":roleid" => $role["id"], ":obj_code" => trim($objCode)) ); if (!empty($roleModIdSet)) { $allowed = true; } break; } if ($allowed) { break; } //已获取权限，则不再遍历其他角色 } //从上到下，【任一级别】模块【没有】【任何角色】权限，则中止向后遍历，直接抛出无权限 熔断退出 if (empty($allowed)) { throw new GeneralException("", "此用户没有当前页面的操作权限！"); } } if (empty($allowed)) { throw new GeneralException("", "此用户没有当前页面的操作权限！"); } return $allowed; } /**********************验证验权角色权限相关逻辑**************************************/ function bizbase_AAAEntityHandle($subSystem, $handleMode, $baseUser, $ajaxdata, $GPC) { switch ($handleMode) { case "fetchPlatUserList": $sqlTemp = ""; $sqlTemp .= " select bu.id,bu.login_name,bu.mobile,br.id as roleid,br.role_name"; $sqlTemp .= " from base_user bu "; $sqlTemp .= " left join base_roleuser bru on bru.userid=bu.id "; $sqlTemp .= " left join base_role br on br.id=bru.roleid "; $sqlTemp .= " where bu.`deleted`=0 and bu.subsystem=" . intval($subSystem); $backdata = pdo_fetchall($sqlTemp); return $backdata; break; case "resetPlatUserPwd": case "resetPlatUserSelfPwd": if ($handleMode == "resetPlatUserPwd") { $userid = isset($ajaxdata["userid"]) ? $ajaxdata["userid"] : $GPC["userid"]; $baseUser = pdo_fetch("select * from base_user where id=" . intval($userid)); if (empty($baseUser)) { throw new GeneralException("", "没有定位到此id对应的用户记录！"); } } else if ($handleMode == "resetPlatUserSelfPwd") { } $newPasswd = isset($ajaxdata["newPasswd"]) ? $ajaxdata["newPasswd"] : $GPC["newPadsswd"]; if (mb_strlen(trim($newPasswd)) <= 0) // && !preg_match("/^.*[a-z].*[A-Z].*\d.*$/",trim($newPasswd))) { throw new GeneralException("", "新密码长度不能为空！"); } $backdata = pdo_query("update base_user set login_pwd=:login_pwd,salt=:salt where id=:id;", array( ":id" => $baseUser["id"], ":login_pwd" => bizPlater_cryptLoginPwd($newPasswd), ":salt" => random(8), //重置盐 )); return $backdata; break; case "upsertPlatRoleUser": $roleId = isset($ajaxdata["roleId"]) ? $ajaxdata["roleId"] : $GPC["roleId"]; $roleInfo = pdo_fetch("select * from base_role where id=" . intval($roleId)); if (empty($roleInfo)) { throw new GeneralException("", "没有定位到角色记录！"); } $bizData = isset($ajaxdata["bizData"]) ? $ajaxdata["bizData"] : $GPC["bizData"]; if (empty($bizData)) { throw new GeneralException("", "没有传递必要的参数bizData"); } $saveData["login_name"] = trim($bizData["loginName"]); if (empty($saveData["login_name"])) { throw new GeneralException("", "登录号不能为空"); } if (!empty(trim($bizData["loginPwd"]))) { $saveData["login_pwd"] = bizPlater_cryptLoginPwd(trim($bizData["loginPwd"])); } $saveData["remark"] = "[" . date("Y-m-d H:i:s", time()) . "] 更新 " . trim($bizData["remark"]) . " \n"; $id = $bizData["id"]; if (intval($id) <= 0) { $hasUsed = pdo_fetch("select * from base_user where deleted=0 and subsystem=:subsystem and login_name=:login_name;", array( ":subsystem" => SUBSYS_PLAT_PCWEB, ":login_name" => $saveData["login_name"], )); if (!empty($hasUsed)) { throw new GeneralException("loginNameUsed", "登录号已被使用，请重新换一个吧"); } $sqlParam = array(); $sqlParam[":nowtime"] = time(); $sqlParam[":subsystem"] = SUBSYS_PLAT_PCWEB; $sqlParam[":login_name"] = $saveData["login_name"]; $sqlParam[":remark"] = $saveData["remark"]; $sqlParam[":salt"] = random(8); $sqlTemp = ""; $sqlTemp .= " insert into base_user set createtime=:nowtime"; $sqlTemp .= " ,subsystem=:subsystem,login_name=:login_name,remark=:remark,salt=:salt "; if (!empty($saveData["login_pwd"])) { $sqlParam[":login_pwd"] = $saveData["login_pwd"]; $sqlTemp .= " ,login_pwd=:login_pwd"; } $sqlTemp .= " ;"; $sqlTemp .= " set @handle_id=0; "; $sqlParam[":roleid"] = $roleId; $sqlTemp .= " select @handle_id:=id from base_roleuser"; $sqlTemp .= " where `roleid`=:roleid and userid=LAST_INSERT_ID(); "; $sqlTemp .= " insert into base_roleuser(`roleid`, userid)"; $sqlTemp .= " select :roleid, LAST_INSERT_ID() "; $sqlTemp .= " from dual where ifnull(@handle_id,0)=0 ;"; $backdata = pdo_query3($sqlTemp, $sqlParam); return $backdata; } else { $userInfo = pdo_fetch("select * from base_user where id=" . intval($id)); if (empty($userInfo)) { throw new GeneralException("", "没有定位到登录账号记录！"); } if (intval($userInfo["subsystem"]) != SUBSYS_PLAT_PCWEB) { throw new GeneralException("", "登录账号记录不是平台账号！"); } $hasUseds = pdo_fetchall("select * from base_user where deleted=0 and subsystem=:subsystem and login_name=:login_name;", array( ":subsystem" => SUBSYS_PLAT_PCWEB, ":login_name" => $saveData["login_name"], )); foreach ($hasUseds as $item) { if (intval($item["id"]) != intval($userInfo["id"])) { throw new GeneralException("loginNameUsed", "登录号已被使用，请重新换一个吧"); } } $sqlParam = array(); $sqlParam[":userid"] = $id; $sqlParam[":nowtime"] = time(); $sqlParam[":login_name"] = $saveData["login_name"]; $sqlParam[":remark"] = $saveData["remark"]; $sqlTemp = ""; $sqlTemp .= " update base_user set updatetime=:nowtime,login_name=:login_name,remark=concat(:remark,ifnull(remark,'')) "; if (!empty($saveData["login_pwd"])) { $sqlParam[":login_pwd"] = $saveData["login_pwd"]; $sqlParam[":salt"] = random(8); $sqlTemp .= " ,login_pwd=:login_pwd,salt=:salt"; } $sqlTemp .= " where id=:userid;"; $sqlTemp .= " set @handle_id=0; "; $sqlParam[":roleid"] = $roleId; $sqlTemp .= " select @handle_id:=id from base_roleuser"; $sqlTemp .= " where `roleid`=:roleid and userid=:userid; "; $sqlTemp .= " insert into base_roleuser(`roleid`, userid)"; $sqlTemp .= " select :roleid, :userid"; $sqlTemp .= " from dual where ifnull(@handle_id,0)=0 ;"; $backdata = pdo_query3($sqlTemp, $sqlParam); return $backdata; } break; case "removePlatRoleUser": $userId = isset($ajaxdata["userId"]) ? $ajaxdata["userId"] : $GPC["userId"]; $userInfo = pdo_fetch("select * from base_user where id=" . intval($userId)); if (empty($userInfo)) { throw new GeneralException("", "没有定位到登录账号记录！"); } if (intval($userInfo["subsystem"]) != SUBSYS_PLAT_PCWEB) { throw new GeneralException("", "登录账号记录不是平台账号！"); } if (intval($userInfo["deleted"]) != 0) { throw new GeneralException("", "登录账号记录已被删除！"); } $reason = isset($ajaxdata["reason"]) ? $ajaxdata["reason"] : $GPC["reason"]; $sqlParam = array(); $sqlParam[":userid"] = $userId; $sqlParam[":nowtime"] = time(); $sqlParam[":remark"] = "[" . date("Y-m-d H:i:s", time()) . "] 删除 $reason \n"; $sqlTemp = ""; $sqlTemp .= " update base_user set updatetime=:nowtime"; $sqlTemp .= " ,deleted=1,remark=concat(:remark,ifnull(remark,'')) "; $sqlTemp .= " where id=:userid;"; $sqlTemp .= " delete from base_roleuser where userid=:userid; "; $backdata = pdo_query3($sqlTemp, $sqlParam); return $backdata; break; default: throw new GeneralException("", "不支持的handleMode！"); } } function bizPlater_undoList() { $backdata = array(); $backdata["recruit_waitaudit"] = pdo_fetchcolumn("select count(*) from biz_trader_recruit where deleted=0 and `status`=1"); $backdata["recruit_waitaudit"] = intval($backdata["recruit_waitaudit"]) <= 0 ? null : intval($backdata["recruit_waitaudit"]); $backdata["suggestion_unsettled"] = pdo_fetchcolumn("select count(*) from biz_interaction where deleted=0 and biz_catalog<=1 and `status`<3 "); $backdata["suggestion_unsettled"] = intval($backdata["suggestion_unsettled"]) <= 0 ? null : intval($backdata["suggestion_unsettled"]); $backdata["complaint_unsettled"] = pdo_fetchcolumn("select count(*) from biz_interaction where deleted=0 and biz_catalog>=2 and `status`<3 "); $backdata["complaint_unsettled"] = intval($backdata["complaint_unsettled"]) <= 0 ? null : intval($backdata["complaint_unsettled"]); $backdata["tdwk_overtimepay"] = intval(pdo_fetchcolumn("select count(*) from biz_todowork tdwk where tdwk.deleted=0 and (tdwk.`status`=4 and " . time() . "-ifnull(tdwk.worked_finishtime,0)>24*3600)")); //$backdata["tdwk_denypay"] = intval(pdo_fetchcolumn("select count(*) from biz_todowork tdwk where tdwk.deleted=0 and (tdwk.`status`=-5)")); //$backdata["tdwk_waitpay"] = $backdata["tdwk_overtimepay"] + $backdata["tdwk_denypay"]; $backdata["tdwk_denypay"] = intval(pdo_fetchcolumn("select count(*) from biz_todowork tdwk where tdwk.deleted=0 and (tdwk.`status`<0)")); $backdata["tdwk_waitpay"] = $backdata["tdwk_overtimepay"] + $backdata["tdwk_denypay"]; if ($backdata["tdwk_waitpay"] <= 0) { $backdata["tdwk_waitpay"] = null; } if ($backdata["tdwk_overtimepay"] <= 0) { $backdata["tdwk_overtimepay"] = null; } if ($backdata["tdwk_denypay"] <= 0) { $backdata["tdwk_denypay"] = null; } $backdata["activityorder_unreaded"] = intval(pdo_fetchcolumn("select count(*) from biz_market_activity_order where deleted=0 and plater_readed=0;")); if ($backdata["activityorder_unreaded"] <= 0) { $backdata["activityorder_unreaded"] = null; } $backdata["tdupgrade_unaudit"] = intval(pdo_fetchcolumn("select count(*) from biz_trader where deleted=0 and catalog=0 and certif_confirmed=1 and bizlicense_pic<>'';")); if ($backdata["tdupgrade_unaudit"] <= 0) { $backdata["tdupgrade_unaudit"] = null; } $backdata["tdupgrade_unaudit_gesture"] = intval(pdo_fetchcolumn("select count(*) from biz_trader where deleted=0 and (lawer_idcard != '' and ((catalog = '0' and (certif_confirmed = '0' or (certif_confirmed = '1' && company_idcard !=''))) or (catalog = '1' and certif_confirmed = '0')));")); if ($backdata["tdupgrade_unaudit_gesture"] <= 0) { $backdata["tdupgrade_unaudit_gesture"] = null; } $backdata["tdwk_refuseypay"] = intval(pdo_fetchcolumn("select count(*) from biz_todowork tdwk where tdwk.deleted=0 and (tdwk.`status`=90)")); if ($backdata["tdwk_refuseypay"] <= 0) { $backdata["tdwk_refuseypay"] = null; } return $backdata; }