kly_api/prjcenter/prjKLY/base/AboutPlater.php

<?php
defined('ONLY_ONLY_ONLY') or exit('Access Denied');
/*****************平台方相关如角色权限等******************/
function bizPlater_getFELoginInfo($includePwd = false)
{
    $subSystem = intval(SUBSYS_PLAT_PCWEB);
    $GPC = input_param_handle(false);
    $ajaxdata = input_getPostObj();
    $loginName = isset($ajaxdata["loginName"]) ? $ajaxdata["loginName"] : $GPC["loginName"];
    if (empty($loginName)) {
        throw new GeneralException("", "没有传递必要的loginName参数，或者登录名为空！");
    }

    if (mb_strlen(trim($loginName)) < 2) {
        throw new GeneralException("", "登录名不能为空且长度至少2位！");
    }

    if ($includePwd) {
        $loginPwd = isset($ajaxdata["loginPwd"]) ? $ajaxdata["loginPwd"] : $GPC["loginPwd"];
        if (empty($loginPwd)) {
            throw new GeneralException("", "没有传递必要的loginPwd参数，或密码为空！");
        }

        if (mb_strlen(trim($loginPwd)) <= 3) {
            throw new GeneralException("", "登录密码不能为空且长度至少3位！");
        }

    }
    return array("loginName" => $loginName, "loginPwd" => $loginPwd);
}
function bizPlater_cryptLoginPwd($loginPwd)
{
    return md5(md5($loginPwd));
}
function bizPlater_verifyToken()
{
    $GPC = input_param_handle(false);
    $ajaxdata = input_getPostObj();
    $loginName = isset($ajaxdata["loginName"]) ? $ajaxdata["loginName"] : $GPC["loginName"];
    if (empty($loginName)) {
        throw new GeneralException("", "没有传递必要的loginName参数，或者登录名为空！");
    }

    $subSystem = intval(SUBSYS_PLAT_PCWEB);
    $loginInfo = bizPlater_getFELoginInfo(false);
    $loginName = $loginInfo["loginName"];
    $baseUser = pdo_fetch("select * from base_user where deleted=0 and subsystem=:subsystem and `login_name`=:login_name limit 1;", array(
        ":subsystem" => intval($subSystem),
        ":login_name" => trim($loginName),
    ));
    if (empty($baseUser)) {
        throw new GeneralException("", "没有定位到此登录名的用户记录,请确认输入是否正确！");
    }

    base_verifyForendToken($baseUser); //前端会话TOKEN校验
    return array("baseUser" => $baseUser);
}
//获取当前用户所赋予的角色列表
function bizPlater_getRoleSet($bizPlater)
{
    $subSystem = intval(SUBSYS_PLAT_PCWEB);
    $roleList = pdo_fetchall("select r.* from base_roleuser ru
        left join base_role r on r.id=ru.roleid
        where ru.`userid`=:userid and r.subsystem=:subsystem and r.deleted=0;", array(
        ":userid" => intval($bizPlater["id"]),
        ":subsystem" => intval($subSystem),
    ));
    if (empty($roleList)) {
        throw new GeneralException("", "此用户没有被赋予任何角色,请联系平台超级管理员！");
    }

    return $roleList;
}
//获取当前用户所属角色下可用的页面模块列表
function bizPlater_getModuleSet($bizPlater)
{
    $subSystem = intval(SUBSYS_PLAT_PCWEB);
    $roleList = bizPlater_getRoleSet($bizPlater); //先确定当前用户有角色身份
    $moduleList = pdo_fetchall("select * from base_permission_object where `subsystem`=:subsystem and deleted=0
        order by `parentid` asc,`ranksn` asc;", array(":subsystem" => intval($subSystem)));
    if (empty($moduleList)) {
        throw new GeneralException("", "竟然没有配置任何模块,请联系平台超级管理员！");
    }

    $tmpModuleSet = array();
    foreach ($moduleList as $module) {
        $module["AAA_allowed"] = false; //默认都不可用，将来可根据模块本身的配置进行预设
        $tmpModuleSet[$module["id"]] = $module;
    }
    foreach ($roleList as $role) {
        if (trim($role["role_code"]) == "SuperAdmin") { //超管一票允许
            foreach ($tmpModuleSet as $key => &$moduleA) {
                $moduleA["AAA_allowed"] = true;
            }

            break;
        }
        $roleModIdSet = pdo_fetchall("select bpo.id as id from base_role_permission brp
            left join base_permission_object bpo on bpo.id=brp.objectid
            where bpo.deleted=0 and brp.`roleid`=:roleid and brp.`permission_run`='1' and bpo.id>0;", array(":roleid" => $role["id"]));
        foreach ($roleModIdSet as $roleModuleId) {
            $tmpModuleSet[$roleModuleId["id"]]["AAA_allowed"] = true;
        }
    }
    $forendSet = array(
        "navIcon" => array(),
        "states" => array(),
        "mainRoleName" => $roleList[0]["role_name"],
        "undoList" => bizPlater_undoList(),
    );
    $orderSN = 0;
    foreach ($tmpModuleSet as $key => $moduleB) {
        if ($moduleB["AAA_allowed"] == true && intval($moduleB["parentid"]) == 0) {
            array_push($forendSet["navIcon"], array(
                "id_id" => $moduleB["id"],
                "id" => $orderSN++, "name" => $moduleB["obj_name"],
                "icon" => $moduleB["obj_icon"], "dda" => array(),
                "alink" => $moduleB["obj_attach"],
            )
            );
        }
    }
    foreach ($forendSet["navIcon"] as &$topModule) {
        $orderSN = 0;
        foreach ($tmpModuleSet as $key => $subModule) {
            if ($subModule["AAA_allowed"] == true && intval($subModule["parentid"]) == $topModule["id_id"]) {
                array_push($topModule["dda"], array(
                    "name" => $subModule["obj_name"], "alink" => $subModule["obj_attach"],
                ));
                array_push($forendSet["states"], array(
                    "name" => $subModule["obj_name"], "alink" => $subModule["obj_attach"],
                ));
            }
        }
        unset($topModule["id_id"]);
    }
    return $forendSet;
}
//核查当前用户是否对某个模块具有权限
function bizPlater_verifyPermisson($bizPlater, $objCatalog, $arrObjCodes)
{ // 就像外国名字一样 祖先姓-父辈姓-...-自己的姓
    $subSystem = intval(SUBSYS_PLAT_PCWEB);
    $roleList = bizPlater_getRoleSet($bizPlater);
    if (empty($arrObjCodes) || !is_array($arrObjCodes) || count($arrObjCodes) <= 0) {
        throw new GeneralException("", "授权目标对象的arrObjCodes集合不能为空！");
    }

    $allowed = false;
    foreach ($arrObjCodes as $objCode) {
        $allowed = false;
        foreach ($roleList as $role) {
            $isSysRole = (intval($role["issysrole"]) > 0); //是否系统内建角色，不可修改/删除；
            switch (trim($role["role_code"])) {
                case "SuperAdmin":
                    return true; //一票允许 return true; 熔断直返
                    break;
                default:
                    $roleModIdSet = pdo_fetch("select bpo.id as id from base_role_permission brp
                        inner join base_permission_object bpo on bpo.id=brp.objectid and bpo.`obj_code`=:obj_code
                        where brp.`roleid`=:roleid and brp.`permission_run`='1';",
                        array(":roleid" => $role["id"], ":obj_code" => trim($objCode))
                    );
                    if (!empty($roleModIdSet)) {
                        $allowed = true;
                    }

                    break;
            }
            if ($allowed) {
                break;
            }
//已获取权限，则不再遍历其他角色
        }
        //从上到下，【任一级别】模块【没有】【任何角色】权限，则中止向后遍历，直接抛出无权限 熔断退出
        if (empty($allowed)) {
            throw new GeneralException("", "此用户没有当前页面的操作权限！");
        }

    }
    if (empty($allowed)) {
        throw new GeneralException("", "此用户没有当前页面的操作权限！");
    }

    return $allowed;
}

/**********************验证验权角色权限相关逻辑**************************************/
function bizbase_AAAEntityHandle($subSystem, $handleMode, $baseUser, $ajaxdata, $GPC)
{
    switch ($handleMode) {
        case "fetchPlatUserList":
            $sqlTemp = "";
            $sqlTemp .= " select bu.id,bu.login_name,bu.mobile,br.id as roleid,br.role_name";
            $sqlTemp .= " from base_user bu ";
            $sqlTemp .= " left join base_roleuser bru on bru.userid=bu.id ";
            $sqlTemp .= " left join base_role     br  on br.id=bru.roleid ";
            $sqlTemp .= " where bu.`deleted`=0 and bu.subsystem=" . intval($subSystem);
            $backdata = pdo_fetchall($sqlTemp);
            return $backdata;
            break;
        case "resetPlatUserPwd":
        case "resetPlatUserSelfPwd":
            if ($handleMode == "resetPlatUserPwd") {
                $userid = isset($ajaxdata["userid"]) ? $ajaxdata["userid"] : $GPC["userid"];
                $baseUser = pdo_fetch("select * from base_user where id=" . intval($userid));
                if (empty($baseUser)) {
                    throw new GeneralException("", "没有定位到此id对应的用户记录！");
                }

            } else if ($handleMode == "resetPlatUserSelfPwd") {
            }
            $newPasswd = isset($ajaxdata["newPasswd"]) ? $ajaxdata["newPasswd"] : $GPC["newPadsswd"];
            if (mb_strlen(trim($newPasswd)) <= 0) // && !preg_match("/^.*[a-z].*[A-Z].*\d.*$/",trim($newPasswd)))
            {
                throw new GeneralException("", "新密码长度不能为空！");
            }

            $backdata = pdo_query("update base_user set login_pwd=:login_pwd,salt=:salt where id=:id;", array(
                ":id" => $baseUser["id"],
                ":login_pwd" => bizPlater_cryptLoginPwd($newPasswd),
                ":salt" => random(8), //重置盐
            ));
            return $backdata;
            break;
        case "upsertPlatRoleUser":
            $roleId = isset($ajaxdata["roleId"]) ? $ajaxdata["roleId"] : $GPC["roleId"];
            $roleInfo = pdo_fetch("select * from base_role where id=" . intval($roleId));
            if (empty($roleInfo)) {
                throw new GeneralException("", "没有定位到角色记录！");
            }

            $bizData = isset($ajaxdata["bizData"]) ? $ajaxdata["bizData"] : $GPC["bizData"];
            if (empty($bizData)) {
                throw new GeneralException("", "没有传递必要的参数bizData");
            }

            $saveData["login_name"] = trim($bizData["loginName"]);
            if (empty($saveData["login_name"])) {
                throw new GeneralException("", "登录号不能为空");
            }

            if (!empty(trim($bizData["loginPwd"]))) {
                $saveData["login_pwd"] = bizPlater_cryptLoginPwd(trim($bizData["loginPwd"]));
            }
            $saveData["remark"] = "[" . date("Y-m-d H:i:s", time()) . "] 更新 " . trim($bizData["remark"]) . " \n";
            $id = $bizData["id"];
            if (intval($id) <= 0) {
                $hasUsed = pdo_fetch("select * from base_user where deleted=0 and subsystem=:subsystem and login_name=:login_name;", array(
                    ":subsystem" => SUBSYS_PLAT_PCWEB,
                    ":login_name" => $saveData["login_name"],
                ));
                if (!empty($hasUsed)) {
                    throw new GeneralException("loginNameUsed", "登录号已被使用，请重新换一个吧");
                }

                $sqlParam = array();
                $sqlParam[":nowtime"] = time();
                $sqlParam[":subsystem"] = SUBSYS_PLAT_PCWEB;
                $sqlParam[":login_name"] = $saveData["login_name"];
                $sqlParam[":remark"] = $saveData["remark"];
                $sqlParam[":salt"] = random(8);
                $sqlTemp = "";
                $sqlTemp .= " insert into base_user set createtime=:nowtime";
                $sqlTemp .= "     ,subsystem=:subsystem,login_name=:login_name,remark=:remark,salt=:salt ";
                if (!empty($saveData["login_pwd"])) {
                    $sqlParam[":login_pwd"] = $saveData["login_pwd"];
                    $sqlTemp .= "     ,login_pwd=:login_pwd";
                }
                $sqlTemp .= " ;";
                $sqlTemp .= " set @handle_id=0; ";
                $sqlParam[":roleid"] = $roleId;
                $sqlTemp .= " select @handle_id:=id from base_roleuser";
                $sqlTemp .= "   where `roleid`=:roleid and userid=LAST_INSERT_ID(); ";
                $sqlTemp .= " insert into base_roleuser(`roleid`,  userid)";
                $sqlTemp .= " select                    :roleid,   LAST_INSERT_ID() ";
                $sqlTemp .= "   from dual where ifnull(@handle_id,0)=0 ;";
                $backdata = pdo_query3($sqlTemp, $sqlParam);
                return $backdata;
            } else {
                $userInfo = pdo_fetch("select * from base_user where id=" . intval($id));
                if (empty($userInfo)) {
                    throw new GeneralException("", "没有定位到登录账号记录！");
                }

                if (intval($userInfo["subsystem"]) != SUBSYS_PLAT_PCWEB) {
                    throw new GeneralException("", "登录账号记录不是平台账号！");
                }

                $hasUseds = pdo_fetchall("select * from base_user where deleted=0 and subsystem=:subsystem and login_name=:login_name;", array(
                    ":subsystem" => SUBSYS_PLAT_PCWEB,
                    ":login_name" => $saveData["login_name"],
                ));
                foreach ($hasUseds as $item) {
                    if (intval($item["id"]) != intval($userInfo["id"])) {
                        throw new GeneralException("loginNameUsed", "登录号已被使用，请重新换一个吧");
                    }

                }
                $sqlParam = array();
                $sqlParam[":userid"] = $id;
                $sqlParam[":nowtime"] = time();
                $sqlParam[":login_name"] = $saveData["login_name"];
                $sqlParam[":remark"] = $saveData["remark"];
                $sqlTemp = "";
                $sqlTemp .= " update base_user set updatetime=:nowtime,login_name=:login_name,remark=concat(:remark,ifnull(remark,'')) ";
                if (!empty($saveData["login_pwd"])) {
                    $sqlParam[":login_pwd"] = $saveData["login_pwd"];
                    $sqlParam[":salt"] = random(8);
                    $sqlTemp .= "     ,login_pwd=:login_pwd,salt=:salt";
                }
                $sqlTemp .= " where id=:userid;";
                $sqlTemp .= " set @handle_id=0; ";
                $sqlParam[":roleid"] = $roleId;
                $sqlTemp .= " select @handle_id:=id from base_roleuser";
                $sqlTemp .= "   where `roleid`=:roleid and userid=:userid; ";
                $sqlTemp .= " insert into base_roleuser(`roleid`,  userid)";
                $sqlTemp .= " select                    :roleid,   :userid";
                $sqlTemp .= "   from dual where ifnull(@handle_id,0)=0 ;";
                $backdata = pdo_query3($sqlTemp, $sqlParam);
                return $backdata;
            }
            break;
        case "removePlatRoleUser":
            $userId = isset($ajaxdata["userId"]) ? $ajaxdata["userId"] : $GPC["userId"];
            $userInfo = pdo_fetch("select * from base_user where id=" . intval($userId));
            if (empty($userInfo)) {
                throw new GeneralException("", "没有定位到登录账号记录！");
            }

            if (intval($userInfo["subsystem"]) != SUBSYS_PLAT_PCWEB) {
                throw new GeneralException("", "登录账号记录不是平台账号！");
            }

            if (intval($userInfo["deleted"]) != 0) {
                throw new GeneralException("", "登录账号记录已被删除！");
            }

            $reason = isset($ajaxdata["reason"]) ? $ajaxdata["reason"] : $GPC["reason"];
            $sqlParam = array();
            $sqlParam[":userid"] = $userId;
            $sqlParam[":nowtime"] = time();
            $sqlParam[":remark"] = "[" . date("Y-m-d H:i:s", time()) . "] 删除 $reason \n";
            $sqlTemp = "";
            $sqlTemp .= " update base_user set updatetime=:nowtime";
            $sqlTemp .= "     ,deleted=1,remark=concat(:remark,ifnull(remark,'')) ";
            $sqlTemp .= " where id=:userid;";
            $sqlTemp .= " delete from base_roleuser where userid=:userid; ";
            $backdata = pdo_query3($sqlTemp, $sqlParam);
            return $backdata;
            break;
        default:
            throw new GeneralException("", "不支持的handleMode！");
    }
}

function bizPlater_undoList()
{
    $backdata = array();
    $backdata["recruit_waitaudit"] = pdo_fetchcolumn("select count(*) from biz_trader_recruit where deleted=0 and `status`=1");
    $backdata["recruit_waitaudit"] = intval($backdata["recruit_waitaudit"]) <= 0 ? null : intval($backdata["recruit_waitaudit"]);
    $backdata["suggestion_unsettled"] = pdo_fetchcolumn("select count(*) from biz_interaction where deleted=0 and biz_catalog<=1 and `status`<3 ");
    $backdata["suggestion_unsettled"] = intval($backdata["suggestion_unsettled"]) <= 0 ? null : intval($backdata["suggestion_unsettled"]);
    $backdata["complaint_unsettled"] = pdo_fetchcolumn("select count(*) from biz_interaction where deleted=0 and biz_catalog>=2 and `status`<3 ");
    $backdata["complaint_unsettled"] = intval($backdata["complaint_unsettled"]) <= 0 ? null : intval($backdata["complaint_unsettled"]);

    $backdata["tdwk_overtimepay"] = intval(pdo_fetchcolumn("select count(*) from biz_todowork tdwk where tdwk.deleted=0 and (tdwk.`status`=4 and " . time() . "-ifnull(tdwk.worked_finishtime,0)>24*3600)"));
    //$backdata["tdwk_denypay"] = intval(pdo_fetchcolumn("select count(*) from biz_todowork tdwk where tdwk.deleted=0 and (tdwk.`status`=-5)"));
    //$backdata["tdwk_waitpay"] = $backdata["tdwk_overtimepay"] + $backdata["tdwk_denypay"];
    $backdata["tdwk_denypay"] = intval(pdo_fetchcolumn("select count(*) from biz_todowork tdwk where tdwk.deleted=0 and (tdwk.`status`<0)"));
    $backdata["tdwk_waitpay"] = $backdata["tdwk_overtimepay"] + $backdata["tdwk_denypay"];
    if ($backdata["tdwk_waitpay"] <= 0) {
        $backdata["tdwk_waitpay"] = null;
    }

    if ($backdata["tdwk_overtimepay"] <= 0) {
        $backdata["tdwk_overtimepay"] = null;
    }

    if ($backdata["tdwk_denypay"] <= 0) {
        $backdata["tdwk_denypay"] = null;
    }

    $backdata["activityorder_unreaded"] = intval(pdo_fetchcolumn("select count(*) from biz_market_activity_order where deleted=0 and plater_readed=0;"));
    if ($backdata["activityorder_unreaded"] <= 0) {
        $backdata["activityorder_unreaded"] = null;
    }

    $backdata["tdupgrade_unaudit"] = intval(pdo_fetchcolumn("select count(*) from biz_trader where deleted=0 and catalog=0 and certif_confirmed=1 and bizlicense_pic<>'';"));
    if ($backdata["tdupgrade_unaudit"] <= 0) {
        $backdata["tdupgrade_unaudit"] = null;
    }

    $backdata["tdupgrade_unaudit_gesture"] = intval(pdo_fetchcolumn("select count(*) from biz_trader where deleted=0  and (lawer_idcard  != '' and ((catalog = '0' and (certif_confirmed = '0' or (certif_confirmed = '1' && company_idcard !=''))) or (catalog = '1' and certif_confirmed = '0')));"));
    if ($backdata["tdupgrade_unaudit_gesture"] <= 0) {
        $backdata["tdupgrade_unaudit_gesture"] = null;
    }

    $backdata["tdwk_refuseypay"] = intval(pdo_fetchcolumn("select count(*) from biz_todowork tdwk where tdwk.deleted=0 and (tdwk.`status`=90)"));
    if ($backdata["tdwk_refuseypay"] <= 0) {
        $backdata["tdwk_refuseypay"] = null;
    }

    return $backdata;
}