nizongfeng
/
ZZCS
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
14 MiB
 
 
 
 
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
ZZCS/Config/base.class.php

387 lines
11 KiB
Raw Permalink Blame History 

  1. <?php

  2. /**

  3.  * Created by PhpStorm.

  4.  * User: Steven

  5.  * Date: 2016/10/13

  6.  * Time: 20:36

  7.  */

  8. 

  9. /**

  10.  * 项目基类

  11.  * Class base

  12.  */

  13. require_once __DIR__ . '/DBConfig.class.php'; //引入数据库操作类

  14. require_once __DIR__ . '/Dictionary.class.php'; //引入字典表

  15. require_once __DIR__ . '/message.class.php';  //短信模板类

  16. class base extends DBConfig

  17. {

  18.     public $user_id;

  19. 

  20.     function __construct()

  21.     {

  22.         header("Access-Control-Allow-Origin:*");

  23.         date_default_timezone_set('PRC');

  24.         //sql注入验证

  25.         if (!$this->validatePost()) {

  26.             $result['code'] = '102';

  27.             $result['info'] = '参数非法';

  28.             echo json_encode($result);

  29.             exit();

  30.         }

  31. 

  32.         //暂时先统一成cookie取值

  33.         if (isset($_COOKIE['xm_data'])) {

  34.             $xm_data = $_COOKIE['xm_data'];

  35.             $data = unserialize($xm_data);

  36.             $this->user_id = $data['id'];

  37.         } else {

  38.             //判断是否登陆:如果没有的话:重定向到login界面

  39.             if (!isset($_SESSION)) {

  40.                 session_start();

  41.             }

  42.             if (!isset($_SESSION['user_id'])) {

  43.                 header("Location:http://". CS_DOMAIN. "/");

  44.             }

  45.             $this->user_id = $_SESSION['user_id'];

  46.         }

  47.     }

  48. 

  49.     /*

  50.      *执行查询操作

  51.      */

  52.     public function query($sql)

  53.     {

  54.         $rowset = array();

  55.         try {

  56.             $dbConn = new DBConfig();

  57.             $pdo = $dbConn->conn_waice();

  58.             $pdo->beginTransaction();

  59.             $result = $pdo->query($sql);

  60.             if ($result) {

  61.                 $rowset = $result->fetchAll(PDO::FETCH_ASSOC);

  62.                 $result->closeCursor();

  63.                 $pdo->commit();

  64.             }

  65.         } catch (PDOException $ex) {

  66.             $pdo->rollBack();

  67.         }

  68.         return $rowset;

  69.     }

  70. 

  71.     public function edit($sql)

  72.     {

  73.         $dbConn = new DBConfig();

  74.         $pdo = $dbConn->conn_waice();

  75.         $pdo->beginTransaction();

  76.         try {

  77.             $pdo->exec($sql);

  78.             $pdo->commit();

  79.             return true;

  80.         } catch (PDOException $ex) {

  81.             $pdo->rollBack();

  82.             return false;

  83.         }

  84.     }

  85. 

  86.     /**

  87.      * 调用执行存储过程

  88.      * @param $sql

  89.      * @return array|null

  90.      */

  91.     public function procQuery($sql)

  92.     {

  93.         $dbConn = new DBConfig();

  94.         $pdo = $dbConn->conn_waice();

  95.         $result = $pdo->query($sql);

  96.         $flag = 1;

  97.         $arr = array();

  98.         $res = null;

  99.         do {

  100.             $rowset = $result->fetchAll(PDO::FETCH_ASSOC);

  101.             if ($flag > 1) { //说明返回的结果集大于1

  102.                 if (count($arr) <= 0) {

  103.                     $arr[] = $res[0];

  104.                     $res = $arr;

  105.                 }

  106.                 $res[] = $rowset;

  107.             }

  108.             if ($flag == 1) {

  109.                 $res[0] = $rowset;

  110.             }

  111.             $flag++;

  112.         } while ($result->nextRowset());

  113.         $result->closeCursor();

  114.         if (isset($res[0][0]['errcode']))    //如果存在errcode的话

  115.         {

  116.             if ($res[0][0]['errcode'] != 0)    //存储过程出错

  117.             {

  118.                 $res1['code'] = $res[0][0]['errcode'];

  119.                 $res1['info'] = $res[0][0]['errinfo'];

  120.                 return $res1;

  121.             } else {

  122.                 //将数组的第一个元素删除(删除包含errcode的数组)

  123.                 $res2['code'] = 0;

  124.                 $res2['info'] = '执行成功';

  125.                 $res2['data'] = array_splice($res, 1);

  126.                 return $res2;

  127.             }

  128.         } else {

  129.             $res3['code'] = 0;

  130.             $res3['info'] = '执行成功';

  131.             $res3['data'] = $res;

  132.             return $res3;

  133.         }

  134.     }

  135. 

  136. 

  137.     /**

  138.      * 执行更新操作

  139.      * @param $sql

  140.      * @return int

  141.      */

  142.     public function exec($sql)

  143.     {

  144.         try {

  145.             $dbConn = new DBConfig();

  146.             $pdo = $dbConn->conn_waice();

  147.             $pdo->beginTransaction();

  148.             $result = $pdo->exec($sql);

  149.             $pdo->commit();

  150.         } catch (PDOException $ex) {

  151.             $pdo->rollBack();

  152.         }

  153.         return $result;

  154.     }

  155. 

  156.     /**

  157.      * sql添加

  158.      * @return int

  159.      */

  160.     public function insert($sql)

  161.     {

  162.         try {

  163.             $dbConn = new DBConfig();

  164.             $pdo = $dbConn->conn_waice();

  165.             $pdo->beginTransaction();

  166.             $result = $pdo->exec($sql);

  167.             $id = $pdo->lastInsertId();

  168.             $pdo->commit();

  169.         } catch (PDOException $ex) {

  170.             $pdo->rollBack();

  171.         }

  172.         if ($result) {

  173.             $result = $id;

  174.         }

  175.         return $result;

  176.     }

  177. 

  178.     /**

  179.      * 获取巴士供应商列表

  180.      */

  181.     public function getSupply()

  182.     {

  183.         $extra_sql = '';

  184.         $main_supply_id = 0;

  185.         if (isset($_COOKIE["user_main_corp"]) && mb_strlen($_COOKIE["user_main_corp"]) > 0 && $_COOKIE["user_main_corp"] > 0 ) {

  186.             $extra_sql = ' AND b.main_corp_id IN( ' . $_COOKIE["user_main_corp"] . ' ) ';

  187.             $all_main_corp_array = $this->getMainCorpArray();

  188.             if( isset($all_main_corp_array[$_COOKIE["user_main_corp"]]) && $all_main_corp_array[$_COOKIE["user_main_corp"]]["supplier_id"] > 0 ) {

  189.                 $extra_sql = ' AND ( b.main_corp_id IN( ' . $_COOKIE["user_main_corp"] . ' ) OR b.id='.$all_main_corp_array[$_COOKIE["user_main_corp"]]["supplier_id"].' ) ';

  190.                 $main_supply_id = $all_main_corp_array[$_COOKIE["user_main_corp"]]["supplier_id"];

  191.             }

  192.         }

  193. 

  194.         $sql = "SELECT

  195.                     a.supplier_id,

  196.                     b.supplier_name

  197.                 FROM

  198.                     base_supplier_purchase AS a

  199.                 INNER JOIN base_supplier AS b ON a.supplier_id = b.id

  200.                 WHERE

  201.                     a.product_type = 310

  202.                 AND a.cancel_flag = 0

  203.                 AND b.cancel_flag = 0

  204.                 AND b.is_disabled = 0 {$extra_sql}

  205.                 GROUP BY

  206.                     a.supplier_id";

  207.         $res = $this->query($sql);

  208.         if( count($res) > 1 && $main_supply_id != 0 ) {

  209.             $res_temp = array();

  210.             foreach( $res as $key => $res_tmp ) {

  211.                 if( $res_tmp["supplier_id"] == $main_supply_id ) {

  212.                     $res_temp[] = $res_tmp;

  213.                     unset($res[$key]);

  214.                     $res2 = array_merge( $res_temp, $res );

  215.                     $res = $res2;

  216.                     break;

  217.                 }

  218.             }

  219. 

  220.         }

  221.         return $res;

  222.     }

  223. 

  224.     /**

  225.      * 获取巴士渠道商列表

  226.      */

  227.     public function getChannel()

  228.     {

  229.         $extra_sql = '';

  230.         if (isset($_COOKIE["user_main_corp"]) && mb_strlen($_COOKIE["user_main_corp"]) > 0 && $_COOKIE["user_main_corp"] > 0 ) {

  231.             $extra_sql = ' AND b.main_corp_id IN( ' . $_COOKIE["user_main_corp"] . ' ) ';

  232.         }

  233.         $sql = "SELECT

  234.                     a.supplier_id,

  235.                     b.supplier_name

  236.                 FROM

  237.                     base_supplier_sale AS a

  238.                 INNER JOIN base_supplier AS b ON a.supplier_id = b.id

  239.                 WHERE

  240.                     a.parent_type = 310

  241.                 AND a.cancel_flag = 0

  242.                 AND b.cancel_flag = 0

  243.                 AND b.is_disabled = 0 {$extra_sql}

  244.                 GROUP BY

  245.                     a.supplier_id";

  246.         $res = $this->query($sql);

  247.         return $res;

  248.     }

  249. 

  250.     /**

  251.      * 获取产品线(组合线路)

  252.      * @return array|null

  253.      */

  254.     public function productLine()

  255.     {

  256.         $sql = "select id,type_name from dict_type where PARENT_ID=323";  //获取产品线

  257.         $res = $this->query($sql);

  258.         return $res;

  259.     }

  260. 

  261.     /**

  262.      * 售卖情况时间列表

  263.      * @return array

  264.      */

  265.     public function getTimeType()

  266.     {

  267.         $time_sql = "SELECT

  268.                         id,

  269.                         type_name

  270.                     FROM

  271.                         dict_type

  272.                     WHERE

  273.                         parent_id = 320";

  274.         $res = $this->query($time_sql);//售卖情况时间列表

  275.         return $res;

  276.     }

  277. 

  278.     /**

  279.      * 获取运营主体的数据一览

  280.      */

  281.     public function getMainCorpArray() {

  282.             $sql = " SELECT id,corporation_name,full_name,supplier_id,sale_id  FROM base_main_corporation WHERE corp_type = 1 AND cancel_flag = 0 ";

  283.             $search_result=$this->query($sql);

  284.             $main_corp_array = array();

  285.             foreach( $search_result as $result_info ) {

  286.                 $main_corp_array[$result_info["id"]] = $result_info;

  287.             }

  288.         return $main_corp_array;

  289.     }

  290. 

  291. 

  292.     /**

  293.      * 巴士类型表

  294.      * @return array

  295.      */

  296.     public function getBusType()

  297.     {

  298.         $bus_type = array(

  299.             0 => array(

  300.                 'id' => '255',

  301.                 'name' => '直通巴士'

  302.             ),

  303.             1 => array(

  304.                 'id' => '256',

  305.                 'name' => '穿梭巴士'

  306.             )

  307.         );

  308.         $res = $bus_type;

  309.         return $res;

  310.     }

  311. 

  312. 

  313.     /**

  314.      * 获取座位类型

  315.      */

  316.     public function getSeat()

  317.     {

  318.         $sql = "SELECT

  319.                     id,

  320.                     type_name

  321.                 FROM

  322.                     dict_type

  323.                 WHERE

  324.                     parent_id = 71";

  325.         $res = $this->query($sql);

  326.         return $res;

  327.     }

  328. 

  329.     /**

  330.      * 获取人群类型

  331.      */

  332.     public function getPeopleType()

  333.     {

  334.         $sql = "SELECT

  335.                     id,

  336.                     type_name

  337.                 FROM

  338.                     dict_type

  339.                 WHERE

  340.                     parent_id = 158";

  341.         $res = $this->query($sql);

  342.         return $res;

  343.     }

  344. 

  345. 

  346.     /*

  347.      * 验证post传递的参数是否合法

  348.      * 默认提交的全是POST请求

  349.      */

  350.     private function validatePost()

  351.     {

  352.         $post = array();

  353.         if (isset($_POST) && !empty($_POST)) {

  354.             $post = array_merge($post, $_POST);

  355.         }

  356.         if (isset($_REQUEST) && !empty($_REQUEST)) {

  357.             $post = array_merge($post, $_REQUEST);

  358.         }

  359.         if (isset($_GET) && !empty($_GET)) {

  360.             $post = array_merge($post, $_GET);

  361.         }

  362. 

  363.         if (!empty($post)) {

  364.             if (isset($_POST['error']))

  365.                 unset($_POST['error']);

  366.             foreach (array_keys($post) as $array_key) {

  367.                 if (!$this->validateString($post[$array_key])) {

  368.                     return false;

  369.                 }

  370.             }

  371.         }

  372.         return true;

  373.     }

  374. 

  375.     /*

  376.      * 验证参数是否合法

  377.      * @return 合法:true 非法:false

  378.      */

  379.     private function validateString($str)

  380.     {

  381.         $check = 0;

  382.         if (is_string($str))

  383.             $check = preg_match('/select |insert |update |delete |union|into|load_file|outfile/', $str);

  384.         return $check == 0 ? true : false;

  385.     }

  386. 

  387. }