25개 이상의 토픽을 선택하실 수 없습니다. Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 

345 lines
8.7 KiB

  1. <?php
  2. /**
  3. * Created by PhpStorm.
  4. * User: Steven
  5. * Date: 2016/10/13
  6. * Time: 20:36
  7. */
  8. /**
  9. * 项目基类
  10. * Class base
  11. */
  12. require_once __DIR__ . '/DBConfig.class.php'; //引入数据库操作类
  13. require_once __DIR__ . '/Dictionary.class.php'; //引入字典表
  14. require_once __DIR__ . '/message.class.php'; //短信模板类
  15. class base extends DBConfig
  16. {
  17. public $user_id;
  18. function __construct()
  19. {
  20. header("Access-Control-Allow-Origin:*");
  21. date_default_timezone_set('PRC');
  22. //sql注入验证
  23. if (!$this->validatePost()) {
  24. $result['code'] = '102';
  25. $result['info'] = '参数非法';
  26. echo json_encode($result);
  27. exit();
  28. }
  29. //暂时先统一成cookie取值
  30. if (isset($_COOKIE['xm_data'])) {
  31. $xm_data = $_COOKIE['xm_data'];
  32. $data = unserialize($xm_data);
  33. $this->user_id = $data['id'];
  34. } else {
  35. //判断是否登陆:如果没有的话:重定向到login界面
  36. if (!isset($_SESSION)) {
  37. session_start();
  38. }
  39. if (!isset($_SESSION['user_id'])) {
  40. header("Location:http://". CS_DOMAIN. "/");
  41. }
  42. $this->user_id = $_SESSION['user_id'];
  43. }
  44. }
  45. /*
  46. *执行查询操作
  47. */
  48. public function query($sql)
  49. {
  50. $rowset = array();
  51. try {
  52. $dbConn = new DBConfig();
  53. $pdo = $dbConn->conn_waice();
  54. $pdo->beginTransaction();
  55. $result = $pdo->query($sql);
  56. if ($result) {
  57. $rowset = $result->fetchAll(PDO::FETCH_ASSOC);
  58. $result->closeCursor();
  59. $pdo->commit();
  60. }
  61. } catch (PDOException $ex) {
  62. $pdo->rollBack();
  63. }
  64. return $rowset;
  65. }
  66. public function edit($sql)
  67. {
  68. $dbConn = new DBConfig();
  69. $pdo = $dbConn->conn_waice();
  70. $pdo->beginTransaction();
  71. try {
  72. $pdo->exec($sql);
  73. $pdo->commit();
  74. return true;
  75. } catch (PDOException $ex) {
  76. $pdo->rollBack();
  77. return false;
  78. }
  79. }
  80. /**
  81. * 调用执行存储过程
  82. * @param $sql
  83. * @return array|null
  84. */
  85. public function procQuery($sql)
  86. {
  87. $dbConn = new DBConfig();
  88. $pdo = $dbConn->conn_waice();
  89. $result = $pdo->query($sql);
  90. $flag = 1;
  91. $arr = array();
  92. $res = null;
  93. do {
  94. $rowset = $result->fetchAll(PDO::FETCH_ASSOC);
  95. if ($flag > 1) { //说明返回的结果集大于1
  96. if (count($arr) <= 0) {
  97. $arr[] = $res[0];
  98. $res = $arr;
  99. }
  100. $res[] = $rowset;
  101. }
  102. if ($flag == 1) {
  103. $res[0] = $rowset;
  104. }
  105. $flag++;
  106. } while ($result->nextRowset());
  107. $result->closeCursor();
  108. if (isset($res[0][0]['errcode'])) //如果存在errcode的话
  109. {
  110. if ($res[0][0]['errcode'] != 0) //存储过程出错
  111. {
  112. $res1['code'] = $res[0][0]['errcode'];
  113. $res1['info'] = $res[0][0]['errinfo'];
  114. return $res1;
  115. } else {
  116. //将数组的第一个元素删除(删除包含errcode的数组)
  117. $res2['code'] = 0;
  118. $res2['info'] = '执行成功';
  119. $res2['data'] = array_splice($res, 1);
  120. return $res2;
  121. }
  122. } else {
  123. $res3['code'] = 0;
  124. $res3['info'] = '执行成功';
  125. $res3['data'] = $res;
  126. return $res3;
  127. }
  128. }
  129. /**
  130. * 执行更新操作
  131. * @param $sql
  132. * @return int
  133. */
  134. public function exec($sql)
  135. {
  136. try {
  137. $dbConn = new DBConfig();
  138. $pdo = $dbConn->conn_waice();
  139. $pdo->beginTransaction();
  140. $result = $pdo->exec($sql);
  141. $pdo->commit();
  142. } catch (PDOException $ex) {
  143. $pdo->rollBack();
  144. }
  145. return $result;
  146. }
  147. /**
  148. * sql添加
  149. * @return int
  150. */
  151. public function insert($sql)
  152. {
  153. try {
  154. $dbConn = new DBConfig();
  155. $pdo = $dbConn->conn_waice();
  156. $pdo->beginTransaction();
  157. $result = $pdo->exec($sql);
  158. $id = $pdo->lastInsertId();
  159. $pdo->commit();
  160. } catch (PDOException $ex) {
  161. $pdo->rollBack();
  162. }
  163. if ($result) {
  164. $result = $id;
  165. }
  166. return $result;
  167. }
  168. /**
  169. * 获取巴士供应商列表
  170. */
  171. public function getSupply()
  172. {
  173. $sql = "SELECT
  174. a.supplier_id,
  175. b.supplier_name
  176. FROM
  177. base_supplier_purchase AS a
  178. INNER JOIN base_supplier AS b ON a.supplier_id = b.id
  179. WHERE
  180. a.product_type = 310
  181. AND a.cancel_flag = 0
  182. AND b.cancel_flag = 0
  183. AND b.is_disabled = 0
  184. GROUP BY
  185. a.supplier_id";
  186. $res = $this->query($sql);
  187. return $res;
  188. }
  189. /**
  190. * 获取巴士渠道商列表
  191. */
  192. public function getChannel()
  193. {
  194. $sql = "SELECT
  195. a.supplier_id,
  196. b.supplier_name
  197. FROM
  198. base_supplier_sale AS a
  199. INNER JOIN base_supplier AS b ON a.supplier_id = b.id
  200. WHERE
  201. a.parent_type = 310
  202. AND a.cancel_flag = 0
  203. AND b.cancel_flag = 0
  204. AND b.is_disabled = 0
  205. GROUP BY
  206. a.supplier_id";
  207. $res = $this->query($sql);
  208. return $res;
  209. }
  210. /**
  211. * 获取产品线(组合线路)
  212. * @return array|null
  213. */
  214. public function productLine()
  215. {
  216. $sql = "select id,type_name from dict_type where PARENT_ID=323"; //获取产品线
  217. $res = $this->query($sql);
  218. return $res;
  219. }
  220. /**
  221. * 售卖情况时间列表
  222. * @return array
  223. */
  224. public function getTimeType()
  225. {
  226. $time_sql = "SELECT
  227. id,
  228. type_name
  229. FROM
  230. dict_type
  231. WHERE
  232. parent_id = 320";
  233. $res = $this->query($time_sql);//售卖情况时间列表
  234. return $res;
  235. }
  236. /**
  237. * 巴士类型表
  238. * @return array
  239. */
  240. public function getBusType()
  241. {
  242. $bus_type = array(
  243. 0 => array(
  244. 'id' => '255',
  245. 'name' => '直通巴士'
  246. ),
  247. 1 => array(
  248. 'id' => '256',
  249. 'name' => '穿梭巴士'
  250. )
  251. );
  252. $res = $bus_type;
  253. return $res;
  254. }
  255. /**
  256. * 获取座位类型
  257. */
  258. public function getSeat()
  259. {
  260. $sql = "SELECT
  261. id,
  262. type_name
  263. FROM
  264. dict_type
  265. WHERE
  266. parent_id = 71";
  267. $res = $this->query($sql);
  268. return $res;
  269. }
  270. /**
  271. * 获取人群类型
  272. */
  273. public function getPeopleType()
  274. {
  275. $sql = "SELECT
  276. id,
  277. type_name
  278. FROM
  279. dict_type
  280. WHERE
  281. parent_id = 158";
  282. $res = $this->query($sql);
  283. return $res;
  284. }
  285. /*
  286. * 验证post传递的参数是否合法
  287. * 默认提交的全是POST请求
  288. */
  289. private function validatePost()
  290. {
  291. $post = array();
  292. if (isset($_POST) && !empty($_POST)) {
  293. $post = array_merge($post, $_POST);
  294. }
  295. if (isset($_REQUEST) && !empty($_REQUEST)) {
  296. $post = array_merge($post, $_REQUEST);
  297. }
  298. if (isset($_GET) && !empty($_GET)) {
  299. $post = array_merge($post, $_GET);
  300. }
  301. if (!empty($post)) {
  302. if (isset($_POST['error']))
  303. unset($_POST['error']);
  304. foreach (array_keys($post) as $array_key) {
  305. if (!$this->validateString($post[$array_key])) {
  306. return false;
  307. }
  308. }
  309. }
  310. return true;
  311. }
  312. /*
  313. * 验证参数是否合法
  314. * @return 合法:true 非法:false
  315. */
  316. private function validateString($str)
  317. {
  318. $check = 0;
  319. if (is_string($str))
  320. $check = preg_match('/select |insert |update |delete |union|into|load_file|outfile/', $str);
  321. return $check == 0 ? true : false;
  322. }
  323. }