|
- <?php
- /**
- * Created by PhpStorm.
- * User: Steven
- * Date: 2016/10/13
- * Time: 20:36
- */
-
- /**
- * 项目基类
- * Class base
- */
- require_once __DIR__ . '/DBConfig.class.php'; //引入数据库操作类
- require_once __DIR__ . '/Dictionary.class.php'; //引入字典表
- require_once __DIR__ . '/message.class.php'; //短信模板类
- class base extends DBConfig
- {
- public $user_id;
-
- function __construct()
- {
- header("Access-Control-Allow-Origin:*");
- date_default_timezone_set('PRC');
- //sql注入验证
- if (!$this->validatePost()) {
- $result['code'] = '102';
- $result['info'] = '参数非法';
- echo json_encode($result);
- exit();
- }
-
- //暂时先统一成cookie取值
- if (isset($_COOKIE['xm_data'])) {
- $xm_data = $_COOKIE['xm_data'];
- $data = unserialize($xm_data);
- $this->user_id = $data['id'];
- } else {
- //判断是否登陆:如果没有的话:重定向到login界面
- if (!isset($_SESSION)) {
- session_start();
- }
- if (!isset($_SESSION['user_id'])) {
- header("Location:http://". CS_DOMAIN. "/");
- }
- $this->user_id = $_SESSION['user_id'];
- }
- }
-
- /*
- *执行查询操作
- */
- public function query($sql)
- {
- $rowset = array();
- try {
- $dbConn = new DBConfig();
- $pdo = $dbConn->conn_waice();
- $pdo->beginTransaction();
- $result = $pdo->query($sql);
- if ($result) {
- $rowset = $result->fetchAll(PDO::FETCH_ASSOC);
- $result->closeCursor();
- $pdo->commit();
- }
- } catch (PDOException $ex) {
- $pdo->rollBack();
- }
- return $rowset;
- }
-
- public function edit($sql)
- {
- $dbConn = new DBConfig();
- $pdo = $dbConn->conn_waice();
- $pdo->beginTransaction();
- try {
- $pdo->exec($sql);
- $pdo->commit();
- return true;
- } catch (PDOException $ex) {
- $pdo->rollBack();
- return false;
- }
- }
-
- /**
- * 调用执行存储过程
- * @param $sql
- * @return array|null
- */
- public function procQuery($sql)
- {
- $dbConn = new DBConfig();
- $pdo = $dbConn->conn_waice();
- $result = $pdo->query($sql);
- $flag = 1;
- $arr = array();
- $res = null;
- do {
- $rowset = $result->fetchAll(PDO::FETCH_ASSOC);
- if ($flag > 1) { //说明返回的结果集大于1
- if (count($arr) <= 0) {
- $arr[] = $res[0];
- $res = $arr;
- }
- $res[] = $rowset;
- }
- if ($flag == 1) {
- $res[0] = $rowset;
- }
- $flag++;
- } while ($result->nextRowset());
- $result->closeCursor();
- if (isset($res[0][0]['errcode'])) //如果存在errcode的话
- {
- if ($res[0][0]['errcode'] != 0) //存储过程出错
- {
- $res1['code'] = $res[0][0]['errcode'];
- $res1['info'] = $res[0][0]['errinfo'];
- return $res1;
- } else {
- //将数组的第一个元素删除(删除包含errcode的数组)
- $res2['code'] = 0;
- $res2['info'] = '执行成功';
- $res2['data'] = array_splice($res, 1);
- return $res2;
- }
- } else {
- $res3['code'] = 0;
- $res3['info'] = '执行成功';
- $res3['data'] = $res;
- return $res3;
- }
- }
-
-
- /**
- * 执行更新操作
- * @param $sql
- * @return int
- */
- public function exec($sql)
- {
- try {
- $dbConn = new DBConfig();
- $pdo = $dbConn->conn_waice();
- $pdo->beginTransaction();
- $result = $pdo->exec($sql);
- $pdo->commit();
- } catch (PDOException $ex) {
- $pdo->rollBack();
- }
- return $result;
- }
-
- /**
- * sql添加
- * @return int
- */
- public function insert($sql)
- {
- try {
- $dbConn = new DBConfig();
- $pdo = $dbConn->conn_waice();
- $pdo->beginTransaction();
- $result = $pdo->exec($sql);
- $id = $pdo->lastInsertId();
- $pdo->commit();
- } catch (PDOException $ex) {
- $pdo->rollBack();
- }
- if ($result) {
- $result = $id;
- }
- return $result;
- }
-
- /**
- * 获取巴士供应商列表
- */
- public function getSupply()
- {
- $sql = "SELECT
- a.supplier_id,
- b.supplier_name
- FROM
- base_supplier_purchase AS a
- INNER JOIN base_supplier AS b ON a.supplier_id = b.id
- WHERE
- a.product_type = 310
- AND a.cancel_flag = 0
- AND b.cancel_flag = 0
- AND b.is_disabled = 0
- GROUP BY
- a.supplier_id";
- $res = $this->query($sql);
- return $res;
- }
-
- /**
- * 获取巴士渠道商列表
- */
- public function getChannel()
- {
- $sql = "SELECT
- a.supplier_id,
- b.supplier_name
- FROM
- base_supplier_sale AS a
- INNER JOIN base_supplier AS b ON a.supplier_id = b.id
- WHERE
- a.parent_type = 310
- AND a.cancel_flag = 0
- AND b.cancel_flag = 0
- AND b.is_disabled = 0
- GROUP BY
- a.supplier_id";
- $res = $this->query($sql);
- return $res;
- }
-
- /**
- * 获取产品线(组合线路)
- * @return array|null
- */
- public function productLine()
- {
- $sql = "select id,type_name from dict_type where PARENT_ID=323"; //获取产品线
- $res = $this->query($sql);
- return $res;
- }
-
- /**
- * 售卖情况时间列表
- * @return array
- */
- public function getTimeType()
- {
- $time_sql = "SELECT
- id,
- type_name
- FROM
- dict_type
- WHERE
- parent_id = 320";
- $res = $this->query($time_sql);//售卖情况时间列表
- return $res;
- }
-
- /**
- * 巴士类型表
- * @return array
- */
- public function getBusType()
- {
- $bus_type = array(
- 0 => array(
- 'id' => '255',
- 'name' => '直通巴士'
- ),
- 1 => array(
- 'id' => '256',
- 'name' => '穿梭巴士'
- )
- );
- $res = $bus_type;
- return $res;
- }
-
-
- /**
- * 获取座位类型
- */
- public function getSeat()
- {
- $sql = "SELECT
- id,
- type_name
- FROM
- dict_type
- WHERE
- parent_id = 71";
- $res = $this->query($sql);
- return $res;
- }
-
- /**
- * 获取人群类型
- */
- public function getPeopleType()
- {
- $sql = "SELECT
- id,
- type_name
- FROM
- dict_type
- WHERE
- parent_id = 158";
- $res = $this->query($sql);
- return $res;
- }
-
-
- /*
- * 验证post传递的参数是否合法
- * 默认提交的全是POST请求
- */
- private function validatePost()
- {
- $post = array();
- if (isset($_POST) && !empty($_POST)) {
- $post = array_merge($post, $_POST);
- }
- if (isset($_REQUEST) && !empty($_REQUEST)) {
- $post = array_merge($post, $_REQUEST);
- }
- if (isset($_GET) && !empty($_GET)) {
- $post = array_merge($post, $_GET);
- }
-
- if (!empty($post)) {
- if (isset($_POST['error']))
- unset($_POST['error']);
- foreach (array_keys($post) as $array_key) {
- if (!$this->validateString($post[$array_key])) {
- return false;
- }
- }
- }
- return true;
- }
-
- /*
- * 验证参数是否合法
- * @return 合法:true 非法:false
- */
- private function validateString($str)
- {
- $check = 0;
- if (is_string($str))
- $check = preg_match('/select |insert |update |delete |union|into|load_file|outfile/', $str);
- return $check == 0 ? true : false;
- }
-
- }
|
