首頁 探索 說明
註冊 登入
usoft
/
showdoc
1
0
複刻 0
Files 問題管理 0 合併請求 0 Wiki
分支: master
分支列表 標籤列表
showdoc
/
server
/
Application
/
Api
/
Controller
/
BaseController.class.php

BaseController.class.php 7.0 KB
永久連結 文件歷史 原始文件

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257 
  1. <?php
    2. 

  2. namespace Api\Controller;
    3. 

  3. use Think\Controller;
    4. 

  4. class BaseController extends Controller {
    5. 

  5. 

  6. 	//是否开启本地调试
    7. 

  7. 	private $is_local_debug;
    8. 

  8. 

  9.     public function __construct()
    10. 

  10.     {
    11. 

  11. 		//是否开启本地调试。
    12. 

  12. 		$this->is_local_debug = 0 ;
    13. 

  13. 

  14. 		//做一个检测,以免这个配置更新到线上。
    15. 

  15. 		if (
    16. 

  16. 			$this->is_local_debug > 0 
    17. 

  17. 			&& strpos($_SERVER['HTTP_HOST'],'127.0.0.1') === false  
    18. 

  18. 			&& $_SERVER['HTTP_HOST'] != 'wu.com' 
    19. 

  19. 			&& strpos($_SERVER['HTTP_HOST'], "192.168") == false
    20. 

  20. 		){
    21. 

  21. 			$this->sendError("-1001","非本地环境禁止开通调试。请通知管理员关闭调试模式");
    22. 

  22. 			exit();
    23. 

  23. 		}
    24. 

  24. 

  25. 		//检测数据库文件是否有可写权限
    26. 

  26. 		$this->checkDbWhitable();
    27. 

  27. 

  28. 		//为了兼容纯json请求
    29. 

  29. 		if (strstr($_SERVER['CONTENT_TYPE'],"json")) {
    30. 

  30. 			$json = file_get_contents('php://input');
    31. 

  31. 			$array = json_decode($json,1);
    32. 

  32. 			$_POST = array_merge($_POST,$array) ;
    33. 

  33. 		}
    34. 

  34. 		
    35. 

  35.     }
    36. 

  36. 

  37. 

  38. 	public function checkLogin($redirect = true){
    39. 

  39. 

  40. 		//debug
    41. 

  41. 		if ($this->is_local_debug > 0 ) {
    42. 

  42. 			$login_user = D("User")->where("username = 'showdoc' ")->find();
    43. 

  43. 			session("login_user" , $login_user);
    44. 

  44. 		}
    45. 

  45. 		
    46. 

  46. 		if ( ! session("login_user")) {
    47. 

  47. 			$cookie_token = I("user_token") ? I("user_token") : cookie('cookie_token');
    48. 

  48. 			if ($cookie_token) {
    49. 

  49. 				$ret = D("UserToken")->getToken($cookie_token);
    50. 

  50. 				if ($ret && $ret['token_expire'] > time() ) {
    51. 

  51. 					D("UserToken")->setLastTime($cookie_token);
    52. 

  52. 					$login_user = D("User")->where("uid = $ret[uid]")->find();
    53. 

  53. 					unset($ret['password']);
    54. 

  54. 					session("login_user" , $login_user);
    55. 

  55. 					return $login_user ;
    56. 

  56. 				}
    57. 

  57. 			}
    58. 

  58. 			if ($redirect) {
    59. 

  59. 				$this->sendError(10102);
    60. 

  60. 				exit();
    61. 

  61. 			}
    62. 

  62. 		}else{
    63. 

  63. 			return  session("login_user") ;
    64. 

  64. 		}
    65. 

  65. 	}
    66. 

  66. 	
    67. 

  67. 	//检查是否是管理员
    68. 

  68. 	public function checkAdmin($redirect = true){
    69. 

  69. 		$login_user = session("login_user") ;
    70. 

  70. 		if ($login_user) {
    71. 

  71. 			if ($login_user['groupid'] == 1 ) {
    72. 

  72. 				return true ;
    73. 

  73. 			}
    74. 

  74. 		}
    75. 

  75. 		if ($redirect) {
    76. 

  76. 			$this->sendError(10103);
    77. 

  77. 			exit();
    78. 

  78. 		}
    79. 

  79. 		return false;
    80. 

  80. 	}
    81. 

  81. 

  82. 	/**
    83. 

  83. 	 * 返回json结果
    84. 

  84. 	 */
    85. 

  85. 	protected function sendResult($array){
    86. 

  86. 		if (isset($array['error_code'])) {
    87. 

  87. 			$result['error_code'] = $array['error_code'] ;
    88. 

  88. 			$result['error_message'] = $array['error_message'] ;
    89. 

  89. 		}
    90. 

  90. 		else{
    91. 

  91. 			$result['error_code'] = 0 ;
    92. 

  92. 			$result['data'] = $array ;
    93. 

  93. 		}
    94. 

  94. 		
    95. 

  95. 		if ($this->is_local_debug > 0 ) {
    96. 

  96. 			header('Access-Control-Allow-Origin: *');//允许跨域请求
    97. 

  97. 			header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Connection, User-Agent, Cookie');
    98. 

  98. 			header('Access-Control-Allow-Credentials: true');//允许跨域请求
    99. 

  99. 		}
    100. 

  100. 

  101. 		echo json_encode($result);
    102. 

  102. 

  103. 		//如果开启API调试模式,则记录请求参数和返回结果
    104. 

  104. 		if (C('API_LOG')) {
    105. 

  105. 			$info = '';
    106. 

  106. 			$info .= "\n\n【★★★★★★★★★★★】";
    107. 

  107. 			$info .= "\n请求接口:".MODULE_NAME  ."/".CONTROLLER_NAME."/".ACTION_NAME."";
    108. 

  108. 			$info .= "\n请求".'$_REQUEST'.":\n";
    109. 

  109. 			$info .= json_encode($_REQUEST);
    110. 

  110. 			$info .= "\n返回结果:\n";
    111. 

  111. 			$info .= json_encode($result)."\n";	
    112. 

  112. 			$info .= "【★★★★★★★★★★★】\n";		
    113. 

  113. 			\Think\log::record($info , 'INFO');
    114. 

  114. 		}
    115. 

  115. 

  116. 	}
    117. 

  117. 

  118. 	//返回错误提示
    119. 

  119. 	protected function sendError($error_code , $error_message = ''){
    120. 

  120. 		$error_code = $error_code ? $error_code : 10103 ;
    121. 

  121. 		
    122. 

  122. 		//来自Html5Plus的应用允许跨域
    123. 

  123. 		if (strstr($_SERVER['HTTP_USER_AGENT'], "Html5Plus") ) {
    124. 

  124. 			header('Access-Control-Allow-Origin: *');//允许跨域请求
    125. 

  125. 			header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Connection, User-Agent, Cookie');
    126. 

  126. 			header('Access-Control-Allow-Credentials : true');//允许跨域请求
    127. 

  127. 		}
    128. 

  128. 

  129. 		if (!$error_message) {
    130. 

  130. 			$error_codes = C("error_codes");
    131. 

  131. 			foreach ($error_codes as $key => $value) {
    132. 

  132. 				if ($key == $error_code ) {
    133. 

  133. 					$error_message = $value ;
    134. 

  134. 				}
    135. 

  135. 			}
    136. 

  136. 		}
    137. 

  137. 		$array['error_code'] = $error_code;
    138. 

  138. 		$array['error_message'] = $error_message ;
    139. 

  139. 		$this->sendResult($array);
    140. 

  140. 	}
    141. 

  141. 

  142. 	//判断某用户是否有项目编辑权限(项目成员member_group_id为1,是项目所在团队的成员并且成员权限为1 ,以及 项目管理着,创建者和系统管理员)
    143. 

  143. 	protected function checkItemEdit($uid , $item_id){
    144. 

  144. 

  145. 		if (!$uid) {
    146. 

  146. 			return false;
    147. 

  147. 		}
    148. 

  148. 

  149. 		$item = D("Item")->where("item_id = '%d' ",array($item_id))->find();
    150. 

  150. 		if ($item['uid'] && $item['uid'] == $uid) {
    151. 

  151. 			return true;
    152. 

  152. 		}
    153. 

  153. 		$ItemMember = D("ItemMember")->where("item_id = '%d' and uid = '%d' and member_group_id = 1 ",array($item_id,$uid))->find();
    154. 

  154. 		if ($ItemMember) {
    155. 

  155. 			return true;
    156. 

  156. 		}
    157. 

  157. 

  158. 		$ItemMember = D("TeamItemMember")->where("item_id = '%d' and member_uid = '%d' and member_group_id = 1 ",array($item_id,$uid))->find();
    159. 

  159. 		if ($ItemMember) {
    160. 

  160. 			return true;
    161. 

  161. 		}
    162. 

  162. 

  163. 		if ($this->checkItemManage($uid , $item_id)) {
    164. 

  164. 			return true;
    165. 

  165. 		}
    166. 

  166. 

  167. 		return false;
    168. 

  168. 	}
    169. 

  169. 

  170. 	//判断某用户是否有项目管理权限(项目创建者、项目管理员、系统管理员)
    171. 

  171. 	protected function checkItemManage($uid , $item_id){
    172. 

  172. 

  173. 		if (!$uid) {
    174. 

  174. 			return false;
    175. 

  175. 		}
    176. 

  176. 

  177. 		$item = D("Item")->where("item_id = '%d' ",array($item_id))->find();
    178. 

  178. 		if ($item['uid'] && $item['uid'] == $uid) {
    179. 

  179. 			return true;
    180. 

  180. 		}
    181. 

  181. 

  182. 		if ($this->checkAdmin(false)) {
    183. 

  183. 			return true;
    184. 

  184. 		}
    185. 

  185. 

  186. 		return false;
    187. 

  187. 	}
    188. 

  188. 

  189. 	//判断某用户是否为项目创建者
    190. 

  190. 	protected function checkItemCreator($uid , $item_id){
    191. 

  191. 		if (!$uid) {
    192. 

  192. 			return false;
    193. 

  193. 		}
    194. 

  194. 		if (session("creat_item_".$item_id)) {
    195. 

  195. 			return true;
    196. 

  196. 		}
    197. 

  197. 

  198. 		$item = D("Item")->where("item_id = '%d' ",array($item_id))->find();
    199. 

  199. 		if ($item['uid'] && $item['uid'] == $uid) {
    200. 

  200. 			session("creat_item_".$item_id , 1 );
    201. 

  201. 			return true;
    202. 

  202. 		}
    203. 

  203. 		return false;
    204. 

  204. 	}
    205. 

  205. 

  206. 	//判断某用户是否有项目访问权限(公开项目的话所有人可访问,私有项目则项目成员、项目创建者和访问密码输入者可访问)
    207. 

  207. 	protected function checkItemVisit($uid , $item_id, $refer_url= ''){
    208. 

  208. 

  209. 		// 这个session会在item/pwd那里设置
    210. 

  210. 		if (session("visit_item_".$item_id)) {
    211. 

  211. 			return true;
    212. 

  212. 		}
    213. 

  213. 		
    214. 

  214. 		if ($this->checkItemManage($uid , $item_id)) {
    215. 

  215. 			return true;
    216. 

  216. 		}
    217. 

  217. 

  218. 		$ItemMember = D("ItemMember")->where("item_id = '%d' and uid = '%d'  ",array($item_id,$uid))->find();
    219. 

  219. 		if ($ItemMember) {
    220. 

  220. 			return true;
    221. 

  221. 		}
    222. 

  222. 		
    223. 

  223. 		$TeamItemMember = D("TeamItemMember")->where("item_id = '%d' and member_uid = '%d'  ",array($item_id,$uid))->find();
    224. 

  224. 		if ($TeamItemMember) {
    225. 

  225. 			return true;
    226. 

  226. 		}
    227. 

  227. 

  228. 		$item = D("Item")->where("item_id = '%d' ",array($item_id))->find();
    229. 

  229. 		if ($item['password']) {
    230. 

  230. 			return false;
    231. 

  231. 		}else{
    232. 

  232. 			return true;
    233. 

  233. 		}
    234. 

  234. 

  235. 	}
    236. 

  236. 	//检查数据库文件是否可写
    237. 

  237. 	protected function checkDbWhitable(){
    238. 

  238. 		$file = C("DB_NAME") ;
    239. 

  239. 	    if ( $fp = @fopen($file, 'a+')) {
    240. 

  240. 	       @fclose($fp);
    241. 

  241. 	       return true ;
    242. 

  242. 	    } else {
    243. 

  243. 	    	$this->sendError("10103","Sqlite/showdoc.db.php文件不可写");
    244. 

  244. 	    	exit();
    245. 

  245. 	    }
    246. 

  246. 	}
    247. 

  247. 

  248. 	//检查使用composer包是否满足php版本需求
    249. 

  249. 	public function checkComposerPHPVersion(){
    250. 

  250. 		if(version_compare(PHP_VERSION,COMPOSER_PHP_VERSION,'<=')){
    251. 

  251. 			$this->sendError(10101,"该功能需要php版本".COMPOSER_PHP_VERSION."以上,你所使用的php版本".PHP_VERSION."已滞后。请联系管理员进行升级");
    252. 

  252. 			exit();
    253. 

  253. 		}
    254. 

  254. 	}
    255. 

  255. 

  256. 

  257. }
    258.