Não pode escolher mais do que 25 tópicos Os tópicos devem começar com uma letra ou um número, podem incluir traços ('-') e podem ter até 35 caracteres.

233 linhas
6.4 KiB

há 3 anos
  1. <?php
  2. namespace Api\Controller;
  3. use Think\Controller;
  4. class BaseController extends Controller {
  5. //是否开启本地调试
  6. private $is_local_debug;
  7. public function __construct()
  8. {
  9. //是否开启本地调试。
  10. $this->is_local_debug = 0 ;
  11. //做一个检测,以免这个配置更新到线上。
  12. if (
  13. $this->is_local_debug > 0
  14. && strpos($_SERVER['HTTP_HOST'],'127.0.0.1') === false
  15. && $_SERVER['HTTP_HOST'] != 'wu.com'
  16. && strpos($_SERVER['HTTP_HOST'], "192.168") == false
  17. ){
  18. $this->sendError("-1001","非本地环境禁止开通调试。请通知管理员关闭调试模式");
  19. exit();
  20. }
  21. //检测数据库文件是否有可写权限
  22. $this->checkDbWhitable();
  23. //为了兼容纯json请求
  24. if (strstr($_SERVER['CONTENT_TYPE'],"json")) {
  25. $json = file_get_contents('php://input');
  26. $array = json_decode($json,1);
  27. $_POST = array_merge($_POST,$array) ;
  28. }
  29. }
  30. public function checkLogin($redirect = true){
  31. //debug
  32. if ($this->is_local_debug > 0 ) {
  33. $login_user = D("User")->where("username = 'showdoc' ")->find();
  34. session("login_user" , $login_user);
  35. }
  36. if ( ! session("login_user")) {
  37. $cookie_token = I("user_token") ? I("user_token") : cookie('cookie_token');
  38. if ($cookie_token) {
  39. $ret = D("UserToken")->getToken($cookie_token);
  40. if ($ret && $ret['token_expire'] > time() ) {
  41. D("UserToken")->setLastTime($cookie_token);
  42. $login_user = D("User")->where("uid = $ret[uid]")->find();
  43. unset($ret['password']);
  44. session("login_user" , $login_user);
  45. return $login_user ;
  46. }
  47. }
  48. if ($redirect) {
  49. $this->sendError(10102);
  50. exit();
  51. }
  52. }else{
  53. return session("login_user") ;
  54. }
  55. }
  56. //检查是否是管理员
  57. public function checkAdmin($redirect = true){
  58. $login_user = session("login_user") ;
  59. if ($login_user) {
  60. if ($login_user['groupid'] == 1 ) {
  61. return true ;
  62. }
  63. }
  64. if ($redirect) {
  65. $this->sendError(10103);
  66. exit();
  67. }
  68. return false;
  69. }
  70. /**
  71. * 返回json结果
  72. */
  73. protected function sendResult($array){
  74. if (isset($array['error_code'])) {
  75. $result['error_code'] = $array['error_code'] ;
  76. $result['error_message'] = $array['error_message'] ;
  77. }
  78. else{
  79. $result['error_code'] = 0 ;
  80. $result['data'] = $array ;
  81. }
  82. if ($this->is_local_debug > 0 ) {
  83. header('Access-Control-Allow-Origin: *');//允许跨域请求
  84. header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Connection, User-Agent, Cookie');
  85. header('Access-Control-Allow-Credentials: true');//允许跨域请求
  86. }
  87. echo json_encode($result);
  88. //如果开启API调试模式,则记录请求参数和返回结果
  89. if (C('API_LOG')) {
  90. $info = '';
  91. $info .= "\n\n【★★★★★★★★★★★】";
  92. $info .= "\n请求接口:".MODULE_NAME ."/".CONTROLLER_NAME."/".ACTION_NAME."";
  93. $info .= "\n请求".'$_REQUEST'."\n";
  94. $info .= json_encode($_REQUEST);
  95. $info .= "\n返回结果:\n";
  96. $info .= json_encode($result)."\n";
  97. $info .= "【★★★★★★★★★★★】\n";
  98. \Think\log::record($info , 'INFO');
  99. }
  100. }
  101. //返回错误提示
  102. protected function sendError($error_code , $error_message = ''){
  103. $error_code = $error_code ? $error_code : 10103 ;
  104. //来自Html5Plus的应用允许跨域
  105. if (strstr($_SERVER['HTTP_USER_AGENT'], "Html5Plus") ) {
  106. header('Access-Control-Allow-Origin: *');//允许跨域请求
  107. header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Connection, User-Agent, Cookie');
  108. header('Access-Control-Allow-Credentials : true');//允许跨域请求
  109. }
  110. if (!$error_message) {
  111. $error_codes = C("error_codes");
  112. foreach ($error_codes as $key => $value) {
  113. if ($key == $error_code ) {
  114. $error_message = $value ;
  115. }
  116. }
  117. }
  118. $array['error_code'] = $error_code;
  119. $array['error_message'] = $error_message ;
  120. $this->sendResult($array);
  121. }
  122. //判断某用户是否有项目管理权限(项目成员member_group_id为1,是项目所在团队的成员并且成员权限为1 ,以及 项目创建者)
  123. protected function checkItemPermn($uid , $item_id){
  124. if (!$uid) {
  125. return false;
  126. }
  127. $item = D("Item")->where("item_id = '%d' ",array($item_id))->find();
  128. if ($item['uid'] && $item['uid'] == $uid) {
  129. session("mamage_item_".$item_id , 1 );
  130. return true;
  131. }
  132. $ItemMember = D("ItemMember")->where("item_id = '%d' and uid = '%d' and member_group_id = 1 ",array($item_id,$uid))->find();
  133. if ($ItemMember) {
  134. session("mamage_item_".$item_id , 1 );
  135. return true;
  136. }
  137. $ItemMember = D("TeamItemMember")->where("item_id = '%d' and member_uid = '%d' and member_group_id = 1 ",array($item_id,$uid))->find();
  138. if ($ItemMember) {
  139. session("mamage_item_".$item_id , 1 );
  140. return true;
  141. }
  142. return false;
  143. }
  144. //判断某用户是否为项目创建者
  145. protected function checkItemCreator($uid , $item_id){
  146. if (!$uid) {
  147. return false;
  148. }
  149. if (session("creat_item_".$item_id)) {
  150. return true;
  151. }
  152. $item = D("Item")->where("item_id = '%d' ",array($item_id))->find();
  153. if ($item['uid'] && $item['uid'] == $uid) {
  154. session("creat_item_".$item_id , 1 );
  155. return true;
  156. }
  157. return false;
  158. }
  159. //判断某用户是否有项目访问权限(公开项目的话所有人可访问,私有项目则项目成员、项目创建者和访问密码输入者可访问)
  160. protected function checkItemVisit($uid , $item_id, $refer_url= ''){
  161. if (session("visit_item_".$item_id)) {
  162. return true;
  163. }
  164. if ($this->checkItemCreator($uid , $item_id)) {
  165. session("visit_item_".$item_id , 1 );
  166. return true;
  167. }
  168. $ItemMember = D("ItemMember")->where("item_id = '%d' and uid = '%d' ",array($item_id,$uid))->find();
  169. if ($ItemMember) {
  170. session("visit_item_".$item_id , 1 );
  171. return true;
  172. }
  173. $TeamItemMember = D("TeamItemMember")->where("item_id = '%d' and member_uid = '%d' ",array($item_id,$uid))->find();
  174. if ($TeamItemMember) {
  175. session("visit_item_".$item_id , 1 );
  176. return true;
  177. }
  178. $item = D("Item")->where("item_id = '%d' ",array($item_id))->find();
  179. if ($item['password']) {
  180. return false;
  181. }else{
  182. session("visit_item_".$item_id , 1 );
  183. return true;
  184. }
  185. }
  186. //检查数据库文件是否可写
  187. protected function checkDbWhitable(){
  188. $file = C("DB_NAME") ;
  189. if ( $fp = @fopen($file, 'a+')) {
  190. @fclose($fp);
  191. return true ;
  192. } else {
  193. $this->sendError("10103","Sqlite/showdoc.db.php文件不可写");
  194. exit();
  195. }
  196. }
  197. }