diff --git a/control/index.php b/control/index.php index 61f25b7..419bd86 100644 --- a/control/index.php +++ b/control/index.php @@ -26,28 +26,17 @@ class index extends publicBase { } public function login() { - $name = $this->get('name'); - $password = $this->get('password'); + $name = trim($this->get('name')); + $password = trim($this->get('password')); $m_user = new mUser(); - $robj = $m_user->initRedis(); + $m_user->createAdminPassWord(); - $user_info = $robj->get(_QR_ADMIN_USER_INFO); if (!empty($name) && !empty($password)) { - $user_info = json_decode($user_info, true); - if ($user_info['name'] == $name && $user_info['password'] == $password) { - //设置登录状态 - $robj->setex(_QR_ADMIN_LOGIN_USER_INFO, 12 * 60 * 60, json_encode(array('uid' => 0, 'token' => $m_user->getToken(0)))); - header('Location: /index/home'); - } - } + $res = $m_user->checkAdminLogin($name, $password); + if (!$res) $this->show_message($m_user->getError(), '/index/login'); - if (empty($user_info)) { - $email = ADMIN_PASSWORD_GET_EMAIL; - $pass = bin2hex(openssl_random_pseudo_bytes(8)); - $robj->setex(_QR_ADMIN_USER_INFO, 12 * 60 * 60, json_encode(array('name' => 'admin', 'password' => $pass))); - - $m_user->sendMail(array($email), '医案录入后台', '新密码是:' . $pass); + header('Location: /index/home'); } } @@ -108,6 +97,7 @@ class index extends publicBase { public function ajax_save_formula() { $uinfo = $this->_check_login(); + $id = $this->post('id') + 0; $name = trim($this->post('name')); $source = trim($this->post('source')); $method = trim($this->post('method')); @@ -121,27 +111,27 @@ class index extends publicBase { if (!$request_times) $this->ajax_json(false, $mformula->getError()); //新增药方 - $id = $mformula->createFormula($uinfo['uid'], $name, $source, $method, $herbs); + $id = $mformula->formula($uinfo['uid'], $id, $name, $source, $method, $herbs); if (!$id) $this->ajax_json(false, $mformula->getError()); - $this->ajax_json(true, '添加成功', array('id' => $id)); + $this->ajax_json(true, '成功', array('id' => $id)); } - public function ajax_update_formula() { - $uinfo = $this->_check_login(); - - $id = $this->post('id') + 0; - $name = trim($this->post('name')); - $source = trim($this->post('source')); - $method = trim($this->post('method')); - $herbs = $this->post('herbs'); - - $mformula = new mFormula(); - $res = $mformula->saveFormula($uinfo['uid'], $id, $name, $source, $method, $herbs); - if (!$res) $this->ajax_json(false, $mformula->getError()); - - $this->ajax_json(true, '保存成功'); - } +// public function ajax_update_formula() { +// $uinfo = $this->_check_login(); +// +// $id = $this->post('id') + 0; +// $name = trim($this->post('name')); +// $source = trim($this->post('source')); +// $method = trim($this->post('method')); +// $herbs = $this->post('herbs'); +// +// $mformula = new mFormula(); +// $res = $mformula->saveFormula($uinfo['uid'], $id, $name, $source, $method, $herbs); +// if (!$res) $this->ajax_json(false, $mformula->getError()); +// +// $this->ajax_json(true, '保存成功'); +// } public function ajax_user_formula() { $uinfo = $this->_check_login(); @@ -193,7 +183,6 @@ class index extends publicBase { $page_num = $this->post('page_num') ? $this->post('page_num') : 1; $page_size = $this->post('page_size') ? $this->post('page_size') : 20; - $condition = array(); $condition['uid'] = array(0, $uinfo['uid']); if ($content) $condition['name'] = $content; @@ -356,9 +345,8 @@ class index extends publicBase { public function export_user_case() { $uinfo = $this->_check_login(); - $id = $this->post('id') + 0; - //导出单个医案 + $id = $this->post('id') + 0; if ($id > 0) { $post_url = USER_CASE_HTML_URL; $data = array( @@ -369,11 +357,17 @@ class index extends publicBase { //导出全部医案 if ($id == 0) { + $start_date = $this->post('start_date'); + if (empty($start_date)) $this->ajax_json(false, '请选择导出开始时间'); + + $end_date = $this->post('end_date'); + if (empty($end_date)) $this->ajax_json(false, '请选择导出结束时间'); + $post_url = USER_CASE_LIST_HTML_URL; $data = array( "uid" => $uinfo['uid'], - "start_date" => $this->post('start_date'), - "end_date" => $this->post('end_date'), + "start_date" => $start_date, + "end_date" => $end_date, ); } @@ -399,20 +393,13 @@ class index extends publicBase { public function user_case_list() { $uid = $this->post('uid') + 0; - if (empty($uid)) $this->ajax_json(false, '参数错误'); - $start_date = $this->post('start_date'); - if (empty($start_date)) $this->ajax_json(false, '请选择导出开始时间'); - $end_date = $this->post('end_date'); - if (empty($end_date)) $this->ajax_json(false, '请选择导出结束时间'); - - $page_num = $this->post('page_num') ? $this->post('page_num') : 1; - $page_size = $this->post('page_size') ? $this->post('page_size') : 500; + $page_num = 1; + $page_size = 500; $m_user_case = new mUserCase(); $data = $m_user_case->getUserCaseListPdfInfo($uid, $page_num, $page_size, $start_date, $end_date); - if (!$data) $this->ajax_json(false, $m_user_case->getError()); $this->view['data'] = $data; $this->setViewTpl('index/export_pdf.html'); @@ -421,11 +408,9 @@ class index extends publicBase { public function user_case() { $id = $this->post('id') + 0; $uid = $this->post('uid') + 0; - if (empty($uid) || empty($id)) $this->ajax_json(false, '参数错误'); $m_user_case = new mUserCase(); $data = $m_user_case->getUserCasePdfInfo($uid, $id); - if (!$data) $this->ajax_json(false, $m_user_case->getError()); $this->view['data'] = array($data); $this->setViewTpl('index/export_pdf.html'); diff --git a/model/mFormula.php b/model/mFormula.php index 4aec974..c01fca8 100644 --- a/model/mFormula.php +++ b/model/mFormula.php @@ -400,6 +400,7 @@ class mFormula extends mBase { $this->setError('删除药方药材失败'); return false; } + continue; } $res = $this->obj->update($this->formula_herb_tbl, $new_data[$key], array('sql' => '`id`=?', 'vals' => array($value['id']))); if (!$res) { @@ -416,6 +417,7 @@ class mFormula extends mBase { $this->setError('添加药方药材失败'); return false; } + continue; } $res = $this->obj->update($this->formula_herb_tbl, $value, array('sql' => '`id`=?', 'vals' => array($old_data[$key]['id']))); if (!$res) { @@ -491,6 +493,99 @@ class mFormula extends mBase { return true; } + public function formula($uid, $id, $name, $source, $method, $herbs) { + if (empty($name)) { + $this->setError('药方名称不能为空'); + return false; + } + + $herbs = json_decode($herbs, true); + if (empty($herbs)) { + $this->setError('药方药材不能为空'); + return false; + } + + if ($id) { + $formula = $this->getFormulaById($id); + if (empty($formula)) { + $this->setError('查询不到此药方'); + return false; + } + if ($formula['uid'] > 0 && $formula['uid'] != $uid) { + $this->setError('这不是你的药方'); + return false; + } + } + + $data = array( + 'uid' => $uid, + 'name' => $name, + 'source' => $source, + ); + + //$uid为0 即为后台录入药方 需处理原方数据 + if ($uid == 0) { + $org_herb = array(); + foreach ($herbs as $key => $herb) { + $org_herb[$key] = array( + 'name' => trim($herb['name']), + 'num' => $this->convertToNum(trim($herb['name']), trim($herb['num'])), + 'desc' => trim($herb['desc']), + ); + } + + //更新原方和用法 + $data['original'] = json_encode($org_herb, JSON_UNESCAPED_UNICODE); + $data['method'] = $method; + } + + //格式化药方对应的药材数据 + $formula_herb = $this->dealForulaHerb($uid, $herbs); + if (!$formula_herb) { + $this->writeLog('formula', 'save_error', '药方药材初始化失败|' . $uid . '|' . json_encode($herbs, JSON_UNESCAPED_UNICODE)); + return false; + } + + if (!$id) { + //添加药方 并添加药方药材关联关系 + $id = $this->insertFormula($data); + if (!$id) { + $this->writeLog('formula', 'save_error', '添加药方失败|' . $uid . '|' . json_encode($data, JSON_UNESCAPED_UNICODE)); + return false; + } + + //创建药方对应的药材 + foreach ($formula_herb as &$item) { + $item['formula_id'] = $id; + } + $res = $this->insertFormulaHerb($formula_herb); + if (!$res) { + $this->writeLog('formula', 'save_error', '添加药方,药材关联失败|' . $uid . '|' . json_encode($formula_herb, JSON_UNESCAPED_UNICODE)); + return false; + } + } else { + //更新药方 并更新药方药材关联关系 + $res = $this->updateFormula($id, $data); + if (!$res) { + $this->writeLog('formula', 'save_error', '更新药方失败|' . $uid . '|' . json_encode($data, JSON_UNESCAPED_UNICODE)); + return false; + } + + //批量更新药方药材关联关系 + foreach ($formula_herb as &$item) { + $item['formula_id'] = $id; + } + $res = $this->mutiUpdateFormulaHerb($id, $formula_herb); + if (!$res) { + $this->writeLog('formula', 'save_error', '更新药方,药材关联失败|' . $uid . '|' . $id . '|' . json_encode($formula_herb, JSON_UNESCAPED_UNICODE)); + return false; + } + } + + return $id; + } + + public function getHerbById($id) { return $this->obj->select($this->herb_tbl, array('sql' => '`id`=?', 'vals' => array($id))); } diff --git a/model/mUser.php b/model/mUser.php index cfb7945..ffebb44 100644 --- a/model/mUser.php +++ b/model/mUser.php @@ -14,6 +14,41 @@ class mUser extends mBase { $this->tbl = 'tcm_user'; } + public function checkAdminLogin($name, $password) { + if (empty($name) || empty($password)) { + $this->setError('参数错误'); + return false; + } + + $robj = $this->initRedis(); + $user_info = $robj->get(_QR_ADMIN_USER_INFO); + $user_info = json_decode($user_info, true); + + if ($user_info['name'] !== $name || $user_info['password'] !== $password) { + $this->setError('账户或密码不正确'); + return false; + } + + //设置登录状态 + $robj->setex(_QR_ADMIN_LOGIN_USER_INFO, 12 * 60 * 60, json_encode(array('uid' => 0, 'token' => $this->getToken(0)))); + return true; + } + + public function createAdminPassword() { + $robj = $this->initRedis(); + $user_info = $robj->get(_QR_ADMIN_USER_INFO); + if (empty($user_info)) { + $email = ADMIN_PASSWORD_GET_EMAIL; + $pass = bin2hex(openssl_random_pseudo_bytes(8)); + $robj->setex(_QR_ADMIN_USER_INFO, 12 * 60 * 60, json_encode(array('name' => 'admin', 'password' => $pass))); + + $this->sendMail(array($email), '医案录入后台', '新密码是:' . $pass); + + return true; + } + return false; + } + public function getUserInfo($code) { $openid = $this->getOpenid($code); if (!$openid) { @@ -51,8 +86,7 @@ class mUser extends mBase { $get_openid_res = json_decode($jsonres, true); if (empty($get_openid_res['openid'])) { $this->setError('获取openid失败'); - $tool_obj = new qTool(); - $tool_obj->trackLog('tcm', $get_openid_url . "|" . $jsonres, sprintf(LOG_TRACK_SAVE_PATH, date('Y-m-d'), 'tcm_get_openid')); + $this->writeLog('user', 'get_openid_error_log', $get_openid_url . "|" . $jsonres); return false; } @@ -98,10 +132,8 @@ class mUser extends mBase { $data = $uid . '|' . $timestamp; $validToken = hash_hmac('sha256', $data, $secretKey); - if (hash_equals($validToken, $tokenHash)) { - if (time() - $timestamp < 7200) { - return true; - } + if (hash_equals($validToken, $tokenHash) && time() - $timestamp < 7200) { + return true; } return false; }