www.gusucode.com > baigo CMS PHP开源网站管理系统 v1.2.2源码程序 > baigocms_v1.2.2/bg_sso/core/control/api/pm.class.php
<?php
/*-----------------------------------------------------------------
!!!!警告!!!!
以下为系统文件,请勿修改
-----------------------------------------------------------------*/
//不能非法包含或直接执行
if(!defined("IN_BAIGO")) {
exit("Access Denied");
}
include_once(BG_PATH_FUNC . "baigocode.func.php"); //载入开放平台类
include_once(BG_PATH_CLASS . "api.class.php"); //载入模板类
include_once(BG_PATH_MODEL . "app.class.php"); //载入后台用户类
include_once(BG_PATH_MODEL . "pm.class.php"); //载入后台用户类
include_once(BG_PATH_MODEL . "log.class.php"); //载入管理帐号模型
include_once(BG_PATH_MODEL . "user.class.php"); //载入后台用户类
/*-------------用户类-------------*/
class API_PM {
private $obj_api;
private $log;
private $mdl_pm;
private $appAllow;
private $appRequest;
function __construct() { //构造函数
$this->obj_api = new CLASS_API();
$this->obj_api->chk_install();
$this->log = $this->obj_api->log;
$this->mdl_pm = new MODEL_PM();
$this->mdl_app = new MODEL_APP();
$this->mdl_log = new MODEL_LOG();
$this->mdl_user = new MODEL_USER();
}
/**
* api_reg function.
*
* @access public
* @return void
*/
function api_send() {
$this->app_check("post");
if (!isset($this->appAllow["pm"]["send"])) { //无权限并记录日志
$_arr_return = array(
"alert" => "x050320",
);
$_arr_logType = array("pm", "send");
$_arr_logTarget[] = array(
"app_id" => $this->appRequest["app_id"],
);
$this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType);
$this->obj_api->halt_re($_arr_return);
}
$_arr_userRow = $this->user_check("post");
$_arr_pmSend = $this->mdl_pm->input_send();
if ($_arr_pmSend["alert"] != "ok") {
$this->obj_ajax->halt_alert($_arr_pmSend["alert"]);
}
if (stristr($_arr_pmSend["pm_to"], "|")) {
$_arr_pmTo = explode("|", $_arr_pmSend["pm_to"]);
} else {
$_arr_pmTo = array($_arr_pmSend["pm_to"]);
}
$_arr_pmTo = array_unique($_arr_pmTo);
$_arr_pmRows = array();
foreach ($_arr_pmTo as $_key=>$_value) {
$_arr_toUser = $this->mdl_user->mdl_read($_value, "user_name");
if ($_arr_toUser["alert"] == "y010102") {
$_arr_pmRows[$_key] = $this->mdl_pm->mdl_submit($_arr_toUser["user_id"], $_arr_userRow["user_id"]);
$_arr_pmRows[$_key]["pm_to"] = $_arr_toUser["user_id"];
}
}
$_str_key = fn_rand(6);
$_str_code = $this->obj_api->api_encode($_arr_pmRows, $_str_key); //生成结果
$_arr_return = array(
"code" => $_str_code,
"key" => $_str_key,
);
$_arr_return["alert"] = $_arr_pmRows[$_key]["alert"];
$this->obj_api->halt_re($_arr_return);
}
function api_rev() {
$this->app_check("post");
if (!isset($this->appAllow["pm"]["rev"])) {
$_arr_return = array(
"alert" => "x050321",
);
$_arr_logTarget[] = array(
"app_id" => $this->appRequest["app_id"],
);
$_arr_logType = array("pm", "rev");
$this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType);
$this->obj_api->halt_re($_arr_return);
}
$_arr_userRow = $this->user_check("post");
$_arr_pmIds = $this->mdl_pm->input_ids();
if ($_arr_pmIds["alert"] != "ok") {
$this->obj_api->halt_re($_arr_pmIds);
}
$_arr_pmDel = $this->mdl_pm->mdl_del($_arr_userRow["user_id"], true);
$this->obj_api->halt_re($_arr_pmDel);
}
function api_status() {
$this->app_check("post");
if (!isset($this->appAllow["pm"]["status"])) {
$_arr_return = array(
"alert" => "x050321",
);
$_arr_logTarget[] = array(
"app_id" => $this->appRequest["app_id"],
);
$_arr_logType = array("pm", "status");
$this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType);
$this->obj_api->halt_re($_arr_return);
}
$_arr_userRow = $this->user_check("post");
$_arr_pmIds = $this->mdl_pm->input_ids();
if ($_arr_pmIds["alert"] != "ok") {
$this->obj_api->halt_re($_arr_pmIds);
}
$_str_status = fn_getSafe(fn_post("pm_status"), "txt", "");
if (!$_str_status) {
$_arr_return = array(
"alert" => "x110219",
);
$this->obj_api->halt_re($_arr_return);
}
$_arr_pmStatus = $this->mdl_pm->mdl_status($_str_status, $_arr_userRow["user_id"]);
$this->obj_api->halt_re($_arr_pmStatus);
}
/**
* api_del function.
*
* @access public
* @return void
*/
function api_del() {
$this->app_check("post");
if (!isset($this->appAllow["pm"]["del"])) {
$_arr_return = array(
"alert" => "x050309",
);
$_arr_logTarget[] = array(
"app_id" => $this->appRequest["app_id"],
);
$_arr_logType = array("pm", "del");
$this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType);
$this->obj_api->halt_re($_arr_return);
}
$_arr_userRow = $this->user_check("post");
$_arr_pmIds = $this->mdl_pm->input_ids();
if ($_arr_pmIds["alert"] != "ok") {
$this->obj_api->halt_re($_arr_pmIds);
}
$_arr_pmDel = $this->mdl_pm->mdl_del($_arr_userRow["user_id"]);
$this->obj_api->halt_re($_arr_pmDel);
}
/**
* api_read function.
*
* @access public
* @return void
*/
function api_read() {
$this->app_check("get");
if (!isset($this->appAllow["pm"]["read"])) {
$_arr_return = array(
"alert" => "x050319",
);
$_arr_logTarget[] = array(
"app_id" => $this->appRequest["app_id"],
);
$_arr_logType = array("pm", "read");
$this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType);
$this->obj_api->halt_re($_arr_return);
}
$_arr_userRow = $this->user_check("get");
$_num_pmId = fn_getSafe(fn_get("pm_id"), "int", 0);
if ($_num_pmId < 1) {
$_arr_return = array(
"alert" => "x110211",
);
$this->obj_api->halt_re($_arr_return);
}
$_arr_pmRow = $this->mdl_pm->mdl_read($_num_pmId);
if ($_arr_pmRow["alert"] != "y110102") {
$this->obj_api->halt_re($_arr_pmRow);
}
if ($_arr_pmRow["pm_from"] != $_arr_userRow["user_id"] && $_arr_pmRow["pm_to"] != $_arr_userRow["user_id"]) {
$_arr_return = array(
"alert" => "x110403",
);
$this->obj_api->halt_re($_arr_return);
}
$_arr_pmRow["fromUser"] = $this->mdl_user->mdl_read_api($_arr_pmRow["pm_from"]);
$_arr_pmRow["toUser"] = $this->mdl_user->mdl_read_api($_arr_pmRow["pm_to"]);
$_str_key = fn_rand(6);
$_str_code = $this->obj_api->api_encode($_arr_pmRow, $_str_key);
$_arr_return = array(
"code" => $_str_code,
"key" => $_str_key,
"alert" => $_arr_pmRow["alert"],
);
$this->obj_api->halt_re($_arr_return);
}
function api_check() {
$this->app_check("get");
if (!isset($this->appAllow["pm"]["check"])) {
$_arr_return = array(
"alert" => "x050319",
);
$_arr_logTarget[] = array(
"app_id" => $this->appRequest["app_id"],
);
$_arr_logType = array("pm", "check");
$this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType);
$this->obj_api->halt_re($_arr_return);
}
$_arr_userRow = $this->user_check("get");
$_arr_search = array(
"type" => "in",
"pm_to" => $_arr_userRow["user_id"],
"status" => fn_getSafe(fn_get("status"), "txt", "wait"),
);
$_num_pmCount = $this->mdl_pm->mdl_count($_arr_search);
$_arr_return = array(
"pm_count" => $_num_pmCount,
"alert" => "y110402",
);
$this->obj_api->halt_re($_arr_return);
}
/**
* api_chkname function.
*
* @access public
* @return void
*/
function api_list() {
$this->app_check("get");
if (!isset($this->appAllow["pm"]["list"])) {
$_arr_return = array(
"alert" => "x050319",
);
$_arr_logTarget[] = array(
"app_id" => $this->appRequest["app_id"],
);
$_arr_logType = array("pm", "list");
$this->log_do($_arr_logTarget, "app", $_arr_return, $_arr_logType);
$this->obj_api->halt_re($_arr_return);
}
$_arr_userRow = $this->user_check("get");
$_num_perPage = fn_getSafe(fn_get("per_page"), "int", BG_SITE_PERPAGE);
$_str_type = fn_getSafe(fn_get("pm_type"), "txt", "");
$_str_pmIds = fn_getSafe(fn_get("pm_ids"), "txt", "");
$_arr_pmIds = array();
if ($_str_pmIds) {
if (stristr($_str_pmIds, "|")) {
$_arr_pmIds = explode("|", $_str_pmIds);
} else {
$_arr_pmIds = array($_str_pmIds);
}
}
if (!$_str_type) {
$_arr_return = array(
"alert" => "x110218",
);
$this->obj_api->halt_re($_arr_return);
}
$_arr_search = array(
"type" => $_str_type,
"status" => fn_getSafe(fn_get("pm_status"), "txt", ""),
"key" => fn_getSafe(fn_get("key"), "txt", ""),
"pm_ids" => $_arr_pmIds,
);
switch ($_str_type) {
case "in":
$_arr_search["pm_to"] = $_arr_userRow["user_id"];
break;
case "out":
$_arr_search["pm_from"] = $_arr_userRow["user_id"];
break;
}
$_num_pmCount = $this->mdl_pm->mdl_count($_arr_search);
$_arr_page = fn_page($_num_pmCount);
$_arr_pmRows = $this->mdl_pm->mdl_list($_num_perPage, $_arr_page["except"], $_arr_search);
foreach ($_arr_pmRows as $_key=>$_value) {
$_arr_pmRows[$_key]["fromUser"] = $this->mdl_user->mdl_read_api($_value["pm_from"]);
$_arr_pmRows[$_key]["toUser"] = $this->mdl_user->mdl_read_api($_value["pm_to"]);
}
$_arr_return = array(
"pmRows" => $_arr_pmRows,
"pageRow" => $_arr_page,
);
$_str_key = fn_rand(6);
$_str_code = $this->obj_api->api_encode($_arr_return, $_str_key);
$_arr_return = array(
"code" => $_str_code,
"key" => $_str_key,
"alert" => "y110402",
);
$this->obj_api->halt_re($_arr_return);
}
private function user_check($str_method = "get") {
$_arr_userRequest = $this->mdl_user->input_token_api($str_method);
if ($_arr_userRequest["alert"] != "ok") {
$this->obj_api->halt_re($_arr_userRequest);
}
$_arr_userRow = $this->mdl_user->mdl_read($_arr_userRequest["user_str"], $_arr_userRequest["user_by"]);
if ($_arr_userRow["alert"] != "y010102") {
$this->obj_api->halt_re($_arr_userRow);
}
if ($_arr_userRow["user_status"] == "disable") {
$_arr_return = array(
"alert" => "x010401",
);
$this->obj_api->halt_re($_arr_return);
}
if ($_arr_userRow["user_access_expire"] < time()) {
$_arr_return = array(
"alert" => "x010231",
);
$this->obj_api->halt_re($_arr_return);
}
if ($_arr_userRequest["user_access_token"] != $_arr_userRow["user_access_token"]) {
$_arr_return = array(
"alert" => "x010230",
);
$this->obj_api->halt_re($_arr_return);
}
return $_arr_userRow;
}
/**
* app_check function.
*
* @access private
* @param mixed $num_appId
* @param string $str_method (default: "get")
* @return void
*/
private function app_check($str_method = "get") {
$this->appRequest = $this->obj_api->app_request($str_method);
if ($this->appRequest["alert"] != "ok") {
$this->obj_api->halt_re($this->appRequest);
}
$_arr_logTarget[] = array(
"app_id" => $this->appRequest["app_id"]
);
$_arr_appRow = $this->mdl_app->mdl_read($this->appRequest["app_id"]);
if ($_arr_appRow["alert"] != "y050102") {
$_arr_logType = array("app", "read");
$this->log_do($_arr_logTarget, "app", $_arr_appRow, $_arr_logType);
$this->obj_api->halt_re($_arr_appRow);
}
$this->appAllow = $_arr_appRow["app_allow"];
$_arr_appChk = $this->obj_api->app_chk($this->appRequest, $_arr_appRow);
if ($_arr_appChk["alert"] != "ok") {
$_arr_logType = array("app", "check");
$this->log_do($_arr_logTarget, "app", $_arr_appChk, $_arr_logType);
$this->obj_api->halt_re($_arr_appChk);
}
}
/**
* log_do function.
*
* @access private
* @param mixed $arr_logResult
* @param mixed $str_logType
* @return void
*/
private function log_do($arr_logTarget, $str_targetType, $arr_logResult, $arr_logType) {
$_str_targets = json_encode($arr_logTarget);
$_str_result = json_encode($arr_logResult);
$this->mdl_log->mdl_submit($_str_targets, $str_targetType, $this->log[$arr_logType[0]][$arr_logType[1]], $_str_result, "app", $this->appRequest["app_id"]);
}
}