From bbf201f2ea456e945a0ff03f564643e0408dce4a Mon Sep 17 00:00:00 2001 From: "ZLW-PC\\Administrator" <374861669@qq.com> Date: Mon, 4 Jun 2018 17:56:20 +0800 Subject: [PATCH] oauth --- app/Common/ReturnData.php | 11 ++ app/Http/Controllers/Api/OrderController.php | 102 ------------------ app/Http/Controllers/Api/UserController.php | 22 ++-- .../Controllers/Weixin/UserController.php | 55 +++++----- app/Http/Logic/UserMoneyLogic.php | 2 +- resources/views/weixin/cart/index.blade.php | 4 +- .../views/weixin/goods/goodsDetail.blade.php | 4 +- routes/web.php | 1 - 8 files changed, 51 insertions(+), 150 deletions(-) diff --git a/app/Common/ReturnData.php b/app/Common/ReturnData.php index cadaa94..93c6aaa 100644 --- a/app/Common/ReturnData.php +++ b/app/Common/ReturnData.php @@ -149,4 +149,15 @@ class ReturnData return false; } + + public static function getCodeText($code) + { + $res = ''; + if (isset(self::$codeTexts[$code])) + { + $res = self::$codeTexts[$code]; + } + + return $res; + } } \ No newline at end of file diff --git a/app/Http/Controllers/Api/OrderController.php b/app/Http/Controllers/Api/OrderController.php index f77762b..744c8ba 100644 --- a/app/Http/Controllers/Api/OrderController.php +++ b/app/Http/Controllers/Api/OrderController.php @@ -198,108 +198,6 @@ class OrderController extends CommonController return $this->getLogic()->del($where); } - //订单状态修改 - public function orderStatusUpdate(Request $request) - { - $type = $request->input('type',''); - if($request->input('id', '')!=''){$where['id'] = $request->input('id');} - $where['user_id'] = Token::$uid; - - if($type=='' || $where['id'] =='') - { - return ReturnData::create(ReturnData::PARAMS_ERROR); - } - - //修改订单状态,1设为支付,2设为取消,3设为确认收货,4设为退款退货,5设为删除,6设为已评价 - if($type == 1) - { - //判断订单是否存在或本人 - $where['order_status'] = 0; - $where['pay_status'] = 0; - $order = model('Order')->getOne($where); - if(!$order){return ReturnData::create(ReturnData::PARAMS_ERROR,null,'订单不存在');} - - //判断用户余额是否足够 - $user_money = DB::table('user')->where(array('id'=>Token::$uid))->value('money'); - if($order['order_amount']>$user_money){return ReturnData::create(ReturnData::PARAMS_ERROR,null,'余额不足');} - - $data['pay_status'] = 1; - $data['pay_money'] = $order['order_amount']; //支付金额 - $data['pay_id'] = $request->input('pay_id',''); - $data['pay_time'] = $request->input('pay_time',time()); - if($request->input('pay_name', '')!=''){$data['pay_name'] = $request->input('pay_name');} - - //扣除用户余额 - if($data['pay_money']<=0 || !DB::table('user')->where(array('id'=>Token::$uid))->decrement('money', $data['pay_money'])) - { - return ReturnData::create(ReturnData::PARAMS_ERROR); - } - - //增加用户余额记录 - DB::table('user_money')->insert(array('user_id'=>Token::$uid,'type'=>1,'money'=>$data['pay_money'],'des'=>'订单余额支付','user_money'=>DB::table('user')->where(array('id'=>Token::$uid))->value('money'),'add_time'=>time())); - } - elseif($type == 2) - { - //判断订单是否存在或本人 - $where['order_status'] = 0; - $where['pay_status'] = 0; - $order = Order::where($where)->first(); - if(!$order){return ReturnData::create(ReturnData::PARAMS_ERROR,null,'订单不存在');} - - $data['order_status'] = 1; - } - elseif($type == 3) - { - //判断订单是否存在或本人 - $where['order_status'] = 0; - $where['refund_status'] = 0; - $where['pay_status'] = 1; - $order = Order::where($where)->first(); - if(!$order){return ReturnData::create(ReturnData::PARAMS_ERROR,null,'订单不存在');} - - $data['order_status'] = 3; - $data['shipping_status'] = 2; - $data['refund_status'] = 0; - $data['is_comment'] = 0; - } - elseif($type == 4) - { - //判断订单是否存在或本人 - $where['order_status'] = 3; - $where['refund_status'] = 0; - $order = Order::where($where)->first(); - if(!$order){return ReturnData::create(ReturnData::PARAMS_ERROR,null,'订单不存在');} - - $data['refund_status'] = 1; - } - elseif($type == 5) - { - //判断订单是否存在或本人 - $order = Order::where(array('order_status'=>3,'refund_status'=>0))->orWhere(array('order_status'=>1))->orWhere(array('order_status'=>2))->first(); - if(!$order){return ReturnData::create(ReturnData::PARAMS_ERROR,null,'订单不存在');} - - $data['is_delete'] = 1; - } - elseif($type == 6) - { - //判断订单是否存在或本人 - $where['order_status'] = 3; - $where['refund_status'] = 0; - $order = Order::where($where)->first(); - if(!$order){return ReturnData::create(ReturnData::PARAMS_ERROR,null,'订单不存在');} - - $data['is_comment'] = 1; - } - - //修改订单状态 - if (isset($data)) - { - Order::modify($where,$data); - } - - return ReturnData::create(ReturnData::SUCCESS); - } - //商城支付宝app支付 public function orderAlipayApp(Request $request) { diff --git a/app/Http/Controllers/Api/UserController.php b/app/Http/Controllers/Api/UserController.php index feee12d..930508a 100644 --- a/app/Http/Controllers/Api/UserController.php +++ b/app/Http/Controllers/Api/UserController.php @@ -237,7 +237,7 @@ class UserController extends CommonController $data['head_img'] = $request->input('head_img',''); $data['nickname'] = $request->input('nickname',''); $data['parent_id'] = 0;if($request->input('parent_id',null)!=null){$data['parent_id'] = $request->input('parent_id');} - $data['user_name'] = date('YmdHis').dechex(rand(1000,9999)); + $data['user_name'] = date('YmdHis').dechex(date('His').rand(1000,9999)); $data['password'] = md5('123456'); if ($data['openid']=='') @@ -245,17 +245,15 @@ class UserController extends CommonController return ReturnData::create(ReturnData::PARAMS_ERROR); } - if (model('User')->getOne(array('openid'=>$data['openid']))) - { - return $this->getLogic()->wxLogin(array('openid'=>$data['openid'])); - } - - //添加用户 - $res = $this->getLogic()->wxRegister($data); - if($res['code'] != ReturnData::SUCCESS){return $res;} - - //更新用户名user_name,微信登录没有用户名 - model('User')->edit(array('user_name'=>'u'.$res['code']['data']['uid']),array('id'=>$res['code']['data']['uid'])); + if (!model('User')->getOne(array('openid'=>$data['openid']))) + { + //添加用户 + $res = $this->getLogic()->wxRegister($data); + if($res['code'] != ReturnData::SUCCESS){return $res;} + + //更新用户名user_name,微信登录没有用户名 + model('User')->edit(array('user_name'=>date('Ymd').'u'.$res['data']['uid']),array('id'=>$res['data']['uid'])); + } return $this->getLogic()->wxLogin(array('openid'=>$data['openid'])); } diff --git a/app/Http/Controllers/Weixin/UserController.php b/app/Http/Controllers/Weixin/UserController.php index 3ed8b26..5ed85db 100644 --- a/app/Http/Controllers/Weixin/UserController.php +++ b/app/Http/Controllers/Weixin/UserController.php @@ -4,6 +4,7 @@ namespace App\Http\Controllers\Weixin; use App\Http\Controllers\Weixin\CommonController; use Illuminate\Http\Request; use App\Common\ReturnCode; +use App\Common\ReturnData; use App\Common\WechatAuth; use App\Common\Helper; @@ -27,7 +28,7 @@ class UserController extends CommonController $res = curl_request($url,$postdata,'GET'); $data['user_info'] = $res['data']; - if($res['code'] != ReturnCode::SUCCESS_CODE){unset($_SESSION['weixin_user_info']);$this->error_jump('请先登录',route('weixin_login'));} + if($res['code'] != ReturnData::SUCCESS){unset($_SESSION['weixin_user_info']);$this->error_jump('请先登录',route('weixin_login'));} return view('weixin.user.index', $data); } @@ -509,7 +510,7 @@ class UserController extends CommonController $url = env('APP_API_URL')."/user_goods_history_delete"; $res = curl_request($url,$postdata,'POST'); - if($res['code'] != ReturnCode::SUCCESS_CODE){$this->error_jump(ReturnCode::FAIL);} + if($res['code'] != ReturnData::SUCCESS){$this->error_jump(ReturnCode::FAIL);} $this->success_jump(ReturnCode::SUCCESS); } @@ -523,7 +524,7 @@ class UserController extends CommonController $url = env('APP_API_URL')."/user_goods_history_clear"; $res = curl_request($url,$postdata,'POST'); - if($res['code'] != ReturnCode::SUCCESS_CODE){$this->error_jump(ReturnCode::FAIL);} + if($res['code'] != ReturnData::SUCCESS){$this->error_jump(ReturnCode::FAIL);} $this->success_jump(ReturnCode::SUCCESS); } @@ -531,43 +532,39 @@ class UserController extends CommonController //微信网页授权登录 public function oauth(Request $request) { - $wechat_auth = new WechatAuth(sysconfig('CMS_WX_APPID'),sysconfig('CMS_WX_APPSECRET')); - - // 获取code码,用于和微信服务器申请token。 注:依据OAuth2.0要求,此处授权登录需要用户端操作 - if(!isset($_GET['code'])) + if (!isset($_SESSION['weixin_oauth']['userinfo'])) { - $http_type = ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')) ? 'https://' : 'http://'; - $callback_url = $http_type . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; //回调地址,当前页面 - //生成唯一随机串防CSRF攻击 - $state = md5(uniqid(rand(), true)); - $_SESSION['weixin_oauth']['state'] = $state; //存到SESSION - $authorize_url = $wechat_auth->get_authorize_url($callback_url, $state); + $wechat_auth = new WechatAuth(sysconfig('CMS_WX_APPID'),sysconfig('CMS_WX_APPSECRET')); - header("Location: $authorize_url");exit; - } - - // 依据code码去获取openid和access_token,自己的后台服务器直接向微信服务器申请即可 - if (isset($_GET['code'])) - { + // 获取code码,用于和微信服务器申请token。 注:依据OAuth2.0要求,此处授权登录需要用户端操作 + if(!isset($_GET['code'])) + { + $http_type = ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') || (isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')) ? 'https://' : 'http://'; + $callback_url = $http_type . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; //回调地址,当前页面 + //生成唯一随机串防CSRF攻击 + $state = md5(uniqid(rand(), true)); + $_SESSION['weixin_oauth']['state'] = $state; //存到SESSION + $authorize_url = $wechat_auth->get_authorize_url($callback_url, $state); + + header("Location: $authorize_url");exit; + } + + // 依据code码去获取openid和access_token,自己的后台服务器直接向微信服务器申请即可 $_SESSION['weixin_oauth']['code'] = $_GET['code']; if($_GET['state'] != $_SESSION['weixin_oauth']['state']) { - exit("您访问的页面不存在或已被删除!"); + $this->error_jump('您访问的页面不存在或已被删除'); } //得到 access_token 与 openid $_SESSION['weixin_oauth']['token'] = $wechat_auth->get_access_token($_GET['code']); - } - - // 依据申请到的access_token和openid,申请Userinfo信息。 - if (isset($_SESSION['weixin_oauth']['token'])) - { + // 依据申请到的access_token和openid,申请Userinfo信息。 $_SESSION['weixin_oauth']['userinfo'] = $wechat_auth->get_user_info($_SESSION['weixin_oauth']['token']['access_token'], $_SESSION['weixin_oauth']['token']['openid']); } $postdata = array( - 'openid' => $_SESSION['weixin_oauth']['token']['openid'], + 'openid' => $_SESSION['weixin_oauth']['userinfo']['openid'], 'unionid' => isset($_SESSION['weixin_oauth']['userinfo']['unionid']) ? $_SESSION['weixin_oauth']['userinfo']['unionid'] : '', 'nickname' => $_SESSION['weixin_oauth']['userinfo']['nickname'], 'sex' => $_SESSION['weixin_oauth']['userinfo']['sex'], @@ -578,11 +575,9 @@ class UserController extends CommonController ); $url = env('APP_API_URL')."/wx_oauth_register"; $res = curl_request($url,$postdata,'POST'); - - if($res['code'] != ReturnCode::SUCCESS_CODE){$this->error_jump('系统错误');} + if($res['code'] != ReturnData::SUCCESS){$this->error_jump('系统错误');} $_SESSION['weixin_user_info'] = $res['data']; - header('Location: '.route('weixin_user'));exit; } @@ -617,7 +612,7 @@ class UserController extends CommonController $url = env('APP_API_URL')."/wx_login"; $res = curl_request($url,$postdata,'POST'); - if($res['code'] != ReturnCode::SUCCESS_CODE){$this->error_jump('登录失败');} + if($res['code'] != ReturnData::SUCCESS){$this->error_jump('登录失败');} $_SESSION['weixin_user_info'] = $res['data']; diff --git a/app/Http/Logic/UserMoneyLogic.php b/app/Http/Logic/UserMoneyLogic.php index e820fdd..84c020e 100644 --- a/app/Http/Logic/UserMoneyLogic.php +++ b/app/Http/Logic/UserMoneyLogic.php @@ -78,7 +78,7 @@ class UserMoneyLogic extends BaseLogic /** * 添加一条记录,并增加或减少用户余额,会操作用户余额表,谨慎使用 - * @param int $data['user_id'] 排序 + * @param int $data['user_id'] 用户id * @param int $data['type'] 0增加,1减少 * @param float $data['money'] 金额 * @param string $data['des'] 描述 diff --git a/resources/views/weixin/cart/index.blade.php b/resources/views/weixin/cart/index.blade.php index 5f151f9..31d0777 100644 --- a/resources/views/weixin/cart/index.blade.php +++ b/resources/views/weixin/cart/index.blade.php @@ -83,9 +83,9 @@

购物车暂无商品

去逛逛 - +

-

+