From 08cdfe7bd69feb4e0359257ed4d8cd82325f2700 Mon Sep 17 00:00:00 2001 From: cyc Date: Wed, 5 Jun 2019 14:29:40 +0800 Subject: [PATCH 01/12] =?UTF-8?q?=E4=B8=8A=E4=BC=A0=E9=92=89=E9=92=89?= =?UTF-8?q?=E7=99=BB=E5=BD=95=E6=8E=A5=E5=8F=A3=EF=BC=8C=E5=B9=B6=E4=B8=94?= =?UTF-8?q?=E5=9C=A8=E7=81=AB=E8=BD=A6=E5=87=BA=E7=A5=A8=E7=B3=BB=E7=BB=9F?= =?UTF-8?q?=E8=B0=83=E7=94=A8?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../dinglogin/controllers/login.php | 85 ++++++++++++ .../dinglogin/helpers/dinglogin_helper.php | 49 +++++++ .../dinglogin/models/ding_login_model.php | 34 +++++ .../dinglogin/views/login-indx.php | 124 ++++++++++++++++++ .../trainsystem/controllers/api.php | 24 ---- .../trainsystem/controllers/pages.php | 32 ++--- .../trainsystem/helpers/train_helper.php | 12 -- 7 files changed, 309 insertions(+), 51 deletions(-) create mode 100644 application/third_party/dinglogin/controllers/login.php create mode 100644 application/third_party/dinglogin/helpers/dinglogin_helper.php create mode 100644 application/third_party/dinglogin/models/ding_login_model.php create mode 100644 application/third_party/dinglogin/views/login-indx.php diff --git a/application/third_party/dinglogin/controllers/login.php b/application/third_party/dinglogin/controllers/login.php new file mode 100644 index 00000000..3db981d0 --- /dev/null +++ b/application/third_party/dinglogin/controllers/login.php @@ -0,0 +1,85 @@ +load->helper('dinglogin'); + $this->load->helper('cookie'); + $this->appid = 'dingoalutppbmywhkyorfp'; + $this->appsecret = '6vAG1GwqwUE0b3g-8g0ZooKXt0SVVwcypIYbDLVy_MyS0jDV89rE68hXOV6WL0HO'; + $this->AppKey = 'dingjcbxgidah9uspeuc'; + $this->AppSecret = 'C4-8rUDK1u5Twpsw7U3yo42s_bbYxFIqzLMp2j7uI80Sa8D-OPbtSoCMgZxHxo2d'; + $this->load->model('ding_login_model'); + } + + //展示第三方登录页HTTP_REFERER + public function index(){ + delete_cookie('returnurl'); + if(isset($_REQUEST['returnurl'])){ + $returnurl = $_REQUEST['returnurl']; + }else{ + $returnurl = 'http://www.mycht.cn'; + } + $this->input->set_cookie('returnurl',$returnurl,60); + $this->load->view('login-indx'); + } + + //判断是否存在该用户 + public function auth_login(){ + $code = $_REQUEST['code']; + $microtime = get_microtime(); + + $signature = get_loginsign($microtime,$this->appsecret); + $url = 'https://oapi.dingtalk.com/sns/getuserinfo_bycode?accessKey='.urlencode($this->appid).'×tamp='.urlencode($microtime).'&signature='.urlencode($signature); + $data = array(); + $data['tmp_auth_code'] = $code; + $userinfo = GetPost_http($url,json_encode($data),'json'); + $userinfo_data = json_decode($userinfo); + //如果不存在unionid,则不往下执行 + if(!isset($userinfo_data->user_info->unionid)){ + header("HTTP/1.1 404 Not Found"); + exit('{"errcode":404,"errmsg":"不存在unionid!"}'); + } + + $unionid = $userinfo_data->user_info->unionid; + //获取access_token + $access_url = 'https://oapi.dingtalk.com/gettoken?appkey='.$this->AppKey.'&appsecret='.$this->AppSecret; + $access_token = GetPost_http($access_url,'',''); + $access_token = json_decode($access_token)->access_token; + + //通过unionid获取userid(在公司内部进行查找,如果人员不存在则不会返回userid) + $userid_url = 'https://oapi.dingtalk.com/user/getUseridByUnionid?access_token='.$access_token.'&unionid='.$unionid; + + $userid_json = GetPost_http($userid_url,'',''); + if(!isset(json_decode($userid_json)->userid)){ + header("HTTP/1.1 404 Not Found"); + exit($userid_json); + } + $userid = json_decode($userid_json)->userid; + + $user_url = 'https://oapi.dingtalk.com/user/get?access_token='.$access_token.'&userid='.$userid; + $user_info = GetPost_http($user_url,'',''); + + $user_data = json_decode($user_info); + $userinfo = array(); + $userinfo['name'] = $user_data->name; + $userinfo['position'] = $user_data->position; + $userinfo['unionid'] = $user_data->unionid; + $userinfo['avatar'] = $user_data->avatar; + $userinfo['orgEmail'] = $user_data->orgEmail; + $userinfo['mobile'] = $user_data->mobile; + $userinfo['datetime'] = time(); + $this->ding_login_model->addorupdateuser($userinfo); + $this->input->set_cookie('dingname',$user_data->name,2592000); + $this->input->set_cookie('dingunionid',$user_data->unionid,2592000); + redirect(get_cookie('returnurl')); + } + +} \ No newline at end of file diff --git a/application/third_party/dinglogin/helpers/dinglogin_helper.php b/application/third_party/dinglogin/helpers/dinglogin_helper.php new file mode 100644 index 00000000..8eab66af --- /dev/null +++ b/application/third_party/dinglogin/helpers/dinglogin_helper.php @@ -0,0 +1,49 @@ + \ No newline at end of file diff --git a/application/third_party/dinglogin/models/ding_login_model.php b/application/third_party/dinglogin/models/ding_login_model.php new file mode 100644 index 00000000..7069f4e3 --- /dev/null +++ b/application/third_party/dinglogin/models/ding_login_model.php @@ -0,0 +1,34 @@ +HT = $this->load->database('HT', TRUE); + } + + public function addorupdateuser($data){ + $sql = " + IF NOT EXISTS( + select * from Dingding_User where ddu_Unionid = ? + ) + INSERT INTO Dingding_User (ddu_Name,ddu_Unionid,ddu_Mobile,ddu_Email,ddu_Position,ddu_Avatar,ddu_Datetime) VALUES (N?,?,?,?,N?,?,?) + + ELSE + UPDATE Dingding_User SET + ddu_Name = N?, + ddu_Mobile = ?, + ddu_Email = ?, + ddu_Position = N?, + ddu_Avatar = ?, + ddu_Datetime = ? + WHERE ddu_Unionid = ? + "; + $query = $this->HT->query($sql,array($data['unionid'],$data['name'],$data['unionid'],$data['mobile'],$data['orgEmail'],$data['position'],$data['avatar'],$data['datetime'],$data['name'],$data['mobile'],$data['orgEmail'],$data['position'],$data['avatar'],$data['datetime'],$data['unionid'])); + } +} + +?> \ No newline at end of file diff --git a/application/third_party/dinglogin/views/login-indx.php b/application/third_party/dinglogin/views/login-indx.php new file mode 100644 index 00000000..f8a03329 --- /dev/null +++ b/application/third_party/dinglogin/views/login-indx.php @@ -0,0 +1,124 @@ + + + + + value系统登录 + + + + + + + + + + + + + + + + + +
+
+
+
+ +

Welcome

+ + + +
+ +
+

IE6 isn't allowed!

+ Please use Google Chrome, Firefox, Safair, or IE7+. +
+ +
+
+
+ + + diff --git a/application/third_party/trainsystem/controllers/api.php b/application/third_party/trainsystem/controllers/api.php index c62c3293..9d33819d 100644 --- a/application/third_party/trainsystem/controllers/api.php +++ b/application/third_party/trainsystem/controllers/api.php @@ -248,30 +248,6 @@ class api extends CI_Controller{ } } - //登录验证 - public function check_login(){ - $code = $this->input->get('code'); - $signature = getDingSignature(); - $urlencode_signature = urlencode($signature); - $personInfoUrl = 'https://oapi.dingtalk.com/sns/getuserinfo_bycode?signature='.$urlencode_signature.'×tamp='.time().'&accessKey=dingoaystremzlahfew1tb'; - $post_data = '{"tmp_auth_code":"'.$code.'"}'; - $returnJson = GetPost_http($personInfoUrl,$post_data,'json'); - $returnData = json_decode($returnJson); - - if(!empty($returnData->user_info)){ - //创建session - $this->session->set_userdata('dingname', $returnData->user_info->nick); - $this->session->set_userdata('dingunionid', $returnData->user_info->unionid); - redirect('http://www.mycht.cn/info.php/apps/trainsystem/pages/'); - }else{ - redirect('http://www.mycht.cn/info.php/apps/trainsystem/pages/login'); - } - } - - public function check_session(){ - print_r($this->session->userdata('dingunionid')); - } - //订单同步到trainsystem public function sync_orders(){ die(); diff --git a/application/third_party/trainsystem/controllers/pages.php b/application/third_party/trainsystem/controllers/pages.php index c7a86c6d..cb1715b6 100644 --- a/application/third_party/trainsystem/controllers/pages.php +++ b/application/third_party/trainsystem/controllers/pages.php @@ -9,13 +9,15 @@ class pages extends CI_Controller{ $this->load->model("train_system_model"); $this->load->model("BIZ_train_model"); $this->load->helper('train'); + $this->load->helper('cookie'); $this->order_status_msg = $this->config->item('train_order_status_msg'); } public function index($coli_id = null){ - /*if($this->session->userdata('dingname') == '' && $this->session->userdata('dingunionid') == ''){ - dingLogin(); - }*/ + if(get_cookie('dingname') == '' && get_cookie('dingunionid') == ''){ + redirect('/apps/dinglogin/login/?returnurl=/apps/trainsystem/pages/'); + } + if($coli_id == null){ $cols_id = $this->input->post("ht_order"); }else{ @@ -54,9 +56,9 @@ class pages extends CI_Controller{ //系统列表页面 public function order_list(){ - /*if($this->session->userdata('dingname') == '' && $this->session->userdata('dingunionid') == ''){ - dingLogin(); - }*/ + if(get_cookie('dingname') == '' && get_cookie('dingunionid') == ''){ + redirect('/apps/dinglogin/login/?returnurl=/apps/trainsystem/pages/'); + } $page_size = 10; $page = $this->input->get("page"); $order = $this->input->get("order"); @@ -110,9 +112,9 @@ class pages extends CI_Controller{ //订单详情页面 public function order(){ - /*if($this->session->userdata('dingname') == '' && $this->session->userdata('dingunionid') == ''){ - dingLogin(); - }*/ + if(get_cookie('dingname') == '' && get_cookie('dingunionid') == ''){ + redirect('/apps/dinglogin/login/?returnurl=/apps/trainsystem/pages/'); + } $ordernumber = $order=$this->input->get("order"); if(empty($ordernumber)){ @@ -159,9 +161,9 @@ class pages extends CI_Controller{ //退票页面 public function refund(){ - /*if($this->session->userdata('dingname') == '' && $this->session->userdata('dingunionid') == ''){ - dingLogin(); - }*/ + if(get_cookie('dingname') == '' && get_cookie('dingunionid') == ''){ + redirect('/apps/dinglogin/login/?returnurl=/apps/trainsystem/pages/'); + } $ordernumber = $order=$this->input->get("order"); if(empty($ordernumber)){ @@ -198,9 +200,9 @@ class pages extends CI_Controller{ } public function export(){ - /*if($this->session->userdata('dingname') == '' && $this->session->userdata('dingunionid') == ''){ - dingLogin(); - }*/ + if(get_cookie('dingname') == '' && get_cookie('dingunionid') == ''){ + redirect('/apps/dinglogin/login/?returnurl=/apps/trainsystem/pages/'); + } $this->load->view('header'); $this->load->view('export'); $this->load->view('footer'); diff --git a/application/third_party/trainsystem/helpers/train_helper.php b/application/third_party/trainsystem/helpers/train_helper.php index d79db5e6..99e2914a 100644 --- a/application/third_party/trainsystem/helpers/train_helper.php +++ b/application/third_party/trainsystem/helpers/train_helper.php @@ -74,16 +74,4 @@ function GetPost_http($url, $data = '',$format='') { return $tmpInfo; // } -function getDingSignature(){ - $timestamp = time(); - $signature = hash_hmac('sha256',$timestamp,'emCK5vYFJc-HtMNNgbyGpmbYaNyPkNXn_ayoFd6q2m6rpljhxBn2JQEx9gy8H6DQ',true); - $signature = base64_encode($signature); - return $signature; -} - -function dingLogin(){ - redirect('https://oapi.dingtalk.com/connect/oauth2/sns_authorize?appid=dingoaystremzlahfew1tb&response_type=code&scope=snsapi_login&state=STATE&redirect_uri=http://www.mycht.cn/info.php/apps/trainsystem/api/check_login'); -} - - ?> \ No newline at end of file From 8ed443e542cd4116169153b73c173e3616d518b3 Mon Sep 17 00:00:00 2001 From: cyc Date: Wed, 5 Jun 2019 14:31:42 +0800 Subject: [PATCH 02/12] =?UTF-8?q?=E4=BF=AE=E6=94=B9=E5=9B=9E=E8=B0=83js?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- application/third_party/dinglogin/views/login-indx.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/application/third_party/dinglogin/views/login-indx.php b/application/third_party/dinglogin/views/login-indx.php index f8a03329..1429df88 100644 --- a/application/third_party/dinglogin/views/login-indx.php +++ b/application/third_party/dinglogin/views/login-indx.php @@ -77,7 +77,7 @@