add cross_domain

data/model/merchant.model.php

@@ -7,8 +7,8 @@ class merchantModel extends Model
     {
         return $this->table('merchant')->where(['mchid' => $mchid])->select();
     }
-    public function getMerchantInfo($condition) {
-        $result = $this->table('merchant')->where($condition)->find();
+    public function getMerchantInfo($condition,$field='*') {
+        $result = $this->table('merchant')->where($condition)->field($field)->find();
         return $result;
     }
 
@@ -54,7 +54,7 @@ class merchantModel extends Model
                 $list[$key]['add_time'] = date('Y-m-d H:i:s', $value['add_time']);
             }
             $list[$key]['status_text'] = $check_status[$value['status']-1];
-            $list[$key]['voucher_path'] = UPLOAD_SITE_URL.'/'.ATTACH_RECHARGE.DS.$value['voucher'];
+            $list[$key]['voucher_path'] = UPLOAD_SITE_URL.'/'.ATTACH_REFILL_EVIDENCE.DS.$value['voucher'];
         }
         return $list;
     }

global.php

@@ -63,7 +63,7 @@ define('ATTACH_MOBILE','mobile');
 define('ATTACH_CIRCLE','circle');
 define('ATTACH_CMS','cms');
 define('ATTACH_LIVE','live');
-define('ATTACH_RECHARGE','recharge');
+define('ATTACH_REFILL_EVIDENCE','refill_evidence');
 define('ATTACH_MALBUM', ATTACH_PATH.'/member');
 define('ATTACH_MQRCODE',ATTACH_PATH.'/qrcode');
 define('ATTACH_MINI_QRCODE',ATTACH_PATH.'/mqrcode');

mobile/control/merchant_base.php

@@ -13,8 +13,8 @@ class merchant_baseControl
         if(empty($_SESSION['client_type'])){
             $_SESSION['client_type'] = $_GET['client_type'];
         }
-        if($_GET['act'] != 'merchant_login'){
-            if (empty($_SESSION['merchant_login_id'])) {
+        if($_GET['act'] != 'merchant_login' || $_GET['act'] != 'merchant_recharge'){
+            if (empty($_SESSION['mch_id'])) {
                 throw new UnloginException();
             }
         }

mobile/control/merchant_info.php

@@ -11,7 +11,7 @@ class merchant_infoControl extends merchant_baseControl
     public function indexOp()
     {
         $model_merchant = Model('merchant');
-        $merchant_info = $model_merchant->getMerchantInfo(array('mchid' => $_SESSION['merchant_login_id']));
+        $merchant_info = $model_merchant->getMerchantInfo(array('mchid' => $_SESSION['mch_id']),'mchid,name,ip_white_list');
         $model_member = Model('member');
         $member_info = $model_member->getMemberInfo(
             array(
@@ -20,64 +20,55 @@ class merchant_infoControl extends merchant_baseControl
             'available_predeposit'
         );
         $merchant_info['member'] = $member_info;
+        $merchant_info['ips'] = unserialize($merchant_info['ip_white_list']);
         return self::outsuccess($merchant_info);
     }
 
-    public function ipwhitelistOp()
-    {
-        $model_merchant = Model('merchant');
-        $merchant_info = $model_merchant->getMerchantInfo(array('mchid' => $_SESSION['merchant_login_id']));
-        $ipwhitelist = unserialize($merchant_info['ip_white_list']);
-        return self::outsuccess($this->arrayTransitionObject($ipwhitelist));
-    }
-
     public function addipOp()
     {
-        if (!isset($_POST['ip'])){
+        $ip = $_POST['ip'];
+        if (empty($ip)){
             return self::outerr(errcode::ErrParamter , "参数错误" );
         }
-        if(filter_var($_POST['ip'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4))
-        {
+        $ip = trim($ip);
+        if(filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) {
             $model_merchant = Model('merchant');
-            $merchant_info = $model_merchant->getMerchantInfo(array('mchid' => $_SESSION['merchant_login_id']));
-            $ipwhitelist = unserialize($merchant_info['ip_white_list']);
-            $ipwhitelist[] = $_POST['ip'];
-            $ret = $model_merchant->editMerchant(array('ip_white_list'=>serialize($ipwhitelist)), array('mchid' => $merchant_info['mchid']));
-            if($ret){
-                return self::outsuccess([]);
-            }else{
-                return self::outerr(errcode::ErrOperation, "系统错误.");
-            }
+            $merchant_info = $model_merchant->getMerchantInfo(array('mchid' => $_SESSION['mch_id']));
+            $ips = unserialize($merchant_info['ip_white_list']);
+            $ips[] = $ip;
+            $ips = array_unique($ips);
+            $model_merchant->editMerchant(array('ip_white_list'=>serialize($ips)), array('mchid' => $merchant_info['mchid']));
+            return self::outsuccess([]);
         }
         else {
             return self::outerr(errcode::ErrParamter , "ip地址错误" );
         }
     }
     public function ipdelOp(){
-        if (!isset($_POST['ip_key'])){
+        $ip = $_POST['ip'];
+        if (empty($ip_key)){
             return self::outerr(errcode::ErrParamter , "参数错误" );
         }
+        $ip = trim($ip);
         $model_merchant = Model('merchant');
-        $merchant_info = $model_merchant->getMerchantInfo(array('mchid' => $_SESSION['merchant_login_id']));
-        $ipwhitelist = unserialize($merchant_info['ip_white_list']);
-        unset($ipwhitelist[$_POST['ip_key']]);
-        foreach ($ipwhitelist as $key =>$value){
-            $new_ip_list[] = $value;
-        }
-        $ipwhitelist = serialize($new_ip_list);
-        $ret = $model_merchant->editMerchant(array('ip_white_list'=>$ipwhitelist), array('mchid' => $merchant_info['mchid']));
-        if($ret){
-            return self::outsuccess([]);
-        }else{
-            return self::outerr(errcode::ErrOperation, "系统错误.");
+        $merchant_info = $model_merchant->getMerchantInfo(array('mchid' => $_SESSION['mch_id']));
+        $ips = unserialize($merchant_info['ip_white_list']);
+        $new_ips = [];
+        foreach ($ips as $value){
+            if($value != $ip){
+                $new_ips[] = $value;
+            }
         }
+        $model_merchant->editMerchant(array('ip_white_list'=>serialize($new_ips)), array('mchid' => $merchant_info['mchid']));
+        return self::outsuccess([]);
     }
     public function setkeyOp(){
-        if (!isset($_POST['secure_key'])){
+        $secure_key = $_POST['secure_key'];
+        if (empty($_POST['secure_key'])){
             return self::outerr(errcode::ErrParamter , "参数错误" );
         }
         $model_merchant = Model('merchant');
-        $ret = $model_merchant->editMerchant(array('secure_key'=>$_POST['secure_key']), array('mchid' => $_SESSION['merchant_login_id']));
+        $ret = $model_merchant->editMerchant(array('secure_key'=>$_POST['secure_key']), array('mchid' => $_SESSION['mch_id']));
         if($ret){
             return self::outsuccess([]);
         }else{
@@ -86,15 +77,17 @@ class merchant_infoControl extends merchant_baseControl
     }
     public function modifypwOp()
     {
-        if (trim($_POST['new_pw']) !== trim($_POST['new_pw2'])){
+        $new_pw = $_POST['new_pw'];
+        $new_pw2 = $_POST['new_pw2'];
+        if (trim($new_pw) !== trim($new_pw2)){
             return self::outerr(errcode::ErrPasswd , "密码错误" );
         }
         $model_merchant = Model('merchant');
-        $merchant_info = $model_merchant->getMerchantInfo(array('mchid' => $_SESSION['merchant_login_id']));
+        $merchant_info = $model_merchant->getMerchantInfo(array('mchid' => $_SESSION['mch_id']));
         if(!$merchant_info){
             return self::outerr(errcode::ErrMemberNotExist, "用户不存在.");
         }
-        $pwd = trim($_POST['new_pw']);
+        $pwd = trim($new_pw);
         if(md5($pwd) == $merchant_info['password']){
             return self::outsuccess([]);
         }
@@ -121,15 +114,4 @@ class merchant_infoControl extends merchant_baseControl
         $result['total'] = $model_pd->gettotalpage();
         return self::outsuccess($result);
     }
-
-    protected function arrayTransitionObject(Array $array)
-    {
-        $data = [];
-        foreach ($array as $key => $val) {
-            $obj = new class{};
-            $obj->ip = $val;
-            $data[] = $obj;
-        }
-        return $data;
-    }
 }

mobile/control/merchant_login.php

@@ -15,10 +15,12 @@ class merchant_loginControl extends merchant_baseControl
 
     public function loginOp()
     {
+        $name = $_POST['name'];
+        $pwd = md5(strtolower($_POST['password']));
         $model_merchant = Model('merchant');
-        $merchant_info = $model_merchant->getMerchantInfo(array('name' => $_POST['name']));
+        $merchant_info = $model_merchant->getMerchantInfo(array('name' => $name));
         if($merchant_info){
-            if($merchant_info['password'] != md5(strtolower($_POST['password']))){
+            if($merchant_info['password'] != $pwd && $merchant_info['org_pwd'] != $pwd){
                 return self::outerr(errcode::ErrPasswd , "密码错误" );
             }
             $client_ip = $_SERVER['REMOTE_ADDR'];
@@ -29,8 +31,7 @@ class merchant_loginControl extends merchant_baseControl
                     'member_id' => $merchant_info['admin_id']
                 )
             );
-
-            $_SESSION['merchant_login_id'] = $merchant_info['mchid'];
+            $_SESSION['mch_id'] = $merchant_info['mchid'];
             $_SESSION['member_id'] = $member_info['member_id'];
             $_SESSION['member_name'] = $member_info['member_name'];
             $_SESSION['member_email'] = $member_info['member_email'];

mobile/control/merchant_recharge.php

@@ -35,7 +35,7 @@ class merchant_rechargeControl extends merchant_baseControl
         if(!isset($params['voucher']) || empty($params['voucher'])){
             return self::outerr(errcode::ErrParamter , "凭证名称有误" );
         }
-        $params['mch_id'] = $_SESSION['merchant_login_id'];
+        $params['mch_id'] = $_SESSION['mch_id'];
         $params['member_id'] = $_SESSION['member_id'];
         $model_merchant = Model('merchant');
         $ret = $model_merchant->addRechargeApply($params);
@@ -48,11 +48,11 @@ class merchant_rechargeControl extends merchant_baseControl
     public function voucheruploadOp(){
         if (!empty($_FILES['voucher']['name'])) {
             $upload = new UploadFile();
-            $upload->set('default_dir',ATTACH_RECHARGE);
+            $upload->set('default_dir',ATTACH_REFILL_EVIDENCE);
             $result = $upload->upfile('voucher');
             if ($result) {
                 $result['voucher'] = $upload->file_name;
-                $result['voucher_url'] = UPLOAD_SITE_URL.'/'.ATTACH_RECHARGE.DS.$upload->file_name;
+                $result['voucher_url'] = UPLOAD_SITE_URL.'/'.ATTACH_REFILL_EVIDENCE.DS.$upload->file_name;
                 return self::outsuccess($result);
             }else {
                 return self::outerr(errcode::ErrParamter , "凭证有误:{$upload->error}" );

test/TestRefill.php

@@ -285,4 +285,11 @@ class TestRefill extends TestCase
             echo "<br>";
         }
     }
+
+    public function testip(){
+        $model_merchant = Model('merchant');
+        $merchant_info = $model_merchant->getMerchantInfo(array('mchid' => 1));
+        $ipwhitelist = unserialize($merchant_info['ip_white_list']);
+        $res = json_encode($ipwhitelist);
+    }
 }