工单调整验证码校验规则

src/custom/restcontroller/webmanage/sale/serviceorder/serviceorder.java

@@ -16,20 +16,14 @@ import common.annotation.CACHEING;
 import common.annotation.CACHEING_CLEAN;
 import common.crm.bean.warrantycard;
 import common.data.*;
-
 import org.apache.commons.lang.StringUtils;
-import org.apache.cxf.configuration.security.DNConstraintsType;
-import org.glassfish.grizzly.utils.StringFilter;
 import restcontroller.R;
 import restcontroller.webmanage.executorService.Executor;
-import restcontroller.webmanage.sale.serviceorder.tools.HttpURLRest;
-import restcontroller.webmanage.sale.serviceorder.tools.VerificationManage;
 import restcontroller.webmanage.sale.workorder.workorder;
 import restcontroller.webmanage.sale.workorder.workpresetInfo;
 import utility.sms.Sms;
 
 import java.util.*;
-import java.util.regex.Pattern;
 
 /**
  * 服务申请单
@@ -37,8 +31,6 @@ import java.util.regex.Pattern;
 @API(title = "服务申请单管理")
 public class serviceorder extends Controller {
 
-    public static HashMap<String, VerificationManage> message_map = new HashMap<>();
-
     public serviceorder(JSONObject arg0) throws YosException {
         super(arg0);
         // TODO Auto-generated constructor stub
@@ -92,19 +84,19 @@ public class serviceorder extends Controller {
                 }
             }
         }
-        String initiator="";
+        String initiator = "";
         Rows userrows = dbConnect.runSqlQuery("select t2.usertype,t1.phonenumber from  sys_users t1 inner join sys_usersite t2 on t1.userid = t2.userid where t2.siteid = '" + siteid + "' and t1.userid=" + userid);
         long usertype = 0;
 
         if (userrows.isNotEmpty()) {
             usertype = userrows.get(0).getLong("usertype");
         }
-        if(usertype==99){
-            initiator="消费者";
-        }else if(usertype==21 || usertype==22){
-            initiator="经销商";
-        }else{
-            initiator="总部";
+        if (usertype == 99) {
+            initiator = "消费者";
+        } else if (usertype == 21 || usertype == 22) {
+            initiator = "经销商";
+        } else {
+            initiator = "总部";
         }
         if (sa_serviceorderid <= 0 || dbConnect.runSqlQuery(
                         "select sa_serviceorderid from sa_serviceorder where sa_serviceorderid=" + sa_serviceorderid)
@@ -169,14 +161,13 @@ public class serviceorder extends Controller {
         sqlFactory.addParameter("name", content.getStringValue("name"));
         sqlFactory.addParameter("phonenumber", content.getStringValue("phonenumber"));
         sqlFactory.addParameter("sa_customersid", content.getStringValue("sa_customersid"));
-        sqlFactory.addParameter("isonlinesales",isonlinesales);
-        sqlFactory.addParameter("isallowance",isallowance);
-
-        sqlFactory.addParameter("initiator",initiator);
+        sqlFactory.addParameter("isonlinesales", isonlinesales);
+        sqlFactory.addParameter("isallowance", isallowance);
 
+        sqlFactory.addParameter("initiator", initiator);
 
 
-        sqlFactory.addParameter("sys_enterpriseid_service",sys_enterpriseid_service);
+        sqlFactory.addParameter("sys_enterpriseid_service", sys_enterpriseid_service);
 
 
         sqlList.add(sqlFactory.getSQL());
@@ -205,7 +196,7 @@ public class serviceorder extends Controller {
     public String cheangeisallowance() throws YosException {
         Long sa_serviceorderid = content.getLong("sa_serviceorderid");
         boolean isallowance = content.getBooleanValue("isallowance");
-        dbConnect.runSqlUpdate("update sa_serviceorder set isallowance="+isallowance+" where sa_serviceorderid="+sa_serviceorderid);
+        dbConnect.runSqlUpdate("update sa_serviceorder set isallowance=" + isallowance + " where sa_serviceorderid=" + sa_serviceorderid);
         return getSucReturnObject().toString();
     }
 
@@ -276,9 +267,9 @@ public class serviceorder extends Controller {
         sqlFactory.addParameter_SQL("where", where);
         sqlFactory.addParameter("siteid", siteid);
         sqlFactory.addParameter("sys_enterpriseid", sys_enterpriseid);
-        QuerySQL querySQL = SQLFactory.createQuerySQL(this, "sys_site_parameter",  "sys_site_parameterid");
+        QuerySQL querySQL = SQLFactory.createQuerySQL(this, "sys_site_parameter", "sys_site_parameterid");
         querySQL.setTableAlias("t0");
-        querySQL.addJoinTable(JOINTYPE.right, sqlFactory, "t1", "t0.siteid='111'","*");
+        querySQL.addJoinTable(JOINTYPE.right, sqlFactory, "t1", "t0.siteid='111'", "*");
         querySQL.setPage(pageSize, pageNumber);
         Rows rows = querySQL.query();
         // 默认商品图片
@@ -287,7 +278,7 @@ public class serviceorder extends Controller {
         ArrayList<Long> ids = rows.toArrayList("itemid", new ArrayList<>());
         RowsMap attRowsMap = getAttachmentUrl("plm_item", ids);
 
-        RowsMap warrantycardRowsMap = SQLFactory.createQuerySQL(this, "sa_warrantycard", "sku","name", "phonenumber","address","sa_customersid","province","city","county").setWhere("sku", rows.toArrayList("sku")).query().toRowsMap("sku");
+        RowsMap warrantycardRowsMap = SQLFactory.createQuerySQL(this, "sa_warrantycard", "sku", "name", "phonenumber", "address", "sa_customersid", "province", "city", "county").setWhere("sku", rows.toArrayList("sku")).query().toRowsMap("sku");
 
         for (Row row : rows) {
             if (attRowsMap.getOrDefault(row.getString("itemid"), new Rows()).isNotEmpty()) {
@@ -305,10 +296,10 @@ public class serviceorder extends Controller {
                 row.put("province", warrantycardRow.getString("province"));
                 row.put("city", warrantycardRow.getString("city"));
                 row.put("county", warrantycardRow.getString("county"));
-            }else{
+            } else {
                 row.put("name", "");
                 row.put("phonenumber", "");
-                row.put("address","");
+                row.put("address", "");
                 row.put("sa_customersid", "");
                 row.put("province", "");
                 row.put("city", "");
@@ -577,8 +568,6 @@ public class serviceorder extends Controller {
         Rows rows = querySQL.query();
 
 
-
-
         ArrayList<Long> ids = rows.toArrayList("sa_serviceorderid", new ArrayList<>());
         HashMap<Long, ArrayList<String>> tagRows = DataTag.queryTag(this, "sa_serviceorder", ids, true);
         for (Row row : rows) {
@@ -848,7 +837,6 @@ public class serviceorder extends Controller {
             }
 
 
-
             dbConnect.runSqlUpdate("delete from sa_serviceorder where siteid='" + siteid + "' and sa_serviceorderid="
                     + sa_serviceorderid);
             dbConnect.runSqlUpdate("delete from sa_workorder where siteid='" + siteid + "' and sa_serviceorderid="
@@ -862,7 +850,7 @@ public class serviceorder extends Controller {
     @CACHEING_CLEAN(apiClass = {workorder.class, serviceorder.class, warrantycard.class})
     public String cancelServiceOrder() throws YosException {
         long sa_serviceorderid = content.getLong("sa_serviceorderid");
-        String voidreason =content.getStringValue("voidreason");
+        String voidreason = content.getStringValue("voidreason");
 
         Rows userrows = dbConnect.runSqlQuery("select t2.usertype from  sys_users t1 inner join sys_usersite t2 on t1.userid = t2.userid where t2.siteid = '" + siteid + "' and t1.userid=" + userid);
         long usertype = 0;
@@ -873,22 +861,22 @@ public class serviceorder extends Controller {
         ArrayList<String> sqllist = new ArrayList<>();
         Rows workorderrows = dbConnect.runSqlQuery("select sa_workorderid from sa_workorder where sa_serviceorderid ='"
                 + sa_serviceorderid + "' and  siteid='" + siteid + "' and status!='作废'");
-        sqllist.add("update sa_serviceorder set voidreason='"+voidreason+"',status='作废' where sa_serviceorderid="+sa_serviceorderid);
+        sqllist.add("update sa_serviceorder set voidreason='" + voidreason + "',status='作废' where sa_serviceorderid=" + sa_serviceorderid);
         sqllist.add(DataContrlLog.createLog(this, "sa_serviceorder", sa_serviceorderid, "作废", "服务申请单作废成功")
                 .getSQL());
-        if(workorderrows.isNotEmpty()){
-            long sa_workorderid= workorderrows.get(0).getLong("sa_workorderid");
-            voidreason="【服务申请单作废】"+voidreason;
-            sqllist.add("update sa_workorder set voidreason='"+voidreason+"',status='作废' where sa_workorderid="+sa_workorderid);
+        if (workorderrows.isNotEmpty()) {
+            long sa_workorderid = workorderrows.get(0).getLong("sa_workorderid");
+            voidreason = "【服务申请单作废】" + voidreason;
+            sqllist.add("update sa_workorder set voidreason='" + voidreason + "',status='作废' where sa_workorderid=" + sa_workorderid);
             sqllist.add(DataContrlLog.createLog(this, "sa_workorder", sa_workorderid, "作废", "工单作废成功")
                     .getSQL());
             Rows warrantycardrows = dbConnect.runSqlQuery("select sa_warrantycardid from sa_warrantycard where sa_workorderid ='"
                     + sa_workorderid + "' and  siteid='" + siteid + "' and isvoid=0");
-            if(warrantycardrows.isNotEmpty()){
-                if (usertype != 0 && usertype!=1) {
+            if (warrantycardrows.isNotEmpty()) {
+                if (usertype != 0 && usertype != 1) {
                     return getErrReturnObject().setErrMsg("因存在生效中的保修卡，此操作暂时无法执行，请先联系总部完成保修卡作废流程。").toString();
                 }
-                sqllist.add("update sa_warrantycard set voiddate=CURRENT_TIME,voidreason='"+voidreason+"',isvoid=1 where sa_warrantycardid="+warrantycardrows.get(0).getLong("sa_warrantycardid"));
+                sqllist.add("update sa_warrantycard set voiddate=CURRENT_TIME,voidreason='" + voidreason + "',isvoid=1 where sa_warrantycardid=" + warrantycardrows.get(0).getLong("sa_warrantycardid"));
                 sqllist.add(DataContrlLog.createLog(this, "sa_warrantycard", warrantycardrows.get(0).getLong("sa_warrantycardid"), "作废", "保修卡作废成功")
                         .getSQL());
             }
@@ -908,23 +896,23 @@ public class serviceorder extends Controller {
 
         Rows serviceorderRows = dbConnect.runSqlQuery("select status,billno from sa_serviceorder where sa_serviceorderid ='"
                 + sa_serviceorderid + "' and  siteid='" + siteid + "'");
-        if(serviceorderRows.isNotEmpty()){
-            if(!(serviceorderRows.get(0).getString("status").equals("待受理") || serviceorderRows.get(0).getString("status").equals("待服务")  || serviceorderRows.get(0).getString("status").equals("服务中"))){
+        if (serviceorderRows.isNotEmpty()) {
+            if (!(serviceorderRows.get(0).getString("status").equals("待受理") || serviceorderRows.get(0).getString("status").equals("待服务") || serviceorderRows.get(0).getString("status").equals("服务中"))) {
                 return getErrReturnObject().setErrMsg("非待受理/待服务/服务中状态的服务申请单无法撤回分配").toString();
             }
-            sqllist.add("update sa_serviceorder set sys_enterpriseid_service=0,status='待分配',allocationdate=null,allocationby='' where sa_serviceorderid="+sa_serviceorderid);
+            sqllist.add("update sa_serviceorder set sys_enterpriseid_service=0,status='待分配',allocationdate=null,allocationby='' where sa_serviceorderid=" + sa_serviceorderid);
             sqllist.add(DataContrlLog.createLog(this, "sa_serviceorder", sa_serviceorderid, "撤回分配", "服务申请单撤回分配成功")
                     .getSQL());
             Rows workorderrows = dbConnect.runSqlQuery("select sa_workorderid from sa_workorder where sa_serviceorderid ='"
                     + sa_serviceorderid + "' and  siteid='" + siteid + "' and status!='作废'");
-            if(workorderrows.isNotEmpty()){
-                long sa_workorderid= workorderrows.get(0).getLong("sa_workorderid");
-                sqllist.add("update sa_workorder set voidreason='服务申请单撤回分配',status='作废' where sa_workorderid="+sa_workorderid);
+            if (workorderrows.isNotEmpty()) {
+                long sa_workorderid = workorderrows.get(0).getLong("sa_workorderid");
+                sqllist.add("update sa_workorder set voidreason='服务申请单撤回分配',status='作废' where sa_workorderid=" + sa_workorderid);
                 sqllist.add(DataContrlLog.createLog(this, "sa_workorder", sa_workorderid, "作废", "工单作废成功")
                         .getSQL());
             }
 
-        }else{
+        } else {
             return getErrReturnObject().setErrMsg("服务申请单不存在").toString();
         }
 
@@ -934,7 +922,6 @@ public class serviceorder extends Controller {
     }
 
 
-
     @API(title = "发送手机验证码", apiversion = R.ID20230215173103.v1.class, accesstoken = false)
     public String sendMessage() throws YosException {
         String customerphone = "";
@@ -963,11 +950,11 @@ public class serviceorder extends Controller {
         String verificationCode = "";
         if (StringUtils.isBlank(rows.get(0).getString("verificationcode"))) {
             verificationCode = createVerificationCode();
+            dbConnect.runSqlUpdate("update sa_workorder set verificationcode='" + verificationCode + "' where sa_workorderid=" + sa_workorderid);
         } else {
             verificationCode = rows.get(0).getString("verificationcode");
         }
 
-        dbConnect.runSqlUpdate("update sa_workorder set verificationcode='" + verificationCode + "' where sa_workorderid=" + sa_workorderid);
         Rows wxserviceRows = dbConnect.runSqlQuery("select t2.userid from sys_wechatapp_openids t1 inner join sys_users t2 on t1.userid=t2.userid where t2.phonenumber='" + customerphone + "'");
         Row row = new Row();
         if (wxserviceRows.isNotEmpty()) {
@@ -986,14 +973,13 @@ public class serviceorder extends Controller {
 
                         if (isMoreThanOneHourUsingCalendar(rows.get(0).getDate("verificationdate"), new Date())) {
                             Sms sms = new Sms();
-                            sms.sendout(Sms.SmsType.Notice, customerphone, "尊敬的美大用户您好，您的美大产品安装已完成，请您将服务完工验证码"+verificationCode+"告知安装人员，谢谢您的配合!有美大，家更美!");
-                            message_map.put(customerphone, new VerificationManage(verificationCode));
+                            sms.sendout(Sms.SmsType.Notice, customerphone, "尊敬的美大用户您好，您的美大产品安装已完成，请您将服务完工验证码" + verificationCode + "告知安装人员，谢谢您的配合!有美大，家更美!");
+
                             dbConnect.runSqlUpdate("update sa_workorder set verificationdate=CURRENT_TIME where sa_workorderid=" + sa_workorderid);
                         }
                     } else {
                         Sms sms = new Sms();
-                        sms.sendout(Sms.SmsType.Notice, customerphone, "尊敬的美大用户您好，您的美大产品安装已完成，请您将服务完工验证码"+verificationCode+"告知安装人员，谢谢您的配合!有美大，家更美!");
-                        message_map.put(customerphone, new VerificationManage(verificationCode));
+                        sms.sendout(Sms.SmsType.Notice, customerphone, "尊敬的美大用户您好，您的美大产品安装已完成，请您将服务完工验证码" + verificationCode + "告知安装人员，谢谢您的配合!有美大，家更美!");
                         dbConnect.runSqlUpdate("update sa_workorder set verificationdate=CURRENT_TIME where sa_workorderid=" + sa_workorderid);
                     }
 
@@ -1015,12 +1001,13 @@ public class serviceorder extends Controller {
     public String checkVerificationCode() throws YosException {
         String customerphone = "";
         long sa_workorderid = content.getLong("sa_workorderid");
-        Rows rows = dbConnect.runSqlQuery("select t1.type,t2.* from sa_workorder t1 inner join sa_serviceorder t2 on t1.sa_serviceorderid=t2.sa_serviceorderid and t1.siteid=t2.siteid where t1.sa_workorderid=" + sa_workorderid);
+        Rows rows = dbConnect.runSqlQuery("select t1.type,t1.verificationcode,t2.* from sa_workorder t1 inner join sa_serviceorder t2 on t1.sa_serviceorderid=t2.sa_serviceorderid and t1.siteid=t2.siteid where t1.sa_workorderid=" + sa_workorderid);
         if (rows.isEmpty()) {
             return getErrReturnObject().setErrMsg("该工单不存在").toString();
         }
         long createuserid = rows.get(0).getLong("createuserid");
         String type = rows.get(0).getString("type");
+        String verificationcode = rows.get(0).getString("verificationcode");
         Rows rows_nterprise = dbConnect.runSqlQuery("select t1.userid from sys_users t1 inner join sys_enterprise_hr t2 on t1.userid = t2.userid where t2.sys_enterpriseid=84846");
         RowsMap rows_nterpriseMap = rows_nterprise.toRowsMap("userid");
         Rows userrows = dbConnect.runSqlQuery("select t2.usertype,t1.phonenumber from  sys_users t1 inner join sys_usersite t2 on t1.userid = t2.userid where t2.siteid = '" + siteid + "' and t1.userid=" + createuserid);
@@ -1043,15 +1030,11 @@ public class serviceorder extends Controller {
         boolean isgeneralcompletioncode = Parameter.getBoolean(siteid, "isgeneralcompletioncode");
         String generalcompletioncode = Parameter.getString(siteid, "generalcompletioncode");
         if (isgeneralcompletioncode || rows_nterpriseMap.containsKey(createuserid)) {
-            if (!code.equals(generalcompletioncode)) {
-                if (!message_map.containsKey(customerphone) || !message_map.get(customerphone).check(code)) {
-                    return getErrReturnObject().setErrMsg("验证码错误").toString();
-                }
-            }
-        } else {
-            if (!message_map.containsKey(customerphone) || !message_map.get(customerphone).check(code)) {
+            if (!code.equals(generalcompletioncode) && !code.equals(verificationcode)) {
                 return getErrReturnObject().setErrMsg("验证码错误").toString();
             }
+        } else if (!code.equals(verificationcode)) {
+            return getErrReturnObject().setErrMsg("验证码错误").toString();
         }
         return getSucReturnObject().toString();
     }

src/custom/restcontroller/webmanage/sale/serviceorder/tools/VerificationManage.java

@@ -1,57 +0,0 @@
-package restcontroller.webmanage.sale.serviceorder.tools;
-
-import org.sqlite.date.DateFormatUtils;
-
-import java.util.Calendar;
-import java.util.Date;
-
-public class VerificationManage {
-    private String code;
-    private Date effectivedate;
-
-    public VerificationManage(String code){
-        this.code=code;
-        Date now=new Date();
-        Calendar cal = Calendar.getInstance();
-        cal.setTime(now);//设置起时间
-        cal.add(Calendar.MINUTE, 1);
-        effectivedate=cal.getTime();
-    }
-
-    public String getCode() {
-        return code;
-    }
-
-    public Date getEffectivedate() {
-        return effectivedate;
-    }
-
-    public String getdate(){
-        return DateFormatUtils.format(effectivedate,"yyyy-MM-dd HH:mm:ss");
-    }
-
-    public static String createVerificationCode(){
-        String s = "";
-        while (s.length() < 6)
-            s += (int) (Math.random() * 10);
-        return s;
-    }
-
-    public boolean isExpire(){
-        //return effectivedate.before(new Date());
-        return false; //验证码不过期
-    }
-
-    public boolean check(String code){
-        return !isExpire()&&this.code.equals(code);
-    }
-
-
-
-    public static void main(String[] args) {
-        System.out.println(new VerificationManage("").isExpire());
-    }
-
-
-
-}