package restcontroller.common.usercenter; import beans.parameter.Parameter; import com.alibaba.fastjson.JSONObject; import common.Controller; import common.ReturnObject_Err; import common.YosException; import common.annotation.API; import common.annotation.CACHEING; import common.annotation.CACHEING_CLEAN; import common.annotation.cm; import common.data.*; import common.parameter.parameter; import restcontroller.R; import restcontroller.webmanage.saletool.store.StoreHelper; import utility.sms.Sms; import utility.tools.Encryption; import utility.wechat.miniprogram.WechatMiniProgram; import utility.wechat.miniprogram.WechatUserID; import utility.wechat.wechatservice.WechatService; import java.util.*; @API(title = "个人中心") public class usercenter extends Controller { public usercenter(JSONObject content) throws YosException { super(content); } /** * 个人信息查询 * * @return */ @API(title = "查询个人信息") @CACHEING public String queryUserMsg() throws YosException { Rows userrows = dbConnect.runSqlQuery("select name,phonenumber,accountno,status from sys_users where userid='" + userid + "'"); if (userrows.isNotEmpty()) { Row userrow = userrows.get(0); userrow.put("attinfos", getAttachmentUrl("sys_users", userid)); userrow.put("usertype", usertype); { Row hrrow = new Row(); if (usertype == 1) { hrrow = getHr(userid); if (!hrrow.isEmpty()) { hrrow.put("depname", getDepartment(userid).getString("depname")); } } else if (usertype == 21 || usertype == 22) { hrrow = getEnterpriseHr(userid); } userrow.put("hr", hrrow); } { Row agenthrrow = getEnterpriseHr(userid); userrow.put("agenthr", agenthrrow); } { Row agentrow = userInfo.getAgentRow(); userrow.put("agent", agentrow); } { Row enterpriseRow = getEnterpriseByUserid(userid); userrow.put("enterprise", enterpriseRow); } { Rows openidsRows = dbConnect.runSqlQuery("select * from sys_wechatapp_openids where userid='" + userid + "' and systemclient='" + systemclient + "'"); Rows unionidsRows = dbConnect.runSqlQuery("select * from sys_wechatapp_unionids where userid='" + userid + "'"); userrow.put("iswechatbinding", openidsRows.isNotEmpty() || unionidsRows.isNotEmpty()); if (unionidsRows.isNotEmpty()) { userrow.put("wechatuserinfo", JSONObject.parse(unionidsRows.get(0).getString("userinfo"))); } else if (openidsRows.isNotEmpty()) { userrow.put("wechatuserinfo", JSONObject.parse(openidsRows.get(0).getString("userinfo"))); } else { userrow.put("wechatuserinfo", new JSONObject()); } } return getSucReturnObject().setData(userrow).toString(); } else { return getErrReturnObject().toString(); } } @API(title = "账户密码修改") public String changePassWord() throws YosException { String password = content.getString("password");//MD5加密 String newpassword = content.getString("newpassword");//MD5加密 Rows usersrows = dbConnect.runSqlQuery("select password from sys_users where userid=" + userid); if (usersrows.isEmpty()) { return getErrReturnObject().setErrMsg("用户信息不存在").toString(); } if (!password.equals(usersrows.get(0).getString("password"))) { return getErrReturnObject().setErrMsg("原密码错误!").toString(); } dbConnect.runSqlUpdate("update sys_users set password='" + newpassword + "' where userid=" + userid); loguserout(userid); return getSucReturnObject().toString(); } static HashMap accountno_password = new HashMap(16); static HashMap accountno_date = new HashMap(16); @API(title = "忘记密码,获取短信验证码", accesstoken = false) public String forgetPassword_getPassWord() throws YosException { if (!Parameter.get("system_sms_switch").equalsIgnoreCase("true")) { return new ReturnObject_Err().setErrMsg("当前系统未开启短信平台").toString(); } String accountno = content.getString("accountno");//账号 Rows rows = dbConnect.runSqlQuery("select *from sys_users where accountno='" + accountno + "'"); if (rows.isEmpty()) { return new ReturnObject_Err().setErrMsg("不存在此账号信息").toString(); } String phonenumber = rows.get(0).getString("phonenumber").trim(); if (phonenumber.equals("")) { return new ReturnObject_Err().setErrMsg("账号未绑定手机号,请联系管理员").toString(); } String password = createPassWord(); accountno_password.put(accountno, password); Calendar calendar = Calendar.getInstance(); calendar.add(Calendar.MINUTE, 5); accountno_date.put(accountno, calendar.getTime()); if (!Parameter.get("system_sms_switch").equalsIgnoreCase("true")) { JSONObject object = new JSONObject(); object.put("code", 1); object.put("msg", "手机验证码为:" + password); return object.toJSONString(); } else { JSONObject object = new JSONObject(); Sms sms = new Sms(); sms.sendout(phonenumber, Parameter.get("chuanglan_sms_model_password"), new String[]{password}); object.put("code", 1); object.put("msg", "手机验证码已发送,请注意查收!"); return object.toJSONString(); } } @API(title = "忘记密码,修改密码", accesstoken = false) public String forgetPassword_changePassWord() throws YosException { JSONObject object = new JSONObject(); String password = content.getString("password");//MD5加密 String accountno = content.getString("accountno"); String newpassword = content.getString("newpassword");//MD5加密 int resultcode; if (!accountno_password.containsKey(accountno)) { resultcode = 1;//没有获取验证码 } else if (accountno_date.get(accountno).before(Calendar.getInstance().getTime())) { resultcode = 2;//验证码已失效 } else { //系统验证码 String syspassword = accountno_password.get(accountno); if (password.equals(new Encryption().Encode_MD5(syspassword))) { resultcode = 0;//验证码正确 } else { resultcode = 3;//验证码错误 } } if (resultcode == 0) { dbConnect.runSqlUpdate("update sys_users set password='" + newpassword + "' where accountno='" + accountno + "'"); object.put("code", 1); object.put("msg", "成功"); } else { String msg = ""; if (resultcode == 1) { msg = "请先获取绑定手机号验证码!"; } else if (resultcode == 2) { msg = "验证码已失效,请重新获取!"; } else { msg = "无效的验证码!"; } object.put("code", 0); object.put("msg", msg); } return object.toJSONString(); } static HashMap phonenumber_password = new HashMap(16); static HashMap phonenumber_date = new HashMap(16); @API(title = "手机号修改,获取短信验证码") public String updateUserMsg_getPassWord() throws YosException { if (!Parameter.get("system_sms_switch").equalsIgnoreCase("true")) { return new ReturnObject_Err().setErrMsg("当前系统未开启短信平台").toString(); } if (dbConnect.runSqlQuery("select *from sys_site_parameter where siteid='" + siteid + "' and loginmode_phonenumber=1").isEmpty()) { return new ReturnObject_Err().setErrMsg("当前站点未开启短信登陆").toString(); } String phonenumber = content.getString("phonenumber");//手机号 String password = createPassWord(); phonenumber_password.put(phonenumber, password); Calendar calendar = Calendar.getInstance(); calendar.add(Calendar.MINUTE, 5); phonenumber_date.put(phonenumber, calendar.getTime()); if (!Parameter.get("system_sms_switch").equalsIgnoreCase("true")) { JSONObject object = new JSONObject(); object.put("code", 1); object.put("msg", "手机验证码为:" + password); return object.toJSONString(); } else { JSONObject object = new JSONObject(); Sms sms = new Sms(); sms.sendout(phonenumber, Parameter.get("chuanglan_sms_model_password"), new String[]{password}); object.put("code", 1); object.put("msg", "手机验证码已发送,请注意查收!"); return object.toJSONString(); } } @API(title = "个人信息修改") @CACHEING_CLEAN(cms = {@cm(clazz = usercenter.class, method = {"queryUserMsg"})}) public String updateUserMsg() throws YosException { String name = content.getString("name", "sys_users"); String phonenumber = content.getStringValue("phonenumber", "sys_users"); String email = content.getString("email"); if (phonenumber.isEmpty()) { ArrayList sqllist = new ArrayList<>(); sqllist.add("update sys_hr set email='" + email + "' where userid=" + userid); sqllist.add("update sys_enterprise_hr set email='" + email + "' where userid=" + userid); dbConnect.runSqlUpdate(sqllist); return getSucReturnObject().toString(); } if (dbConnect.runSqlQuery("select *from sys_site_parameter where siteid='" + siteid + "' and loginmode_phonenumber=1").isEmpty()) { ArrayList sqllist = new ArrayList<>(); sqllist.add("update sys_users set name='" + name + "',phonenumber='" + phonenumber + "' where userid=" + userid); sqllist.add("update sys_hr set email='" + email + "' where userid=" + userid); sqllist.add("update sys_enterprise_hr set email='" + email + "' where userid=" + userid); dbConnect.runSqlUpdate(sqllist); return getSucReturnObject().toString(); } else { boolean phonenumberischange = dbConnect.runSqlQuery("select *from sys_users where userid=" + userid + " and phonenumber='" + phonenumber + "'").isEmpty(); JSONObject object = new JSONObject(); if (phonenumberischange) { String password = content.getString("password");//MD5加密 int resultcode; if (!phonenumber_password.containsKey(phonenumber)) { resultcode = 1;//没有获取验证码 } else if (phonenumber_date.get(phonenumber).before(Calendar.getInstance().getTime())) { resultcode = 2;//验证码已失效 } else { //系统验证码 String syspassword = phonenumber_password.get(phonenumber); if (password.equals(new Encryption().Encode_MD5(syspassword))) { resultcode = 0;//验证码正确 } else { resultcode = 3;//验证码错误 } } if (resultcode == 0) { ArrayList sqllist = new ArrayList<>(); sqllist.add("update sys_users set name='" + name + "', phonenumber='" + phonenumber + "' where userid='" + userid + "'"); sqllist.add("update sys_hr set email='" + email + "' where userid=" + userid); sqllist.add("update sys_enterprise_hr set email='" + email + "' where userid=" + userid); dbConnect.runSqlUpdate(sqllist); object.put("code", 1); object.put("msg", "成功"); } else { String msg = ""; if (resultcode == 1) { msg = "请先获取绑定手机号验证码!"; } else if (resultcode == 2) { msg = "验证码已失效,请重新获取!"; } else { msg = "无效的验证码!"; } object.put("code", 0); object.put("msg", msg); } } else { ArrayList sqllist = new ArrayList<>(); sqllist.add("update sys_users set name='" + name + "' where userid='" + userid + "'"); sqllist.add("update sys_hr set email='" + email + "' where userid=" + userid); sqllist.add("update sys_enterprise_hr set email='" + email + "' where userid=" + userid); dbConnect.runSqlUpdate(sqllist); object.put("code", 1); object.put("msg", "成功"); } return object.toJSONString(); } } /** * 创建验证码 * * @return */ private String createPassWord() { String allChar = "1234567890"; StringBuffer sb = new StringBuffer(); Random random = new Random(); for (int i = 0; i < 6; i++) { sb.append(allChar.charAt(random.nextInt(allChar.length()))); } if (parameter.phonenumber_password.containsValue(sb.toString())) { return createPassWord(); } else { return sb.toString(); } } /** * 微信绑定 * * @return */ @API(title = "微信账号绑定", apiversion = R.ID20240516090402.v1.class, accesstoken = false) @CACHEING_CLEAN(cms = {@cm(clazz = usercenter.class, method = {"queryUserMsg"})}) public String WechatBinding() throws YosException { String wechat_code = content.getString("wechat_code"); boolean isbinging = content.getBooleanValue("isbinging"); Long sys_enterprise_hrid = 0L; if (content.containsKey("sys_enterprise_hrid") && content.getLongValue("sys_enterprise_hrid") > 0) { sys_enterprise_hrid = content.getLongValue("sys_enterprise_hrid"); Rows rows = dbConnect.runSqlQuery("SELECT * from sys_enterprise_hr WHERE sys_enterprise_hrid='" + sys_enterprise_hrid + "' and siteid ='" + siteid + "'"); if (rows.isNotEmpty()) { if (rows.get(0).getLong("userid") > 0) { return getErrReturnObject().setErrMsg("团队成员已被绑定").toString(); } } } WechatMiniProgram wechatMiniProgram = new WechatMiniProgram(systemclient); WechatUserID wechatUser = wechatMiniProgram.getWechatUserID(wechat_code); String openid = wechatUser.getOpenid(); String unionid = wechatUser.getUnionid(); if (isbinging) { Rows openidsRows = dbConnect.runSqlQuery("select * from sys_wechatapp_openids where userid='" + userid + "' and systemclient='" + systemclient + "'"); if (openidsRows.isNotEmpty()) { if (!openidsRows.get(0).getString("openid").equals(openid)) { return getErrReturnObject().setErrMsg("当前账号已绑定微信,如需绑定其他微信,请先进行解绑操作!").toJSONString(); } } Rows unionidsRows = dbConnect.runSqlQuery("select * from sys_wechatapp_unionids where userid='" + userid + "'"); if (unionidsRows.isNotEmpty()) { if (!unionidsRows.get(0).getString("unionid").equals(unionid)) { return getErrReturnObject().setErrMsg("当前账号已绑定微信,如需绑定其他微信,请先进行解绑操作!").toJSONString(); } } } String wechatuserinfo = ""; if (content.containsKey("wechatuserinfo")) { wechatuserinfo = content.getString("wechatuserinfo", true); } ArrayList sqllist = new ArrayList<>(); if (openid != null && !openid.equals("")) { if (isbinging) { Rows openidsRows = dbConnect.runSqlQuery("select * from sys_wechatapp_openids where openid='" + openid + "' and systemclient='" + systemclient + "'"); if (openidsRows.isEmpty()) { SQLFactory sqlFactory = new SQLFactory(this, "绑定微信openid"); sqlFactory.addParameter("wechatapp_openidsid", createTableID("sys_wechatapp_openids")); sqlFactory.addParameter("systemclient", systemclient); sqlFactory.addParameter("openid", openid); sqlFactory.addParameter("userid", userid); sqlFactory.addParameter("userinfo", wechatuserinfo); sqllist.add(sqlFactory.getSQL()); } } else { if (dbConnect.runSqlQuery("select 1 from sys_wechatapp_openids where openid='" + openid + "' and userid='" + userid + "' and systemclient='" + systemclient + "'").isEmpty()) { return getErrReturnObject().setErrMsg("解绑失败,当前微信账号无权限解绑").toString(); } sqllist.add("delete from sys_wechatapp_openids where openid='" + openid + "' and userid='" + userid + "' and systemclient='" + systemclient + "'"); } } if (unionid != null && !unionid.equals("")) { if (isbinging) { Rows openidsRows = dbConnect.runSqlQuery("select * from sys_wechatapp_unionids where unionid='" + unionid + "' and systemclient='" + systemclient + "'"); if (openidsRows.isEmpty()) { SQLFactory sqlFactory = new SQLFactory(this, "绑定微信unionid"); sqlFactory.addParameter("wechatapp_unionidsid", createTableID("sys_wechatapp_unionids")); sqlFactory.addParameter("unionid", unionid); sqlFactory.addParameter("userid", userid); sqlFactory.addParameter("userinfo", wechatuserinfo); sqllist.add(sqlFactory.getSQL()); } } else { if (dbConnect.runSqlQuery("select 1 from sys_wechatapp_unionids where unionid='" + unionid + "' and userid='" + userid + "'").isEmpty()) { return getErrReturnObject().setErrMsg("解绑失败,当前微信账号无权限解绑").toString(); } sqllist.add("delete from sys_wechatapp_unionids where unionid='" + unionid + "' and userid='" + userid + "'"); } } //绑定 if (isbinging && sys_enterprise_hrid > 0) { UpdateSQL updateSQL = SQLFactory.createUpdateSQL(this, "sys_enterprise_hr"); updateSQL.setSiteid(siteid); updateSQL.setUniqueid(sys_enterprise_hrid); updateSQL.setValue("userid", userid); updateSQL.update(); if (usertype == 99) { new StoreHelper().updateUserType22(this); } } //解绑 if (!isbinging && sys_enterprise_hrid > 0) { UpdateSQL updateSQL = SQLFactory.createUpdateSQL(this, "sys_enterprise_hr"); updateSQL.setSiteid(siteid); updateSQL.setUniqueid(sys_enterprise_hrid); updateSQL.setValue("userid", 0); updateSQL.update(); if (usertype == 22) { new StoreHelper().updateUserType99(this); } } dbConnect.runSqlUpdate(sqllist); return getSucReturnObject().toString(); } @API(title = "微信账号绑定成员", apiversion = R.ID20240524090002.v1.class) @CACHEING_CLEAN(cms = {@cm(clazz = usercenter.class, method = {"queryUserMsg"})}) public String WechatBindingHr() throws YosException { Long hrid = content.getLongValue("hrid"); Rows rows = dbConnect.runSqlQuery("select * from sys_hr WHERE hrid=" + hrid + " and siteid='" + siteid + "'"); if (rows.isEmpty()) { return getErrReturnObject().setErrMsg("人员不存在").toString(); } Row hrRow = rows.get(0); if (hrRow.getLong("userid") > 0) { return getErrReturnObject().setErrMsg("微信已绑定").toString(); } rows = dbConnect.runSqlQuery("select * from sys_hr WHERE userid=" + userid + " and siteid='" + siteid + "'"); if(rows.isNotEmpty()){ return getErrReturnObject().setErrMsg("微信已绑定").toString(); } UpdateSQL updateSQL = SQLFactory.createUpdateSQL(this, "sys_hr"); updateSQL.setSiteid(siteid); updateSQL.setUniqueid(hrid); updateSQL.setValue("userid", userid); System.err.println(updateSQL.getSQL()); updateSQL.update(); if (usertype == 99) { new StoreHelper().updateUserType1(this); } return getSucReturnObject().toString(); } @API(title = "微信公众号绑定", accesstoken = false) public String WechatServceBinding() throws YosException { String accesstoken = content.getStringValue("accesstoken"); String systemclient = content.getStringValue("systemclient"); String wechat_code = content.getStringValue("wechat_code"); if (systemclient.equals("") || wechat_code.equals("")) { return getErrReturnObject().toString(); } long wechat_Userid = 0; WechatService wechatService = new WechatService(systemclient); WechatUserID wechatUserID = wechatService.getWechatUserID(wechat_code); String unionid = wechatUserID.getUnionid(); if (unionid != null && !unionid.equals("")) { Rows unionidRows = dbConnect.runSqlQuery("select userid from sys_wechatapp_unionids where unionid='" + unionid + "'"); if (unionidRows.isNotEmpty()) { wechat_Userid = unionidRows.get(0).getLong("userid"); } } String openid = wechatUserID.getOpenid(); // if (wechat_Userid == 0 && openid != null && !openid.equals("")) { // Rows openidRows = dbConnect.runSqlQuery("select userid from sys_wechatapp_openids where systemclient='" + systemclient + "'and openid='" + openid + "'"); // if (openidRows.isNotEmpty()) { // wechat_Userid = openidRows.get(0).getLong("userid"); // } // } if (wechat_Userid == 0 && !accesstoken.equals("") && parameter.tokenlist.containsKey(accesstoken)) { Rows userRows = dbConnect.runSqlQuery("select userid from sys_usersite where usersiteid=" + parameter.tokenlist.get(accesstoken)); if (userRows.isNotEmpty()) { wechat_Userid = userRows.get(0).getLong("userid"); } } if (wechat_Userid > 0) { ArrayList sqlist = new ArrayList<>(); if (unionid != null && !unionid.equals("")) { SQLFactory unionidinsertsql = new SQLFactory(this, "绑定微信unionid"); unionidinsertsql.addParameter("wechatapp_unionidsid", createTableID("sys_wechatapp_unionids")); unionidinsertsql.addParameter("unionid", unionid); unionidinsertsql.addParameter("userid", wechat_Userid); unionidinsertsql.addParameter("userinfo", ""); sqlist.add(unionidinsertsql.getSQL()); } if (openid != null && !openid.equals("")) { SQLFactory openidinsertsql = new SQLFactory(this, "绑定微信openid"); openidinsertsql.addParameter("wechatapp_openidsid", createTableID("sys_wechatapp_openids")); openidinsertsql.addParameter("systemclient", systemclient); openidinsertsql.addParameter("openid", openid); openidinsertsql.addParameter("userid", wechat_Userid); openidinsertsql.addParameter("userinfo", ""); sqlist.add(openidinsertsql.getSQL()); } if (sqlist.size() == 2) { dbConnect.runSqlUpdate(sqlist); return getSucReturnObject().toString(); } } return getErrReturnObject().toString(); } }