feat php

crmeb/app/adminapi/controller/Login.php

@@ -10,11 +10,13 @@
 // +----------------------------------------------------------------------
 namespace app\adminapi\controller;
 
+use app\services\user\UserServices;
 use crmeb\services\CacheService;
 use think\facade\App;
 use crmeb\utils\Captcha;
 use app\services\system\admin\SystemAdminServices;
-
+use think\facade\Log;
+use think\facade\Db;
 /**
  * 后台登陆
  * Class Login
@@ -127,4 +129,114 @@ class Login extends AuthController
     {
         return app('json')->success($this->services->getLoginInfo());
     }
+
+
+    private function validateRequest($time,$sign) {
+        $end_key = "hunantianmuzhineng_2025";
+        // 2. 检查参数是否存在
+        if ($time === null || $sign === null) {
+            return false;
+        }
+
+        // 3. 验证时间戳有效性（可选但推荐）
+        $currentTime = time();
+        $timeDiff = abs($currentTime - (int)$time);
+        $maxAllowedDiff = 300; // 允许的最大时间差（5分钟）
+
+        if ($timeDiff > $maxAllowedDiff) {
+            return false;
+        }
+
+        // 4. 计算服务端签名
+        $serverSign = md5($time . $end_key);
+
+        // 5. 安全比较签名（防止时序攻击）
+        if (!hash_equals($serverSign, $sign)) {
+            return false;
+        }
+
+        // 验证通过，继续后续业务逻辑
+        return true;
+    }
+    public function getUserScore(){
+        $unionid = $this->request->get('unionid');
+        $time = $this->request->get('time');
+        $sign = $this->request->get('sign');
+        $isRight = $this->validateRequest($time,$sign);
+        if(!$isRight){
+            return app('json')->fail("无权限");
+        }
+        $userService = app()->make(UserServices::class);
+        $userInfo = $userService->getUserScore($unionid);
+        $info = array('unionid' => $unionid,'integral' => $userInfo['integral']);
+        if(!$userInfo['uid']){
+            $info['code'] = 0;
+        }else{
+            $info['code'] = 1;
+        }
+        return app('json')->success($info);
+    }
+
+
+    private function checkLock($orderId, $unionId, $score){
+        // 2. 准备 INSERT IGNORE SQL 语句
+        // 使用 IGNORE 关键字，如果 order_id 主键冲突，则忽略本次插入
+        $sql = "INSERT IGNORE INTO `eb_score_record` (`order_id`, `create_time`, `uniond_id`, `score`) VALUES (?, NOW(), ?, ?)";
+
+        // 3. 准备绑定的参数，防止SQL注入
+        $params = [$orderId, $unionId, $score];
+
+        try {
+            // 4. 执行 SQL
+            $affectedRows = Db::execute($sql, $params);
+
+            // 5. 判断执行结果
+            if ($affectedRows > 0) {
+                return true;
+            } else {
+              return false;
+            }
+
+        } catch (\Exception $e) {
+            Log::error($e->getMessage());
+            return false;
+        }
+    }
+    public function addScore(){
+        [$unionid, $score, $integration_status,$title,$mark,$order_id,$time,$sign] = $this->request->postMore([
+            ['unionid', ''],
+            ['score', ''],
+            ['integration_status', ''],
+            ['title', ''],
+            ['mark', ''],
+            ['order_id', ''],
+            ['time', ''],
+            ['sign', ''],
+        ], true);
+        $isRight = $this->validateRequest($time,$sign);
+        if(!$isRight){
+            return app('json')->fail("无权限");
+        }
+        $canAdd = $this->checkLock($order_id,$unionid,$score);
+        if(!$canAdd){
+            return app('json')->fail("流水号已经存在");
+        }
+        $userService = app()->make(UserServices::class);
+        $userInfo = $userService->getUserScore($unionid);
+
+        $uid = $userInfo['uid'];
+        $data = array('integration' => $score,'integration_status'=>$integration_status);
+        $data['title'] = $title;
+        $data['mark'] = $mark;
+        $data['is_other'] = true;
+        Log::error($data);
+        $result = $userService->addScore($uid,$data);
+        $info = array('unionid' => $unionid);
+        if($result){
+            $info['code'] = 1;
+        }else{
+            $info['code'] = 0;
+        }
+        return app('json')->success($info);
+    }
 }

crmeb/app/adminapi/controller/v1/product/StoreProduct.php

@@ -268,6 +268,7 @@ class StoreProduct extends AuthController
             ['protection_list', []],//商品保障
             ['is_gift', 0],//是否礼品
             ['gift_price', 0],//礼品附加费
+            ['goods_user_type', 0],//礼品类型
         ]);
         $this->service->save((int)$id, $data);
         return app('json')->success(100000);

crmeb/app/adminapi/route/route.php

@@ -38,6 +38,14 @@ Route::group(function () {
     Route::post('image/scan_upload', 'PublicController/scanUpload')->option(['real_name' => '扫码上传图片']);
     Route::get('custom_admin_js', 'PublicController/customAdminJs')->option(['real_name' => '测试地址']);
 
+
+
+    Route::post('scan/add_score', 'Login/addScore')->option(['real_name' => '增加积分']);
+
+    Route::get('scan/user_info', 'Login/getUserScore')->option(['real_name' => '根据unionid获取用户信息']);
+
+
+
 })->middleware(AllowOriginMiddleware::class)->option(['mark' => 'login', 'mark_name' => '登录相关']);
 
 

crmeb/app/dao/user/UserWechatUserDao.php

@@ -16,7 +16,7 @@ use think\model;
 use app\dao\BaseDao;
 use app\model\user\User;
 use app\model\wechat\WechatUser;
-
+use think\facade\Log;
 /**
  *
  * Class UserWechatUserDao
@@ -307,4 +307,23 @@ class UserWechatUserDao extends BaseDao
         })->field('count(' . $this->alias . '.uid) as value,' . $this->join_alis . '.sex as name')
             ->group($this->join_alis . '.sex')->select()->toArray();
     }
+
+    /**
+     * @param $unionId
+     * @return array|Model|null
+     * @throws \think\db\exception\DataNotFoundException
+     * @throws \think\db\exception\DbException
+     * @throws \think\db\exception\ModelNotFoundException
+     */
+    public function getUserByUnionId($unionId)
+    {
+        $info = $this->getModel()->where('w.unionid', $unionId)->find();
+        return $info;
+    }
+
+
+    public function getUserByUid($uid){
+        $info = $this->getModel()->where('w.uid', $uid)->find();
+        return $info;
+    }
 }

crmeb/app/services/product/product/StoreProductServices.php

@@ -35,6 +35,7 @@ use app\services\user\member\MemberCardServices;
 use app\services\user\UserLevelServices;
 use app\services\user\UserSearchServices;
 use app\services\user\UserServices;
+use app\services\user\UserWechatuserServices;
 use crmeb\exceptions\AdminException;
 use app\jobs\ProductLogJob;
 use app\jobs\ProductCopyJob;
@@ -1189,6 +1190,9 @@ class StoreProductServices extends BaseServices
         $where['is_show'] = 1;
         $where['is_del'] = 0;
         $where['star'] = 1;
+        $userInfo = app()->make(UserWechatuserServices::class)->getUserByUid($uid);
+        $goods_user_type = $userInfo['goods_user_type'];
+        $where['goods_user_type'] = $goods_user_type;
         $ifKeyword = isset($where['store_name']) && $where['store_name'];
         if ($ifKeyword) {
             app()->make(UserSearchServices::class)->saveUserSearch($uid, $where['store_name'], [$where['store_name']], []);

crmeb/app/services/user/UserServices.php

@@ -2323,4 +2323,76 @@ class UserServices extends BaseServices
     {
         return out_push($pushUrl, $data, '更新用户信息');
     }
+
+    public function getUserScore($unionid)
+    {
+        $user = app()->make(UserWechatuserServices::class)->getUserByUnionId($unionid);
+        return $user;
+    }
+
+    public function addScore($id,$data)
+        {
+            $user = $this->getUserInfo($id);
+            if (!$user) {
+                throw new AdminException(100026);
+            }
+            $res1 = true;
+            $res2 = false;
+            $edit = array();
+            if ($data['integration_status'] && $data['integration']) {//积分增加或者减少
+                /** @var UserBillServices $userBill */
+                $userBill = app()->make(UserBillServices::class);
+                $integral_data = ['link_id' => $data['adminId'] ?? 0, 'number' => $data['integration']];
+                if ($data['integration_status'] == 1) {//增加
+                    $edit['integral'] = bcadd($user['integral'], $data['integration'], 2);
+                    $integral_data['balance'] = $edit['integral'];
+                    $integral_data['title'] = $data['title'];
+                    $integral_data['mark'] = $data['mark'];
+                    $res2 = $userBill->incomeIntegral($user['uid'], 'system_add', $integral_data);
+                } else if ($data['integration_status'] == 2) {//减少
+                    $edit['integral'] = bcsub($user['integral'], $data['integration'], 2);
+                    $integral_data['balance'] = $edit['integral'];
+                    $integral_data['title'] = $data['title'];
+                    $integral_data['mark'] = $data['mark'];
+                    $res2 = $userBill->expendIntegral($user['uid'], 'system_sub', $integral_data);
+                }
+                event('OutPushListener', ['user_update_push', ['uid' => $id, 'type' => 'point', 'value' => $data['integration_status'] == 2 ? -intval($data['integration']) : $data['integration']]]);
+            } else {
+                $res2 = true;
+            }
+            //修改基本信息
+            if (!isset($data['is_other']) || !$data['is_other']) {
+                app()->make(UserLabelRelationServices::class)->setUserLable([$id], $data['label_id']);
+                if (isset($data['pwd']) && $data['pwd'] && $data['pwd'] != $user['pwd']) {
+                    $edit['pwd'] = $data['pwd'];
+                }
+                if (isset($data['spread_open'])) {
+                    $edit['spread_open'] = $data['spread_open'];
+                }
+                $edit['status'] = $data['status'];
+                $edit['real_name'] = $data['real_name'];
+                $edit['card_id'] = $data['card_id'];
+                $edit['birthday'] = strtotime($data['birthday']);
+                $edit['mark'] = $data['mark'];
+                $edit['is_promoter'] = $data['is_promoter'];
+                $edit['level'] = $data['level'];
+                $edit['phone'] = $data['phone'];
+                $edit['addres'] = $data['addres'];
+                $edit['group_id'] = $data['group_id'];
+                if ($user['level'] != $data['level']) {
+                    /** @var UserLevelServices $userLevelService */
+                    $userLevelService = app()->make(UserLevelServices::class);
+                    $userLevelService->setUserLevel((int)$user['uid'], (int)$data['level']);
+                }
+                if ($data['is_promoter'] == 0) {
+                    app()->make(SpreadApplyServices::class)->delete(['uid' => $user['uid']]);
+                }
+            }
+            if ($edit) $res3 = $this->dao->update($id, $edit);
+
+            else $res3 = true;
+            if ($res1 && $res2 && $res3)
+                return true;
+            else throw new AdminException(100007);
+    }
 }

crmeb/app/services/user/UserWechatuserServices.php

@@ -60,4 +60,15 @@ class UserWechatuserServices extends BaseServices
         $count = $this->dao->getCountByWhere($where);
         return [$list, $count];
     }
+
+    public function getUserByUnionId($unionid)
+    {
+        return $this->dao->getUserByUnionId($unionid);
+    }
+
+
+    public function getUserByUid($uid)
+    {
+        return $this->dao->getUserByUid($uid);
+    }
 }