账号，cookie修改

protected/controller/InvoiceController.php

@@ -17,9 +17,12 @@ class InvoiceController extends DooController {
 	public function beforeRun($resource, $action) {
 		Doo::loadModel ( "invoiceManage" );
 		$invoiceManage = new invoiceManage ();
+		Doo::loadClass ( 'XDeode' );
+		$XDeode = new XDeode ( 5 );
+		$sid = $XDeode->decode ( $_COOKIE ["staff"] );
 		header ( 'Content-Type:text/html;charset=utf-8' );
-		$moldList = $invoiceManage->getInvoiceByStaff ( $_COOKIE ["staff"] );
-		// print_r($moldList);
+		$moldList = $invoiceManage->getInvoiceByStaff ( $sid );
+		
 		
 		if (empty ( $moldList )) {
 			$flag = false;
@@ -95,13 +98,15 @@ class InvoiceController extends DooController {
 		$fm_forward_month = date ( "m", $tmp_forwardmonth );
 		$path = SITE_PATH . $this->INVOICECOLLECTPATH . "invoiceCollect_" . $year . "_" . $fm_forward_month . ".htm";
 		$htm = $this->showCache ( $path );
-		
+		Doo::loadClass ( 'XDeode' );
+		$XDeode = new XDeode ( 5 );
+		$sid = $XDeode->decode ( $_COOKIE ["staff"] );
 		$expressList = $express->getExpressByAll ();
-		$invoiceList = $invoice->getMyInvoice ( $_COOKIE ["staff"] );
+		$invoiceList = $invoice->getMyInvoice ( $sid );
 		
 		// $list = $invoiceReceivables->getInvoiceReceivablesByClaim ( $this->staff [0] ['cid'], $this->staff [0] ['sid'] );
 		
-		$sql = 'status=2 and untreadStatus=3 and sid=' . $_COOKIE ["staff"];
+		$sql = 'status=2 and untreadStatus=3 and sid=' . $sid;
 		$list = $invoice->getInvoiceByUntreadStatusPage ( 4, $sql );
 		
 		// print_r($list);
@@ -519,13 +524,15 @@ class InvoiceController extends DooController {
 		$invoice = new invoice ();
 		Doo::loadModel ( 'invoiceOperationLog' );
 		$invoiceOperationLog = new invoiceOperationLog ();
-		
+		Doo::loadClass ( 'XDeode' );
+		$XDeode = new XDeode ( 5 );
+		$sid = $XDeode->decode ( $_COOKIE ["staff"] );
 		$iid = isset ( $this->params ['iid'] ) ? $this->params ['iid'] : "";
 		$iid = $XDeode->decode ( $iid );
 		
 		if (! is_numeric ( $iid ))
 			die ( 'illegal request' );
-		$invoiceDetail = $invoice->getMyInvoice ( $_COOKIE ["staff"], $iid );
+		$invoiceDetail = $invoice->getMyInvoice ( $sid, $iid );
 		if (empty ( $invoiceDetail ))
 			die ( 'illegal request' );
 		$item = array (
@@ -1761,7 +1768,9 @@ class InvoiceController extends DooController {
 	function invoiceAchieve() {
 		Doo::loadModel ( 'invoice' );
 		$invoice = new invoice ();
-		
+		Doo::loadClass ( 'XDeode' );
+		$XDeode = new XDeode ( 5 );
+		$sid = $XDeode->decode ( $_COOKIE ["staff"] );
 		$MebSea = isset ( $this->params ['MebSea'] ) ? urldecode ( $this->params ['MebSea'] ) : '';
 		
 		$page_size = 1;
@@ -1785,7 +1794,7 @@ class InvoiceController extends DooController {
 		$pageinfo ['page'] = array (
 				'previous' => '' 
 		);
-		$sql = 'status=2 and untreadStatus=3 and sid=' . $_COOKIE ["staff"] . $con;
+		$sql = 'status=2 and untreadStatus=3 and sid=' . $sid . $con;
 		$pageinfo = $this->get_page ( "CLD_invoice", $sql, $page, $page_size, "invoiceAchieve", $get, "" );
 		
 		$limit = $pageinfo ['lower'] . ',' . $page_size;
@@ -1806,7 +1815,9 @@ class InvoiceController extends DooController {
 	function invoiceReceivablesAchieve() {
 		Doo::loadModel ( 'invoiceReceivables' );
 		$invoiceReceivables = new invoiceReceivables ();
-		
+		Doo::loadClass ( 'XDeode' );
+		$XDeode = new XDeode ( 5 );
+		$sid = $XDeode->decode ( $_COOKIE ["staff"] );
 		$MebSea = isset ( $this->params ['MebSea'] ) ? urldecode ( $this->params ['MebSea'] ) : '';
 		
 		$page_size = 1;
@@ -1830,7 +1841,7 @@ class InvoiceController extends DooController {
 		$pageinfo ['page'] = array (
 				'previous' => '' 
 		);
-		$sql = " bindStatus=1 and receivablesStaff like '" . $_COOKIE ["staff"] . "_%' " . $con;
+		$sql = " bindStatus=1 and receivablesStaff like '" . $sid . "_%' " . $con;
 		$pageinfo = $this->get_page ( "CLD_invoiceReceivables", $sql, $page, $page_size, "invoiceReceivablesAchieve", $get, "" );
 		
 		$limit = $pageinfo ['lower'] . ',' . $page_size;
@@ -2951,19 +2962,19 @@ class InvoiceController extends DooController {
 		
 		// 我的发票待处理
 		$pendingInvoice = $invoice->getOne ( array (
-				'where' => "(status=3 or status=4 or (status=2 and printStatus=1 and untreadStatus=0 ) or (status=2 and printStatus=1 and untreadStatus=2 )  )  and isDelete=0 and sid=" . $_COOKIE ["staff"],
+				'where' => "(status=3 or status=4 or (status=2 and printStatus=1 and untreadStatus=0 ) or (status=2 and printStatus=1 and untreadStatus=2 )  )  and isDelete=0 and sid=" . $st[0]['sid'],
 				'desc' => 'iid',
 				'asArray' => TRUE 
 		) );
 		// 我的收款待入账
 		$myClaim = $invoiceReceivables->getOne ( array (
-				'where' => " receivablesStaff like '" . $_COOKIE ["staff"] . "-%' and receivablesCategory like '" . $st [0] ['cid'] . ":%' and bindStatus=0",
+				'where' => " receivablesStaff like '" . $st[0]['sid'] . "-%' and receivablesCategory like '" . $st [0] ['cid'] . ":%' and bindStatus=0",
 				'desc' => 'irid',
 				'asArray' => TRUE 
 		) );
 		// 发票审批
 		$approval = $invoice->getOne ( array (
-				'where' => 'status=1 and pendingApprovals=' . $_COOKIE ["staff"],
+				'where' => 'status=1 and pendingApprovals=' . $st[0]['sid'],
 				'desc' => 'iid',
 				'asArray' => true 
 		) );
@@ -2974,7 +2985,7 @@ class InvoiceController extends DooController {
 		) );
 		// 发票打印
 		$print = $invoice->getOne ( array (
-				'where' => "status=2 and printStatus=0 and moldManage like '%[\"" . $_COOKIE ["staff"] . "\",%'",
+				'where' => "status=2 and printStatus=0 and moldManage like '%[\"" . $st[0]['sid'] . "\",%'",
 				'desc' => 'iid',
 				'asArray' => TRUE 
 		) );

protected/controller/MainController.php

@@ -131,27 +131,19 @@ class MainController extends DooController {
 	
 	
 	function login(){
-		//print_r($routeRs);
-//die('2');
-//		if ($this->isMobile()){
-//			header ( 'Content-Type:text/html;charset=utf-8' );
-//			@header ( "Location: http://m.cld.smartcost.com.cn/"  );die;
-//		}
-		
-		//http://yn.com/api/synlogin?username=cp123456&password=123456
-		
-	
+
 		$passwork = $this->get_args('passwork') ? $this->get_args('passwork') : 0;
 		$uid = $this->get_args('user') ? $this->get_args('user') : 0;
 		
-
 		Doo::loadModel ( 'staff' );
 		$staff = new staff ();
-
+		Doo::loadClass ( 'XDeode' );
+		$XDeode = new XDeode ( 5 );
+		
 		if(!empty($passwork)){
 			$userinfo=$staff->checkUser($uid,$passwork);
 			if(!empty($userinfo)){
-				setcookie("staff", $userinfo[0]['sid'], time()+36000,"/");
+				setcookie("staff", $XDeode->encode ( $userinfo[0]['sid'] ), time()+36000,"/");
 				return "/";
 			}
 		}
@@ -2320,7 +2312,7 @@ class MainController extends DooController {
 
 		$data['product']=$product->getProudct();
 		
-		$data['staffu']=$staff->getUserById($_COOKIE["staff"]);
+		$data['staffu']=$staff->getUserById($this->staff[0]['sid']);
 		$data['category']=$L_category->getCategory();
 		$data['staffList']=$staff->getStaffByCid($cid);
 
@@ -4436,10 +4428,11 @@ $m="";
 
 		$gender=$this->get_args('gender')?$_POST['gender']:"男";
 
-		$oldpassword=isset($_POST['oldpassword'])?$_POST['oldpassword']:"";
+		
+		$oldpassword=$this->get_args('oldpassword')?$_POST['oldpassword']:"";
 
-		$newpassword=isset($_POST['newpassword'])?$_POST['newpassword']:"";
-		$rnewpassword=isset($_POST['rnewpassword'])?$_POST['rnewpassword']:"";
+		$newpassword=$this->get_args('newpassword')?$_POST['newpassword']:"";
+		$rnewpassword=$this->get_args('rnewpassword')?$_POST['rnewpassword']:"";
 
 		Doo::loadModel ( 'staff' );
 		$staff = new staff ();
@@ -6048,20 +6041,14 @@ function excelTime($date, $time = false)
 				return $_GET [$name];
 			else {
 				return addslashes ( $_GET [$name] );
-
-		//return  $_GET [$name] ;
 			}
-
 		} elseif (isset ( $_POST [$name] )) {
 			if (is_array ( $_POST [$name] ))
 				return $_POST [$name];
 			else {
 				return addslashes ( $_POST [$name] );
-
-		//return $_POST [$name];
 			}
 		} else {
-
 			return false;
 		}
 	}

protected/controller/MobileController.php

@@ -35,6 +35,9 @@ class MobileController extends DooController {
 		Doo::loadModel('tag');
 		$tag=new tag();
 		$staff = new staff ();
+		Doo::loadClass ( 'XDeode' );
+		$XDeode = new XDeode ( 5 );
+		
 		
 		if(!empty($pw)){
 			if(isset($_COOKIE['staff']))//$this->authcode(,'DECODE',$this->key)
@@ -45,7 +48,7 @@ class MobileController extends DooController {
 				//get user tag
 				$tagList=$tag->find(array('where'=>'sid='.$userinfo[0]['sid'],'asArray'=>true));
 				$userinfo[0]['passwork']=base64_encode($pw2);
-				setcookie("staff", $userinfo[0]['sid'], time()+36000,"/");
+				setcookie("staff", $XDeode->encode ($userinfo[0]['sid']), time()+36000,"/");
 				$a=filemtime(DOO::conf()->SITE_PATH.$userinfo[0]['avatar']."_2.jpg");
 				$userinfo[0]['avatarUpdateTime']=$a;
 				//if ($t){
@@ -95,14 +98,18 @@ class MobileController extends DooController {
 		$tagClient=new tag_client();
 		$staff = new staff ();
 		
-		$staffDetail=$staff->getOne(array('where'=>'sid='.$_COOKIE["staff"],'asArray'=>true));
+		Doo::loadClass ( 'XDeode' );
+		$XDeode = new XDeode ( 5 );
+		$sid = $XDeode->decode ( $_COOKIE ["staff"] );
+		
+		$staffDetail=$staff->getOne(array('where'=>'sid='.$sid,'asArray'=>true));
 		
 		if ($page!=1)
 			$page=$page*$size-1;
 		else 
 			$page--;
 			
-		$ClientTagList=$tagClient->getTagClientBySid( $_COOKIE["staff"]);
+		$ClientTagList=$tagClient->getTagClientBySid( $sid);
 		$toollist=$cTooltip->find(array('where'=>'cateid='.$staffDetail["cid"],'asArray'=>true));
 		$count=$client->count(array('limit'=>$page.','.$size,'where'=>" address like '%".$search."%' or clientname like '%".$search."%' or companyname like '%".$search."%' or qq like '%".$search."%' or telephone like '%".$search."%' or phone like '%".$search."%'",'asArray'=>true));	
 		$list=$client->find(array('limit'=>$page.','.$size,'where'=>" address like '%".$search."%' or clientname like '%".$search."%' or companyname like '%".$search."%' or qq like '%".$search."%' or telephone like '%".$search."%' or phone like '%".$search."%'",'asArray'=>true));
@@ -144,13 +151,17 @@ class MobileController extends DooController {
 		$staff=new staff();
 		$district=new district();
 		
-		$staffDetail=$staff->getOne(array('where'=>'sid='.$_COOKIE["staff"],'asArray'=>true));
+		Doo::loadClass ( 'XDeode' );
+		$XDeode = new XDeode ( 5 );
+		$sid = $XDeode->decode ( $_COOKIE ["staff"] );
+		
+		$staffDetail=$staff->getOne(array('where'=>'sid='.$sid,'asArray'=>true));
 		
 		if($did==0){
 			if ($staffDetail['isadmin'])
 				$districtList=$district->get_lvByid(0,$did);
 			else
-				$districtList=$district->get_lvByStaffid(1,$_COOKIE["staff"]);
+				$districtList=$district->get_lvByStaffid(1,$sid);
 		}else{
 			$districtList=$district->get_lvByid(0,$did);
 		}
@@ -184,6 +195,10 @@ class MobileController extends DooController {
 			Doo::loadModel('tagCompanyNexus');
 			$tagCompanyNexus = new tagCompanyNexus ();
 			
+			Doo::loadClass ( 'XDeode' );
+			$XDeode = new XDeode ( 5 );
+			$sid = $XDeode->decode ( $_COOKIE ["staff"] );
+			
 			$clientList=$client->getOne(array('where'=>'cid='.$cid,'asArray'=>true));
 			$companyList=$company->getOne(array('where'=>'cid='.$clientList['companyid'],'asArray'=>true));
 			$serviceLogList=$serviceLog->find(array('where'=>'clientid='.$cid,'desc'=>'date','asArray'=>true));
@@ -191,12 +206,12 @@ class MobileController extends DooController {
 			$longleList=$longle->find(array('where'=>'clientid='.$cid,'asArray'=>true));
 			$colleague=$client->find(array('where'=>'companyid='.$clientList['companyid'].' and cid!='.$cid,'asArray'=>true));
 			
-			$staffDetail=$staff->getOne(array('where'=>'sid='.$_COOKIE["staff"],'asArray'=>true));
-			$ClientTagList=$tagClient->getTagClientBySid( $_COOKIE["staff"]);
+			$staffDetail=$staff->getOne(array('where'=>'sid='.$sid,'asArray'=>true));
+			$ClientTagList=$tagClient->getTagClientBySid( $sid);
 			$toollist=$cTooltip->find(array('where'=>'cateid='.$staffDetail["cid"],'asArray'=>true));
 			
-			$companyTagL=$tagCompany->find(array('where'=>'sid='.$_COOKIE["staff"],'asArray'=>true));
-			$CompanyTagList=$tagCompanyNexus->getTagClientBySid( $_COOKIE["staff"]);
+			$companyTagL=$tagCompany->find(array('where'=>'sid='.$sid,'asArray'=>true));
+			$CompanyTagList=$tagCompanyNexus->getTagClientBySid( $sid);
 			foreach ($CompanyTagList as $key=>$value){
 				$CompanyTagList[$key]['taginfo']= $tagCompany->getTagByTidL($value['tag']);
 			}
@@ -289,7 +304,11 @@ class MobileController extends DooController {
 		$staff = new staff ();
 		$client_staff = new client_staff ();
 		
-		$staffDetail=$staff->getOne(array('where'=>'sid='.$_COOKIE["staff"],'asArray'=>true));
+		Doo::loadClass ( 'XDeode' );
+		$XDeode = new XDeode ( 5 );
+		$sid = $XDeode->decode ( $_COOKIE ["staff"] );
+		
+		$staffDetail=$staff->getOne(array('where'=>'sid='.$sid,'asArray'=>true));
 		
 		$condition="";
 		if(!empty($lv1))
@@ -312,7 +331,7 @@ class MobileController extends DooController {
 		$limit = "  limit " . $page . " , " . $size . " ";
 
 		//获得标签
-		$ClientTagList=$tagClient->getTagClientBySid( $_COOKIE["staff"]);
+		$ClientTagList=$tagClient->getTagClientBySid( $sid);
 		$toollist=$cTooltip->find(array('where'=>'cateid='.$staffDetail["cid"],'asArray'=>true));
 		$count = $this->getTableCount ( "CLD_client_staff", $condition ,$staffDetail["sid"],"",$teamTag,$staffDetail['cid']);
 		$clientList=$client_staff->getClientByStaff($condition,$limit,$staffDetail["sid"],$staffDetail["sid"],"",$teamTag,$staffDetail['cid']);
@@ -501,7 +520,11 @@ class MobileController extends DooController {
 			$client->updatetime=time();
 			$client->update();
 			
-			$staffDetail=$staff->getOne(array('where'=>'sid='.$_COOKIE["staff"],'asArray'=>true));
+			Doo::loadClass ( 'XDeode' );
+			$XDeode = new XDeode ( 5 );
+			$sid = $XDeode->decode ( $_COOKIE ["staff"] );
+			
+			$staffDetail=$staff->getOne(array('where'=>'sid='.$sid,'asArray'=>true));
 			
 			//标签
 			$tid = $this->get_args ( 'tagALD' );
@@ -510,7 +533,7 @@ class MobileController extends DooController {
 			$strtid=$tid;
 			
 			$tagClient=new tag_client();
-			$tagClientInfo=$tagClient->getTagClientBySCid($cid,$_COOKIE["staff"]);
+			$tagClientInfo=$tagClient->getTagClientBySCid($cid,$sid);
 				
 			//$ar=explode(",", $strtid.','.$tagClientInfo['tag']);
 			//$re=array_filter(array_unique($ar));
@@ -522,7 +545,7 @@ class MobileController extends DooController {
 				$tagClient->update();
 			}else{
 					
-				$tagClient->sid=$_COOKIE["staff"];
+				$tagClient->sid=$sid;
 				$tagClient->client=$cid;
 				$tagClient->insert();
 			}
@@ -623,7 +646,11 @@ class MobileController extends DooController {
 			Doo::loadModel ( 'staff' );
 			$staff = new staff ();
 			
-			$staffDetail=$staff->getOne(array('where'=>'sid='.$_COOKIE["staff"],'asArray'=>true));
+			Doo::loadClass ( 'XDeode' );
+			$XDeode = new XDeode ( 5 );
+			$sid = $XDeode->decode ( $_COOKIE ["staff"] );
+			
+			$staffDetail=$staff->getOne(array('where'=>'sid='.$sid,'asArray'=>true));
 			
 			$service_log->status=$status;
 			$service_log->clientid=$clientid;
@@ -686,7 +713,7 @@ class MobileController extends DooController {
 				$remindObj->clientID=$clientid;
 				$remindObj->companyName=$clientInfo['companyname'];
 				$remindObj->companyID=$companyInfo['cid'];
-				$remindObj->staffID=$_COOKIE["staff"];
+				$remindObj->staffID=$sid;
 				if ($status==1)
 					$remindObj->class="iconService";
 				if ($status==2)
@@ -728,6 +755,10 @@ class MobileController extends DooController {
 		$client=new client();
 		$company=new company();
 		
+		Doo::loadClass ( 'XDeode' );
+		$XDeode = new XDeode ( 5 );
+		$sid = $XDeode->decode ( $_COOKIE ["staff"] );
+		
 		$company->cid=$cid;
 		
 		if(!empty($lv21)&&!empty($lv22)&&!empty($lv23)){
@@ -773,14 +804,14 @@ class MobileController extends DooController {
 
 		$strtid=$tid;
 		$tagClient=new tagCompanyNexus();
-		$tagClientInfo=$tagClient->getTagClientBySCid($cid,$_COOKIE["staff"]);
+		$tagClientInfo=$tagClient->getTagClientBySCid($cid,$sid);
 
 		$tagClient->tag=$strtid;
 		if(!empty($tagClientInfo)){
 			$tagClient->tcid=$tagClientInfo['tcid'];
 			$tagClient->update();
 		}else{
-			$tagClient->sid=$_COOKIE["staff"];
+			$tagClient->sid=$sid;
 			$tagClient->company=$cid;
 			$tagClient->insert();
 		}
@@ -945,6 +976,10 @@ class MobileController extends DooController {
 		Doo::loadModel ( 'staff' );
 		$staff = new staff ();
 		
+		Doo::loadClass ( 'XDeode' );
+		$XDeode = new XDeode ( 5 );
+		$sid = $XDeode->decode ( $_COOKIE ["staff"] );
+		
 		$status=$this->get_args('longleStatus')?$this->get_args('longleStatus'):0;
 		$lid=$this->get_args('klid')?$this->get_args('klid'):0;
 		
@@ -953,7 +988,7 @@ class MobileController extends DooController {
 		}
 
 		$linfo=$longle->getLongleByLid($lid);
-		$this->staff=$staff->find(array('where'=>'sid='.$_COOKIE["staff"],'asArray'=>true));   
+		$this->staff=$staff->find(array('where'=>'sid='.$sid,'asArray'=>true));   
 		
 		if($status==0){
 			echo json_encode(array('status'=>2,'msg'=>''));die;
@@ -1428,7 +1463,11 @@ class MobileController extends DooController {
 		Doo::loadModel ( 'staffDynamic' );
 		$staffDynamic=new staffDynamic();
 		
-		$this->staff=$staff->find(array ('where' => "sid='".$_COOKIE["staff"]."'", 'asArray' => TRUE ));
+		Doo::loadClass ( 'XDeode' );
+		$XDeode = new XDeode ( 5 );
+		$sid = $XDeode->decode ( $_COOKIE ["staff"] );
+		
+		$this->staff=$staff->find(array ('where' => "sid='".$sid."'", 'asArray' => TRUE ));
 		
 		$staff->sid=$this->staff[0]['sid'];
 		
@@ -1520,10 +1559,15 @@ class MobileController extends DooController {
 	function getRemindHttp(){
 		Doo::loadModel('remind');
 		$remind=new remind();
+		
+		Doo::loadClass ( 'XDeode' );
+		$XDeode = new XDeode ( 5 );
+		$sid = $XDeode->decode ( $_COOKIE ["staff"] );
+		
 		//Doo::loadModel ( 'client' );
 		//$client = new client();
 		// and date_add(time, INTERVAL day DAY) <= CURDATE()
-		$remindList=$remind->find(array('where' => "staffID = '".$_COOKIE["staff"]."' and status=0 ",'asc'=>'date_add(time, INTERVAL day DAY)','asArray' => TRUE));
+		$remindList=$remind->find(array('where' => "staffID = '".$sid."' and status=0 ",'asc'=>'date_add(time, INTERVAL day DAY)','asArray' => TRUE));
 		$rc=0;
 		foreach ($remindList as $key=>$value){
 			$a=strtotime($value['time']." +".$value['day']." days");
@@ -1546,8 +1590,12 @@ class MobileController extends DooController {
 			Doo::loadModel('remind');
 			$remind=new remind();
 			
+			Doo::loadClass ( 'XDeode' );
+			$XDeode = new XDeode ( 5 );
+			$sid = $XDeode->decode ( $_COOKIE ["staff"] );
+			
 			$remind->status=1;
-			$remind->update(array('where' => "staffID = '".$_COOKIE["staff"]."' and rid=".$rid,'asArray' => TRUE));
+			$remind->update(array('where' => "staffID = '".$sid."' and rid=".$rid,'asArray' => TRUE));
 			
 			echo json_encode(array('status'=>1,'msg'=>''));die;
 		}

protected/controller/ReceiptController.php

@@ -3924,7 +3924,7 @@ class ReceiptController extends DooController {
 			$receipt->update ( array (
 					'where' => ' rid = ' . $rid 
 			) );
-			return "/approvalExpenses/2";
+			return "/approvalExpenses/pendApproval";
 		}
 	}
 	function ajaxExamineExe() {
@@ -8232,7 +8232,7 @@ class ReceiptController extends DooController {
 			$receipt->update ( array (
 					'where' => ' rid = ' . $rid 
 			) );
-			return "/approvalExpenses/2";
+			return "/approvalExpenses/pendApproval";
 		}
 	}
 	function expensesRetreats() {
@@ -8301,7 +8301,7 @@ class ReceiptController extends DooController {
 		}
 		
 		// echo "ddd";
-		return '/approvalExpenses';
+		return '/approvalExpenses/pendApproval';
 	}
 	function updateCheReceipt() {
 		$rid = $this->get_args ( 'rid' ) && is_numeric ( $this->get_args ( 'rid' ) ) ? $this->get_args ( 'rid' ) : 0;

protected/model/staff.php

@@ -71,6 +71,10 @@ class staff extends DooModel {
 		) );
 	}
 	public function getUserByIdList($puid) {
+		Doo::loadClass ( 'XDeode' );
+		$XDeode = new XDeode ( 5 );
+		
+		$puid = $XDeode->decode ( $puid );
 		return $this->find ( array (
 				'where' => "sid= '" . $puid . "'",
 				'asArray' => TRUE 

protected/plugin/TemplateTag.php

@@ -42,21 +42,22 @@ function isInvoiceNew($type = "GLOBAL") {
 	
 	$st = $staff->getUserByIdList ( $_COOKIE ["staff"] );
 	
+	
 	// 我的发票待处理
 	$pendingInvoice = $invoice->getOne ( array (
-			'where' => "(status=3 or status=4 or (status=2 and printStatus=1 and untreadStatus=0 ) or (status=2 and printStatus=1 and untreadStatus=2 )  )  and isDelete=0 and sid=" . $_COOKIE ["staff"],
+			'where' => "(status=3 or status=4 or (status=2 and printStatus=1 and untreadStatus=0 ) or (status=2 and printStatus=1 and untreadStatus=2 )  )  and isDelete=0 and sid=" . $st[0]['sid'],
 			'desc' => 'iid',
 			'asArray' => TRUE 
 	) );
 	// 我的收款待入账
 	$myClaim = $invoiceReceivables->getOne ( array (
-			'where' => " receivablesStaff like '" . $_COOKIE ["staff"] . "-%' and receivablesCategory like '" . $st [0] ['cid'] . ":%' and bindStatus=0",
+			'where' => " receivablesStaff like '" . $st[0]['sid'] . "-%' and receivablesCategory like '" . $st [0] ['cid'] . ":%' and bindStatus=0",
 			'desc' => 'irid',
 			'asArray' => TRUE 
 	) );
 	// 发票审批
 	$approval = $invoice->getOne ( array (
-			'where' => 'status=1 and pendingApprovals=' . $_COOKIE ["staff"],
+			'where' => 'status=1 and pendingApprovals=' . $st[0]['sid'],
 			'desc' => 'iid',
 			'asArray' => true 
 	) );
@@ -67,7 +68,7 @@ function isInvoiceNew($type = "GLOBAL") {
 	) );
 	// 发票打印
 	$print = $invoice->getOne ( array (
-			'where' => "status=2 and printStatus=0 and moldManage like '%[\"" . $_COOKIE ["staff"] . "\",%'",
+			'where' => "status=2 and printStatus=0 and moldManage like '%[\"" . $st[0]['sid'] . "\",%'",
 			'desc' => 'iid',
 			'asArray' => TRUE 
 	) );
@@ -216,9 +217,12 @@ function getReceiptCount() {
 	
 	Doo::loadModel ( 'receipt' );
 	$receipt = new receipt ();
+	Doo::loadClass ( 'XDeode' );
+	$XDeode = new XDeode ( 5 );
+	$st[0]['sid'] = $XDeode->decode ( $_COOKIE["staff"] );
 	
 	$dateCondition = " and Year(date) =" . $year;
-	$approvalCondition = ' and (nowStaff like "%,' . $_COOKIE ["staff"] . '%" or nowStaff like "%' . $_COOKIE ["staff"] . ',%" or nowStaff=' . $_COOKIE ["staff"] . ' ) ';
+	$approvalCondition = ' and (nowStaff like "%,' . $st[0]['sid'] . '%" or nowStaff like "%' . $st[0]['sid'] . ',%" or nowStaff=' . $st[0]['sid'] . ' ) ';
 	$receiptList = $receipt->find ( array (
 			'where' => ' status=' . $status . $dateCondition . $approvalCondition,
 			'desc' => 'rid',
@@ -232,8 +236,11 @@ function getReceiptCount() {
 function getExeCount() {
 	Doo::loadModel ( 'receipt' );
 	$receipt = new receipt ();
+	Doo::loadClass ( 'XDeode' );
+	$XDeode = new XDeode ( 5 );
+	$st[0]['sid'] = $XDeode->decode ( $_COOKIE["staff"] );
 	$receiptList = $receipt->find ( array (
-			'where' => '(executeCopy like \'%["' . $_COOKIE ["staff"] . '%\' and executeStaff NOT LIKE \'%' . $_COOKIE ["staff"] . '%\' ) and (status=1 or status=6)',
+			'where' => '(executeCopy like \'%["' . $st[0]['sid'] . '%\' and executeStaff NOT LIKE \'%' . $st[0]['sid'] . '%\' ) and (status=1 or status=6)',
 			'desc' => 'rid',
 			'asArray' => true 
 	) );

protected/view/admin/admin_myinfo.html

@@ -4,6 +4,13 @@
 	src="<?= WEB_SITE_GLOBAL ?>/js/swfobject.js"></script>
 <script type="text/javascript"
 	src="<?= WEB_SITE_GLOBAL ?>/js/fullAvatarEditor.js"></script>
+	
+	<link rel=stylesheet href="<?= WEB_SITE_GLOBAL ?>css/jquery.validator.css"> 
+<script type="text/javascript" src="<?= WEB_SITE_GLOBAL ?>js/jquery.validator.min.js"></script>
+<script type="text/javascript" src="<?= WEB_SITE_GLOBAL ?>js/zh-CN.js"></script>
+<script type="text/javascript" src="<?= WEB_SITE_GLOBAL ?>js/user.validator.js"></script>
+
+	
 <body>
 <div class="mainLayout">
 <div class="mainMenu">
@@ -164,17 +171,17 @@
 <legend>修改密码</legend>
 <div class="control-group"><label for="inputEmail"
 	class="control-label">旧密码</label>
-<div class="controls"><input type="password" name="oldpassword">
+<div class="controls"><input type="password" name="oldpassword" id="oldpassword">
 </div>
 </div>
 <div class="control-group"><label for="inputEmail"
 	class="control-label">新密码</label>
-<div class="controls"><input type="password" name="newpassword">
+<div class="controls"><input type="password" name="newpassword" id="newpassword">
 </div>
 </div>
 <div class="control-group"><label for="inputEmail"
 	class="control-label">确认新密码</label>
-<div class="controls"><input type="password" name="rnewpassword">
+<div class="controls"><input type="password" name="rnewpassword" id="rnewpassword">
 </div>
 </div>
 <div class="control-group">