ACTION = $uriPartsOrig [1]; $this->data ['new'] = $this->isInvoiceNew (); $this->staff = $staff->getUserByIdList ( $_COOKIE ["staff"] ); $this->data ['isStaffCompleteMsg'] = false; $detail = $staff->checkStaffInfoIsComplete ( $_COOKIE ["staff"] ); if (! empty ( $detail )) $this->data ['isStaffCompleteMsg'] = true; return "/"; } } Doo::loadCore ( 'uri/DooUriRouter' ); $router = new DooUriRouter (); $routeRs = $router->execute ( Doo::app ()->route, Doo::conf ()->SUBFOLDER ); if ($routeRs ['1'] != "login") { header ( 'Content-Type:text/html;charset=utf-8' ); @header ( "Location: /login" ); } } /** * 自动填写 */ function autoFillInIFB() { $fill = $this->get_args ( 'fill' ) ? $this->get_args ( 'fill' ) : ""; $fillType = $this->get_args ( 'fillType' ) ? $this->get_args ( 'fillType' ) : "TITLE"; if (! empty ( $fill )) { Doo::loadModel ( 'invoiceInfoBase' ); $invoiceInfoBase = new invoiceInfoBase (); if ($fillType=='TIN'){ $ifbList = $invoiceInfoBase->getIFBByTIN ( $fill ); }else{ $ifbList = $invoiceInfoBase->getIFBByTitle ( $fill ); } echo json_encode ( $ifbList ); } else { echo json_encode ( array ( 0 => array ( 'invoiceTitle' => '' ) ) ); } } function ajaxGetInvoceList(){ } /** * 获得已经结算完成的培训班 */ function ajaxGetInvoiceTrainByEnd(){ Doo::loadModel ( 'invoiceTraining' ); $invoiceTraining = new invoiceTraining (); $invoiceTrainingList = $invoiceTraining->getInvoiceTrainBySettlementStatus ( 0 ,$this->staff[0]['cid'],0); echo json_encode ( array ( 'status' => 1, 'invoiceTrainingList' => $invoiceTrainingList ) ); } function ajaxGetInvoice(){ $iidKey = $this->get_args ( 'iidKey' ) ? $this->get_args ( 'iidKey' ) : ""; Doo::loadClass ( 'XDeode' ); $XDeode = new XDeode ( 5 ); $iid = $XDeode->decode ( $iidKey ); if (! is_numeric ( $iid )){ echo json_encode ( array ( 'status' => 0, 'invoiceDetail' => array() ) ); die ( 'illegal request' ); } Doo::loadModel ( 'invoice' ); $invoice = new invoice (); $invoiceDetail = $invoice->getInvoiceByIid ( $iid ); Doo::loadModel ( 'invoiceTraining' ); $invoiceTraining = new invoiceTraining (); $itList = $invoiceTraining->getInvoiceTrainingByCid ( $invoiceDetail ['cid'] ); Doo::loadModel ( 'receipt' ); $receipt = new receipt (); foreach ( $itList as $key => $value ) { // 不展示已结算完结的培训班 $receiptDetail = $receipt->getReceiptByinvoiceTrainId ( $value ['itid'] ); if (! empty ( $receiptDetail )) { if ($receiptDetail ['status'] == 8 || $receiptDetail ['status'] == 9) { unset ( $itList [$key] ); } } } $html=''; foreach ($itList as $key=>$value){ if($value['itid']==$invoiceDetail ['trainId']){ $html.=''.$value['trainDate'].' '.$value['trainName'].''; }else{ $html.=''.$value['trainDate'].' '.$value['trainName'].''; } } $invoiceDetail['itList']=$itList; echo json_encode ( array ( 'status' => 1, 'invoiceDetail' => $invoiceDetail, 'settlementHtml'=>$html ) ); } /** * 旧输入导入 */ function _GetFileEXT($filename) { $pics = explode ( '.', $filename ); $num = count ( $pics ); return $pics [$num - 1]; } /** * 获取get或者POST值 * * @param string $name 属性名称 * @return fixed 值 */ function get_args($name) { if (isset ( $_GET [$name] )) { if (is_array ( $_GET [$name] )) return $_GET [$name]; else return addslashes ( $_GET [$name] ); } elseif (isset ( $_POST [$name] )) { if (is_array ( $_POST [$name] )) return $_POST [$name]; else return addslashes ( $_POST [$name] ); } else return false; } function SafeFilter(&$arr) { $ra = Array ( '/([\x00-\x08,\x0b-\x0c,\x0e-\x19])/', '/script/', '/javascript/', '/vbscript/', '/expression/', '/applet/', '/meta/', '/xml/', '/blink/', '/link/', '/style/', '/embed/', '/object/', '/frame/', '/layer/', '/title/', '/bgsound/', '/base/', '/onload/', '/onunload/', '/onchange/', '/onsubmit/', '/onreset/', '/onselect/', '/onblur/', '/onfocus/', '/onabort/', '/onkeydown/', '/onkeypress/', '/onkeyup/', '/onclick/', '/ondblclick/', '/onmousedown/', '/onmousemove/', '/onmouseout/', '/onmouseover/', '/onmouseup/', '/onunload/' ); if (is_array ( $arr )) { foreach ( $arr as $key => $value ) { if (! is_array ( $value )) { if (! get_magic_quotes_gpc ()) // 不对magic_quotes_gpc转义过的字符使用addslashes(),避免双重转义。 { $value = addslashes ( $value ); // 给单引号（'）、双引号（"）、反斜线（\）与 NUL（NULL 字符）加上反斜线转义 } $value = preg_replace ( $ra, '', $value ); // 删除非打印字符，粗暴式过滤xss可疑字符串 $arr [$key] = htmlentities ( strip_tags ( $value ) ); // 去除 HTML 和 PHP 标记并转换为 HTML 实体 } else { SafeFilter ( $arr [$key] ); } } } } /** * Escape String * * @access public * @param string * @param bool whether or not the string will be used in a LIKE condition * @return string */ function escape_str($str, $like = FALSE) { if (is_array ( $str )) { foreach ( $str as $key => $val ) { $str [$key] = $this->escape_str ( $val, $like ); } return $str; } var_dump ( Doo::db ()->getDbObject () ); die (); if (function_exists ( 'mysql_real_escape_string' ) and is_resource ( Doo::db ()->getDbObject () )) { // Doo::db ()->getDbObject() $str = mysql_real_escape_string ( $str, Doo::db ()->getDbObject () ); } elseif (function_exists ( 'mysql_escape_string' )) { $str = mysql_escape_string ( $str ); } else { $str = addslashes ( $str ); } // escape LIKE condition wildcards if ($like === TRUE) { $str = str_replace ( array ( '%', '_' ), array ( '\\%', '\\_' ), $str ); } return $str; } } ?>