chenx221/yii2-netdisk
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

支持工单功能(3/10)

Browse Source 
*后端部分
*工单内容上存在安全问题(XSS)
This commit is contained in:
Chenx221 2024-04-17 16:15:06 +08:00
parent d5d5e92f3c
commit 0942b89b26
Signed by: chenx221
GPG Key ID: D7A9EC07024C3021
2 changed files with 41 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
controllers/TicketsController.php
View File

@ -2,6 +2,7 @@
namespace app\controllers; namespace app\controllers;
use app\models\TicketReplies;
use app\models\Tickets; use app\models\Tickets;
use app\models\TicketsSearch; use app\models\TicketsSearch;
use Yii; use Yii;
@ -10,7 +11,6 @@ use yii\filters\AccessControl;
use yii\web\Controller; use yii\web\Controller;
use yii\web\NotFoundHttpException; use yii\web\NotFoundHttpException;
use yii\filters\VerbFilter; use yii\filters\VerbFilter;
use yii\web\Request;
use yii\web\Response; use yii\web\Response;
/** /**
@ -74,11 +74,31 @@ class TicketsController extends Controller
*/ */
public function actionView(int $id): string public function actionView(int $id): string
{ {
//fetch all replies for this ticket
$ticketReplies = $this->findTicketReplies($id);
//json
$json = json_encode($ticketReplies);
return $this->render('view', [ return $this->render('view', [
'model' => $this->findModel($id), 'model' => $this->findModel($id),
'ticketReplies' => $json,
]); ]);
} }
protected function findTicketReplies(int $ticketId): array
{
$ticketReplies = TicketReplies::find()
->where(['ticket_id' => $ticketId])
->orderBy(['created_at' => SORT_ASC])
->all();
$result = [];
foreach ($ticketReplies as $reply) {
$result[] = $reply->toArray();
}
return $result;
}
/** /**
* Creates a new Tickets model. * Creates a new Tickets model.
* If creation is successful, the browser will be redirected to the 'view' page. * If creation is successful, the browser will be redirected to the 'view' page.
@ -97,7 +117,8 @@ class TicketsController extends Controller
$model->created_at = date('Y-m-d H:i:s'); $model->created_at = date('Y-m-d H:i:s');
$model->updated_at = date('Y-m-d H:i:s'); $model->updated_at = date('Y-m-d H:i:s');
if($model->save()){ if ($model->save()) {
Yii::$app->session->setFlash('success', '工单创建成功');
return $this->redirect(['view', 'id' => $model->id]); return $this->redirect(['view', 'id' => $model->id]);
} }
} }

20
models/TicketReplies.php
View File

@ -15,6 +15,7 @@ use yii\db\ActiveRecord;
* @property string $message 消息内容 * @property string $message 消息内容
* @property string $created_at 发送时间 * @property string $created_at 发送时间
* @property string $ip ip地址 * @property string $ip ip地址
* @property int $is_admin 是否是管理员回复
* *
* @property Tickets $ticket * @property Tickets $ticket
* @property User $user * @property User $user
@ -35,8 +36,8 @@ class TicketReplies extends ActiveRecord
public function rules(): array public function rules(): array
{ {
return [ return [
[['ticket_id', 'user_id', 'message', 'ip'], 'required'], [['ticket_id', 'user_id', 'message', 'ip', 'is_admin'], 'required'],
[['ticket_id', 'user_id'], 'integer'], [['ticket_id', 'user_id', 'is_admin'], 'integer'],
[['message'], 'string'], [['message'], 'string'],
[['created_at'], 'safe'], [['created_at'], 'safe'],
[['ip'], 'string', 'max' => 150], [['ip'], 'string', 'max' => 150],
@ -57,6 +58,7 @@ class TicketReplies extends ActiveRecord
'message' => '消息内容', 'message' => '消息内容',
'created_at' => '发送时间', 'created_at' => '发送时间',
'ip' => 'ip地址', 'ip' => 'ip地址',
'is_admin' => '是否是管理员回复'
]; ];
} }
@ -79,4 +81,18 @@ class TicketReplies extends ActiveRecord
{ {
return $this->hasOne(User::class, ['id' => 'user_id']); return $this->hasOne(User::class, ['id' => 'user_id']);
} }
public function toArray(array $fields = [], array $expand = [], $recursive = true): array
{
return [
'id' => $this->id,
'ticket_id' => $this->ticket_id,
'name' => ($this->is_admin === 1) ? $this->user->username : '您',
'message' => $this->message,
'created_at' => $this->created_at,
'ip' => $this->ip,
'is_admin' => $this->is_admin,
];
}
} }