支持工单功能(3/10)

*后端部分
*工单内容上存在安全问题(XSS)
This commit is contained in:
Chenx221 2024-04-17 16:15:06 +08:00
parent d5d5e92f3c
commit 0942b89b26
Signed by: chenx221
GPG Key ID: D7A9EC07024C3021
2 changed files with 41 additions and 4 deletions

View File

@ -2,6 +2,7 @@
namespace app\controllers;
use app\models\TicketReplies;
use app\models\Tickets;
use app\models\TicketsSearch;
use Yii;
@ -10,7 +11,6 @@ use yii\filters\AccessControl;
use yii\web\Controller;
use yii\web\NotFoundHttpException;
use yii\filters\VerbFilter;
use yii\web\Request;
use yii\web\Response;
/**
@ -74,11 +74,31 @@ class TicketsController extends Controller
*/
public function actionView(int $id): string
{
//fetch all replies for this ticket
$ticketReplies = $this->findTicketReplies($id);
//json
$json = json_encode($ticketReplies);
return $this->render('view', [
'model' => $this->findModel($id),
'ticketReplies' => $json,
]);
}
protected function findTicketReplies(int $ticketId): array
{
$ticketReplies = TicketReplies::find()
->where(['ticket_id' => $ticketId])
->orderBy(['created_at' => SORT_ASC])
->all();
$result = [];
foreach ($ticketReplies as $reply) {
$result[] = $reply->toArray();
}
return $result;
}
/**
* Creates a new Tickets model.
* If creation is successful, the browser will be redirected to the 'view' page.
@ -97,7 +117,8 @@ class TicketsController extends Controller
$model->created_at = date('Y-m-d H:i:s');
$model->updated_at = date('Y-m-d H:i:s');
if($model->save()){
if ($model->save()) {
Yii::$app->session->setFlash('success', '工单创建成功');
return $this->redirect(['view', 'id' => $model->id]);
}
}

View File

@ -15,6 +15,7 @@ use yii\db\ActiveRecord;
* @property string $message 消息内容
* @property string $created_at 发送时间
* @property string $ip ip地址
* @property int $is_admin 是否是管理员回复
*
* @property Tickets $ticket
* @property User $user
@ -35,8 +36,8 @@ class TicketReplies extends ActiveRecord
public function rules(): array
{
return [
[['ticket_id', 'user_id', 'message', 'ip'], 'required'],
[['ticket_id', 'user_id'], 'integer'],
[['ticket_id', 'user_id', 'message', 'ip', 'is_admin'], 'required'],
[['ticket_id', 'user_id', 'is_admin'], 'integer'],
[['message'], 'string'],
[['created_at'], 'safe'],
[['ip'], 'string', 'max' => 150],
@ -57,6 +58,7 @@ class TicketReplies extends ActiveRecord
'message' => '消息内容',
'created_at' => '发送时间',
'ip' => 'ip地址',
'is_admin' => '是否是管理员回复'
];
}
@ -79,4 +81,18 @@ class TicketReplies extends ActiveRecord
{
return $this->hasOne(User::class, ['id' => 'user_id']);
}
public function toArray(array $fields = [], array $expand = [], $recursive = true): array
{
return [
'id' => $this->id,
'ticket_id' => $this->ticket_id,
'name' => ($this->is_admin === 1) ? $this->user->username : '您',
'message' => $this->message,
'created_at' => $this->created_at,
'ip' => $this->ip,
'is_admin' => $this->is_admin,
];
}
}