error(mb_convert_encoding($e->getMessage(), 'UTF-8', 'UTF-8,GBK,GB2312,BIG5')); } $this->auth = Auth::instance(); $routePath = $this->controllerPath . '/' . $this->request->action(true); $token = $this->request->server('HTTP_BATOKEN', $this->request->request('batoken', Cookie::get('batoken') ?: false)); if (!$this->auth->actionInArr($this->noNeedLogin)) { $this->auth->init($token); if (!$this->auth->isLogin()) { $this->error(__('Please login first'), [ 'routeName' => 'adminLogin' ], 302); } if (!$this->auth->actionInArr($this->noNeedPermission)) { if (!$this->auth->check($routePath)) { $this->error(__('You have no permission'), [ 'routeName' => 'admin' ], 302); } } } else { if ($token) { $this->auth->init($token); } } } public function queryBuilder() { if (empty($this->model)) { return []; } $quickSearch = $this->request->get("quick_search/s", ''); $limit = $this->request->get("limit/d", 10); $order = $this->request->get("order/s", ''); $search = $this->request->get("search/a", []); $where = []; $modelName = strtolower($this->model->getName()); $modelTable = strtolower($this->model->getTable()); $alias[$modelTable] = $modelName; $tableAlias = $modelName . '.'; // 快速搜索 if ($quickSearch) { $quickSearchArr = is_array($this->quickSearchField) ? $this->quickSearchField : explode(',', $this->quickSearchField); foreach ($quickSearchArr as $k => $v) { $quickSearchArr[$k] = stripos($v, ".") === false ? $tableAlias . $v : $v; } $where[] = [implode("|", $quickSearchArr), "LIKE", "%{$quickSearch}%"]; } // 排序 if ($order) { $order = explode(',', $order); if (isset($order[0]) && isset($order[1]) && ($order[1] == 'asc' || $order[1] == 'desc')) { $order = [(string)$order[0] => $order[1]]; } } // 通用搜索组装 foreach ($search as $key => $item) { $field = json_decode($item, true); if (!is_array($field) || !isset($field['operator']) || !isset($field['field'])) { continue; } if (stripos($field['field'], '.') !== false) { $fieldArr = explode('.', $field['field']); $alias[$fieldArr[0]] = $fieldArr[0]; $fieldName = $field['field']; } else { $fieldName = $tableAlias . $field['field']; } // 日期时间 if (isset($field['render']) && $field['render'] == 'datetime') { if ($field['operator'] == 'RANGE' && is_array($field['val'])) { $datetimeArr = array_filter(array_map("strtotime", $field['val'])); $where[] = [$fieldName, str_replace('RANGE', 'BETWEEN', $field['operator']), $datetimeArr]; continue; } $where[] = [$fieldName, '=', strtotime($field['val'])]; continue; } // 范围查询 if ($field['operator'] == 'RANGE' || $field['operator'] == 'NOT RANGE') { if (stripos($field['val'], ',') === false) { continue; } $arr = explode(',', $field['val']); // 重新确定操作符 if (!isset($arr[0]) || $arr[0] === '') { $operator = $field['operator'] == 'RANGE' ? '<=' : '>'; $arr = $arr[1]; } elseif (!isset($arr[1]) || $arr[1] === '') { $operator = $field['operator'] == 'RANGE' ? '>=' : '<'; $arr = $arr[0]; } else { $operator = str_replace('RANGE', 'BETWEEN', $field['operator']); } $where[] = [$fieldName, $operator, $arr]; continue; } switch ($field['operator']) { case '=': case '<>': $where[] = [$fieldName, $field['operator'], (string)$field['val']]; break; case 'LIKE': case 'NOT LIKE': $where[] = [$fieldName, $field['operator'], "%{$field['val']}%"]; break; case '>': case '>=': case '<': case '<=': $where[] = [$fieldName, $field['operator'], intval($field['val'])]; break; case 'FIND_IN_SET': $where[] = [$fieldName, 'find in set', $field['val']]; break; case 'IN': case 'NOT IN': $where[] = [$fieldName, $field['operator'], is_array($field['val']) ? $field['val'] : explode(',', $field['val'])]; break; case 'NULL': case 'NOT NULL': $where[] = [$fieldName, strtolower($field['operator'])]; break; } } return [$where, $alias, $limit, $order]; } }