Apq
/
SSPanel-Uim
mirror of https://github.com/Anankke/SSPanel-Uim.git


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278
							<?php

declare(strict_types=1);

namespace App\Controllers\User;

use App\Controllers\BaseController;
use App\Models\Invoice;
use App\Models\Order;
use App\Models\Product;
use App\Models\UserCoupon;
use App\Utils\Tools;
use Slim\Http\Response;
use Slim\Http\ServerRequest;
use voku\helper\AntiXSS;

final class OrderController extends BaseController
{
    public static array $details = [
        'field' => [
            'op' => '操作',
            'id' => '订单ID',
            'product_id' => '商品ID',
            'product_type' => '商品类型',
            'product_name' => '商品名称',
            'coupon' => '优惠码',
            'price' => '金额',
            'status' => '状态',
            'create_time' => '创建时间',
            'update_time' => '更新时间',
        ],
    ];

    public function order(ServerRequest $request, Response $response, array $args)
    {
        return $response->write(
            $this->view()
                ->assign('details', self::$details)
                ->fetch('user/order/index.tpl')
        );
    }

    public function create(ServerRequest $request, Response $response, array $args)
    {
        $antiXss = new AntiXSS();
        $product_id = $antiXss->xss_clean($request->getQueryParams()['product_id']) ?? null;

        if ($product_id === null || $product_id === '') {
            return $response->withRedirect('/user/product');
        }

        $product = Product::where('id', $product_id)->first();

        $product->content = \json_decode($product->content);

        return $response->write(
            $this->view()
                ->assign('product', $product)
                ->fetch('user/order/create.tpl')
        );
    }

    public function detail(ServerRequest $request, Response $response, array $args)
    {
        $antiXss = new AntiXSS();
        $id = $antiXss->xss_clean($args['id']);

        $order = Order::where('user_id', $this->user->id)->where('id', $id)->first();

        if ($order === null) {
            return $response->withRedirect('/user/order');
        }

        $order->product_type = Tools::getOrderProductType($order);
        $order->status = Tools::getOrderStatus($order);
        $order->create_time = Tools::toDateTime($order->create_time);
        $order->update_time = Tools::toDateTime($order->update_time);

        $product_content = \json_decode($order->product_content);

        $invoice = Invoice::where('order_id', $id)->first();
        $invoice->status = Tools::getInvoiceStatus($invoice);
        $invoice->create_time = Tools::toDateTime($invoice->create_time);
        $invoice->update_time = Tools::toDateTime($invoice->update_time);
        $invoice->pay_time = Tools::toDateTime($invoice->pay_time);
        $invoice_content = \json_decode($invoice->content);

        return $response->write(
            $this->view()
                ->assign('order', $order)
                ->assign('invoice', $invoice)
                ->assign('product_content', $product_content)
                ->assign('invoice_content', $invoice_content)
                ->fetch('user/order/view.tpl')
        );
    }

    public function process(ServerRequest $request, Response $response, array $args)
    {
        $antiXss = new AntiXSS();
        $coupon_raw = $antiXss->xss_clean($request->getParam('coupon'));
        $product_id = $antiXss->xss_clean($request->getParam('product_id'));

        $product = Product::find($product_id);        

        if ($product === null) {
            return $response->withJson([
                'ret' => 0,
                'msg' => '商品不存在',
            ]);
        }

        if ($product->stock === 0) {
            return $response->withJson([
                'ret' => 0,
                'msg' => '商品库存不足',
            ]);
        }

        $buy_price = $product->price;
        $user = $this->user;

        if ($coupon_raw !== '') {
            $coupon = UserCoupon::where('code', $coupon_raw)->first();

            if ($coupon === null) {
                return $response->withJson([
                    'ret' => 0,
                    'msg' => '优惠码无效',
                ]);
            }

            if ($coupon->expire_time < \time()) {
                return $response->withJson([
                    'ret' => 0,
                    'msg' => '优惠码无效',
                ]);
            }

            $coupon_limit = \json_decode($coupon->limit);

            if ((int) $coupon_limit->disabled === 1) {
                return $response->withJson([
                    'ret' => 0,
                    'msg' => '优惠码无效',
                ]);
            }

            if ($coupon_limit->product_id !== '') {
                $product_limit = explode(',', $coupon_limit->product_id);
                if (! in_array($product_id, $product_limit)) {
                    return $response->withJson([
                        'ret' => 0,
                        'msg' => '优惠码无效',
                    ]);
                }
            }

            $coupon_use_limit = $coupon_limit->use_time;

            if ($coupon_use_limit > 0) {
                $use_count = Order::where('user_id', $user->id)->where('coupon', $coupon->code)->count();
                if ($use_count >= $coupon_use_limit) {
                    return $response->withJson([
                        'ret' => 0,
                        'msg' => '优惠码无效',
                    ]);
                }
            }

            $content = \json_decode($coupon->content);

            if ($content->type === 'percentage') {
                $discount = $product->price * $content->value / 100;
            } else {
                $discount = $content->value;
            }

            $buy_price = $product->price - $discount;
        }

        $product_limit = \json_decode($product->limit);

        if ($product_limit->class_required !== '') {
            if ($user->class < $product_limit->class_required) {
                return $response->withJson([
                    'ret' => 0,
                    'msg' => '账户不满足购买条件',
                ]);
            }
        }

        if ($product_limit->node_group_required !== '') {
            if ($user->node_group !== $product_limit->node_group_required) {
                return $response->withJson([
                    'ret' => 0,
                    'msg' => '账户不满足购买条件',
                ]);
            }
        }

        if ($product_limit->new_user_required !== 0) {
            $order_count = Order::where('user_id', $user->id)->count();
            if ($order_count > 0) {
                return $response->withJson([
                    'ret' => 0,
                    'msg' => '账户不满足购买条件',
                ]);
            }
        }

        $order = new Order();
        $order->user_id = $user->id;
        $order->product_id = $product->id;
        $order->product_type = $product->type;
        $order->product_name = $product->name;
        $order->product_content = $product->content;
        $order->coupon = $coupon_raw;
        $order->price = $buy_price;
        $order->status = 'pending_payment';
        $order->create_time = time();
        $order->update_time = time();
        $order->save();

        $invoice_content[] = [
            'content_id' => 0,
            'name' => $product->price,
            'price' => $product->content,
        ];

        if ($coupon_raw !== '') {
            $invoice_content[] = [
                'content_id' => 1,
                'name' => '优惠码 ' . $coupon_raw,
                'price' => '-' . $discount,
            ];
        }

        $invoice = new Invoice();
        $invoice->user_id = $user->id;
        $invoice->order_id = $order->id; 
        $invoice->content = \json_encode($invoice_content);
        $invoice->price = $buy_price;
        $invoice->status = 'unpaid';
        $invoice->create_time = \time();
        $invoice->update_time = \time();
        $invoice->pay_time = 0;
        $invoice->save();

        return $response->withJson([
            'ret' => 1,
            'msg' => '成功创建订单，正在跳转账单页面',
            'invoice_id' => $invoice->id,
        ]);
    }

    public function ajax(ServerRequest $request, Response $response, array $args)
    {
        $orders = Order::orderBy('id', 'desc')->where('user_id', $this->user->id)->get();

        foreach ($orders as $order) {
            $order->op = '<a class="btn btn-blue" href="/user/order/' . $order->id . '/view">查看</a>';
            if ($order->status === 'pending_payment') {
                $invoice_id = Invoice::where('order_id', $order->id)->first()->id;
                $order->op .= '
                <a class="btn btn-red" href="/user/invoice/' . $invoice_id . '/view">支付</a>';
            }
            $order->product_type = Tools::getOrderProductType($order);
            $order->status = Tools::getOrderStatus($order);
            $order->create_time = Tools::toDateTime($order->create_time);
            $order->update_time = Tools::toDateTime($order->update_time);
        }

        return $response->withJson([
            'orders' => $orders,
        ]);
    }
}