<?php require '../inc/odbc.php';?>
|
<?php
|
include_once "WXBizMsgCrypt.php";
|
// 假设企业号在公众平台上设置的参数如下
|
$encodingAesKey = "p53txECFAcKYMQ4vzBEvJffCbugNgzapBq7IatW2sV1";
|
$token = "QDG6eK";
|
$corpId = "wx248505bfbab6d0c1";
|
|
$sReqMsgSig=empty($_REQUEST['msg_signature'])!=false ? "" : $_REQUEST['msg_signature'];
|
$sReqTimeStamp=empty($_REQUEST['timestamp'])!=false ? "" : $_REQUEST['timestamp'];
|
$sReqNonce=empty($_REQUEST['nonce'])!=false ? "" : $_REQUEST['nonce'];
|
|
// post请求的密文数据
|
$sReqData = $GLOBALS['HTTP_RAW_POST_DATA'];
|
//$sReqData = json_decode(json_encode(simplexml_load_string($sReqData, 'SimpleXMLElement', LIBXML_NOCDATA)), true);
|
|
|
$sMsg = ""; // 解析之后的明文
|
$wxcpt = new WXBizMsgCrypt($token, $encodingAesKey, $corpId);
|
$errCode = $wxcpt->DecryptMsg($sReqMsgSig, $sReqTimeStamp, $sReqNonce, $sReqData, $sMsg);
|
if ($errCode == 0) {
|
// 解密成功,sMsg即为xml格式的明文
|
//var_dump($sMsg);
|
// TODO: 对明文的处理
|
$sMsgData = json_decode(json_encode(simplexml_load_string($sMsg, 'SimpleXMLElement', LIBXML_NOCDATA)), true);
|
//$sql="insert into API_Json (method,Json) values ('contactsApi','".json_encode($sMsgData)."')";
|
//$UPsql = sqlsrv_query($conn,$sql);
|
$Event = $sMsgData['Event']; //事件的类型
|
if ($Event=='change_contact'){
|
$ChangeType = $sMsgData['ChangeType']; //create_user成员新建,update_user成员更新,delete_user成员删除,create_party新增部门,update_party更新部门,delete_party删除部门
|
|
//新增成员事件
|
if ($ChangeType=='create_user'){
|
$OA_User = $sMsgData['UserID'];
|
$OA_Name=empty($sMsgData['Name'])!=false ? "" : $sMsgData['Name'];
|
$OA_gender=empty($sMsgData['Gender'])!=false ? 1 : $sMsgData['Gender'];
|
$OA_mobile=empty($sMsgData['Mobile'])!=false ? "" : $sMsgData['Mobile'];
|
$OA_email=empty($sMsgData['Email'])!=false ? "" : $sMsgData['Email'];
|
$OA_Position=empty($sMsgData['Position'])!=false ? "" : $sMsgData['Position'];
|
$OA_weixinAvatar=empty($sMsgData['Avatar'])!=false ? "" : $sMsgData['Avatar'];
|
if (!empty($sMsgData['Department'])) {
|
$OA_Department = $sMsgData['Department'];
|
$DepartmentArray = explode(',',$OA_Department);
|
$OA_DepartmentID=$DepartmentArray[0];
|
}else{
|
$OA_DepartmentID=1;
|
}
|
$OA_CompetencyID=0;
|
//其它信息
|
$IdentityCard="";
|
if (!empty($sMsgData['ExtAttr'])) {
|
if (!empty($sMsgData['ExtAttr']['Item'])) {
|
$v=0;
|
foreach ($sMsgData['ExtAttr']['Item'] as $value) {
|
foreach ($value as $value1) {
|
//身份证
|
if ($IdentityCard=="1" and is_numeric($value1)) {$IdentityCard=$value1;}
|
if ($value1=="身份证" and $IdentityCard=="") {$IdentityCard="1";}
|
//身份证--end
|
}
|
$v=$v+1;
|
}
|
|
}
|
}
|
if ($IdentityCard=="1" or $IdentityCard=="0") {$IdentityCard="";}
|
|
//默认部门权限设定
|
$OA_Power="";
|
$OA_OrderClass="";
|
$sql="select OA_Power,OA_OrderClass,vtext from dictionary,OA_User where OA_User=vtext+'_部门' and vtitle='OA_Department' and vID=".$OA_DepartmentID;
|
$data = sqlsrv_query($conn,$sql);
|
if($data == true){
|
if (sqlsrv_rows_affected($data)!=0) {
|
while($rs = sqlsrv_fetch_array($data) ) {
|
$OA_Power = $rs['OA_Power'];
|
$OA_OrderClass = $rs['OA_OrderClass'];
|
$OA_DepartmentName = $rs['vtext'];
|
if (stripos($OA_DepartmentName,'客服')!=false){
|
$OA_CompetencyID=1;
|
}elseif (stripos($OA_DepartmentName,'车队')!=false or stripos($OA_DepartmentName,'司机')!=false or stripos($OA_DepartmentName,'车管')!=false){
|
$OA_CompetencyID=2;
|
}elseif (stripos($OA_DepartmentName,'医生')!=false or stripos($OA_DepartmentName,'医疗')!=false){
|
$OA_CompetencyID=3;
|
}elseif (stripos($OA_DepartmentName,'护士')!=false or stripos($OA_DepartmentName,'护理')!=false){
|
$OA_CompetencyID=4;
|
}
|
}
|
}
|
}
|
$sql="insert into OA_User (OA_User,OA_Pass,OA_Name,OA_weixinUserID,OA_gender,OA_mobile,OA_weixinID,OA_email,OA_IdentityCard,OA_Position,OA_province,OA_city,OA_execLevel,OA_Power,OA_DepartmentID,OA_OrderClass,Post_Name,Post_MoneyP,Post_MoneyP1) values ('".$OA_User."',pwdencrypt('000000'),'".$OA_Name."','".$OA_User."',".$OA_gender.",'".$OA_mobile."','','".$OA_email."','".$IdentityCard."','".$OA_Position."','','',1,'".$OA_Power."',".$OA_DepartmentID.",'".$OA_OrderClass."','',0,0.5)";
|
$UPsql = sqlsrv_query($conn,$sql);
|
if ($OA_CompetencyID!=0){
|
$sql="select OA_User_ID from OA_User where OA_User='".$OA_User."'";
|
$data = sqlsrv_query($conn,$sql);
|
if($data == true){
|
if (sqlsrv_rows_affected($data)!=0) {
|
while($rs = sqlsrv_fetch_array($data) ) {
|
$OA_UserID = $rs['OA_User_ID'];
|
$sql="insert into OA_Competency (OA_CompetencyID,OA_CompetencyUserID) values (".$OA_CompetencyID.",".$OA_UserID.")";
|
$UPsql = sqlsrv_query($conn,$sql);
|
}
|
}
|
}
|
}
|
}
|
//新增成员事件----end
|
|
//更新成员事件
|
if ($ChangeType=='update_user'){
|
$UserID = $sMsgData['UserID'];
|
$UPdate_Sql="OA_weixinUserID='".$UserID."'";
|
if (!empty($sMsgData['NewUserID'])) {$UPdate_Sql = "OA_weixinUserID='".$sMsgData['NewUserID']."'";} //成员名称,变更时推送
|
if (!empty($sMsgData['Name'])) {$UPdate_Sql = $UPdate_Sql.",OA_Name='".$sMsgData['Name']."'";} //成员名称,变更时推送
|
if (!empty($sMsgData['Mobile'])) {$UPdate_Sql = $UPdate_Sql.",OA_mobile='".$sMsgData['Mobile']."'";} //手机号码,变更时推送
|
if (!empty($sMsgData['Email'])) {$UPdate_Sql = $UPdate_Sql.",OA_email='".$sMsgData['Email']."'";} //邮箱,变更时推送
|
if (!empty($sMsgData['Avatar'])) {$UPdate_Sql = $UPdate_Sql.",OA_weixinAvatar='".$sMsgData['Avatar']."'";} //头像url。注:如果要获取小图将url最后的”/0”改成”/100”即可。变更时推送
|
if (!empty($sMsgData['Position'])) {$UPdate_Sql = $UPdate_Sql.",OA_Position='".$sMsgData['Position']."'";} //职位信息。长度为0~64个字节,变更时推送
|
//成员部门列表,变更时推送,仅返回该应用有查看权限的部门id
|
if (!empty($sMsgData['Department'])) {
|
$OA_Department = $sMsgData['Department'];
|
$DepartmentArray = explode(',',$OA_Department);
|
$OA_DepartmentID=$DepartmentArray[0];
|
$UPdate_Sql = $UPdate_Sql.",OA_DepartmentID=".$OA_DepartmentID;
|
}
|
|
//激活状态:1=激活或关注, 2=禁用, 4=未激活(重新启用未激活用户或者退出企业并且取消关注时触发)
|
if (!empty($sMsgData['Status'])) {
|
$Status = $sMsgData['Status'];
|
if ($Status==2){
|
$UPdate_Sql = $UPdate_Sql.",OA_execLevel=-1,OA_weixinStatus=".$Status;
|
}else {
|
$UPdate_Sql = $UPdate_Sql.",OA_weixinStatus=".$Status;
|
}
|
}
|
//其它信息
|
$IdentityCard="";
|
if (!empty($sMsgData['ExtAttr'])) {
|
if (!empty($sMsgData['ExtAttr']['Item'])) {
|
$v=0;
|
foreach ($sMsgData['ExtAttr']['Item'] as $value) {
|
foreach ($value as $value1) {
|
//身份证
|
if ($IdentityCard=="1" and is_numeric($value1)) {$IdentityCard=$value1;}
|
if ($value1=="身份证" and $IdentityCard=="") {$IdentityCard="1";}
|
//身份证--end
|
}
|
$v=$v+1;
|
}
|
|
}
|
}
|
if ($IdentityCard=="1" or $IdentityCard=="0") {$IdentityCard="";}
|
$UPdate_Sql = $UPdate_Sql.",OA_IdentityCard='".$IdentityCard."'";
|
|
//更新数据库
|
if (!empty($UPdate_Sql) and !empty($UserID)) {
|
$sql="update OA_User set ".$UPdate_Sql." where OA_weixinUserID='".$UserID."'";
|
$UPsql = sqlsrv_query($conn,$sql);
|
}
|
}
|
//更新成员事件----end
|
|
//delete_user成员删除
|
if ($ChangeType=='delete_user'){
|
$UserID = $sMsgData['UserID'];
|
//更新数据库
|
if (!empty($UserID)) {
|
$sql="delete from OA_User where OA_weixinUserID='".$UserID."'";
|
$UPsql = sqlsrv_query($conn,$sql);
|
}
|
}
|
//成员删除----end
|
|
//create_party新增部门
|
if ($ChangeType=='create_party'){
|
$department_id = $sMsgData['Id']; //部门id
|
$department_name = $sMsgData['Name']; //部门名称
|
$department_parentid = $sMsgData['ParentId']; //父亲部门id。根部门为1
|
$department_order = $sMsgData['Order']; //在父部门中的次序值。order值小的排序靠前。
|
|
If (!empty($department_id) and !empty($department_name)) {
|
$sql="select id,vtext from dictionary where vtitle='OA_Department' and vID=".$department_id;
|
$data = sqlsrv_query($conn,$sql);
|
if($data == true){
|
if (sqlsrv_rows_affected($data)!=0) {
|
while($rs = sqlsrv_fetch_array($data) ) {
|
$ID = $rs['id'];
|
$vtext = $rs['vtext'];
|
$sql="update dictionary set vID=".$department_id.",vtext='".$department_name."',vType=".$department_parentid.",vOrder=".$department_order." where id=".$ID;
|
$UPsql = sqlsrv_query($conn,$sql);
|
$sql="update OA_User set OA_User='".$department_name."_部门',OA_Name='".$department_name."_部门' where OA_execLevel=3 and OA_User='".$vtext."_部门'";
|
$UPsql = sqlsrv_query($conn,$sql);
|
}
|
}else{
|
$sql="Insert into dictionary (vID,vtext,vType,vOrder,vtitle) values (".$department_id.",'".$department_name."',".$department_parentid.",".$department_order.",'OA_Department')";
|
$UPsql = sqlsrv_query($conn,$sql);
|
$sql="Insert into OA_User (OA_User,OA_Pass,OA_Name,OA_execLevel,OA_Power) values ('".$department_name."_部门',pwdencrypt('000000'),'".$department_name."_部门',3,'')";
|
$UPsql = sqlsrv_query($conn,$sql);
|
}
|
}
|
}
|
}
|
//新增部门事件----end
|
|
//change_contact更新部门
|
if ($ChangeType=='update_party'){
|
$department_id = $sMsgData['Id']; //部门id
|
$department_name=empty($sMsgData['Name'])!=false ? "" : $sMsgData['Name']; //部门名称
|
$department_parentid=empty($sMsgData['ParentId'])!=false ? "" : $sMsgData['ParentId']; //父亲部门id。根部门为1
|
$department_order=empty($sMsgData['Order'])!=false ? "" : $sMsgData['Order']; //在父部门中的次序值。order值小的排序靠前。
|
If (!empty($department_id) and !empty($department_name)) {
|
$sql="select id,vtext from dictionary where vtitle='OA_Department' and vID=".$department_id;
|
$data = sqlsrv_query($conn,$sql);
|
if($data == true){
|
if (sqlsrv_rows_affected($data)!=0) {
|
while($rs = sqlsrv_fetch_array($data) ) {
|
$ID = $rs['id'];
|
$vtext = $rs['vtext'];
|
$UPdate_Sql="vID=".$department_id;
|
if (!empty($department_name)) {$UPdate_Sql = $UPdate_Sql.",vtext='".$department_name."'";}
|
if (!empty($department_parentid)) {$UPdate_Sql = $UPdate_Sql.",vType=".$department_parentid;}
|
if (!empty($department_order)) {$UPdate_Sql = $UPdate_Sql.",vOrder=".$department_order;}
|
$sql="update dictionary set ".$UPdate_Sql." where id=".$ID;
|
$UPsql = sqlsrv_query($conn,$sql);
|
if (!empty($department_name)) {
|
$sql="update OA_User set OA_User='".$department_name."_部门',OA_Name='".$department_name."_部门' where OA_execLevel=3 and OA_User='".$vtext."_部门'";
|
$UPsql = sqlsrv_query($conn,$sql);
|
}
|
}
|
}
|
}
|
}
|
}
|
//更新部门事件----end
|
|
//delete_party删除部门
|
if ($ChangeType=='delete_party'){
|
$department_id = $sMsgData['Id']; //部门id
|
If (!empty($department_id)) {
|
$sql="select id,vtext from dictionary where vtitle='OA_Department' and vID=".$department_id;
|
$data = sqlsrv_query($conn,$sql);
|
if($data == true){
|
if (sqlsrv_rows_affected($data)!=0) {
|
while($rs = sqlsrv_fetch_array($data) ) {
|
$ID = $rs['id'];
|
$vtext = $rs['vtext'];
|
$sql="delete from dictionary where id=".$ID;
|
$UPsql = sqlsrv_query($conn,$sql);
|
$sql="delete from OA_User where OA_execLevel=3 and OA_User='".$vtext."_部门'";
|
$UPsql = sqlsrv_query($conn,$sql);
|
}
|
}
|
}
|
|
}
|
}
|
//删除部门----end
|
}
|
|
|
|
} else {
|
//print("ERR: " . $errCode . "\n\n");
|
$sql="insert into API_Json (method,Json) values ('contactsApiErr','".$errCode."')";
|
$UPsql = sqlsrv_query($conn,$sql);
|
//exit(-1);
|
}
|
|
exit();
|
?>
|
