参数验证

daef1dd1 · wangxinghua · 6ce439b8 · daef1dd1 · daef1dd1
Commit daef1dd1 authored Aug 11, 2020 by wangxinghua
Hide whitespace changes
Inline Side-by-side

Showing with 53 additions and 2 deletions

TestSoapController.class.php Application/Home/Controller/TestSoapController.class.php +6 -2

Bdyx.class.php ThinkPHP/Library/Vendor/Bdyx.class.php +47 -0

No files found.
--- a/Application/Home/Controller/TestSoapController.class.php
+++ b/Application/Home/Controller/TestSoapController.class.php
@@ -4,13 +4,18 @@ use \Think\Controller;
 ini_set('soap.wsdl_cache_enabled','0');//关闭缓存
 class TestSoapController extends Controller {
    private $url = 'http://127.0.0.1:8080/project/SSHis/index.php/Home/CreateSoap/index?wsdl';
+    //private $url = 'http://222.128.103.58:11288/SSHis/index.php/Home/CreateSoap/index?wsdl';
    public function index()
    {
        $params = array();
        $params['userName'] = '10002';
        $params['password'] = '123456';
        $params['businessType'] = 'YYT_QRY_CLINIC_DEPT';
-        $params['requestData'] = "<?xml version=\"1.0\" encoding=\"gb2312\"?><root><commitdata><data><datarow  start_date=\"\" end_date=\"\" gh_flag=\"\" class_code=\"%\" \/><\/data><\/commitdata><returndata\/><operateinfo><info method=\"YYT_QRY_CLINIC_DEPT\" opt_id=\" opt_name=\"\" opt_ip=\"\" opt_date=\"".date('Y-m-d')."\" guid=\"1590743721019\" token=\"AUTO-YYRMYY-20200529\"  \/><\/operateinfo><result><info \/><\/result><\/root>";
+        $params['requestData'] = "<?xml version=\"1.0\" encoding=\"gb2312\"?><root><commitdata><data><datarow start_date=\"\" end_date=\"\" gh_flag=\"\" class_code=\"%\" /></data></commitdata><returndata/><operateinfo><info method=\"YYT_QRY_CLINIC_DEPT\" opt_id=\"\" opt_name=\"\" opt_ip=\"\" opt_date=\"".date('Y-m-d')."\" guid=\"1590743721019\" token=\"AUTO-YYRMYY-20200529\"  /></operateinfo><result><info /></result></root>";
+        import('Vendor.Bdyx');
+        $Bdyx = new \Bdyx();
+        //echo $Bdyx->FounderRequestData(json_encode($params));
+        //exit;
        try
        {
@@ -21,7 +26,6 @@ class TestSoapController extends Controller {
                //$out = $soap->FounderRequestData(json_encode($params));
                //这里模拟需要转成json，注意即可
                $out = $soap->FounderRequestData(json_encode($params));
                $out = htmlspecialchars_decode($out);
                $out = str_replace(array('gb2312', 'UTF-16'),array('utf8', 'utf8'),$out);
                $out = simplexml_load_string($out);

--- a/ThinkPHP/Library/Vendor/Bdyx.class.php
+++ b/ThinkPHP/Library/Vendor/Bdyx.class.php
@@ -36,10 +36,57 @@ class Bdyx
 			return $this->error_xml('参数password不正确');
 		}
 		$function = $in['businessType'];
+        $in['requestData'] = htmlspecialchars_decode($in['requestData']);
+        $in['requestData'] = str_replace(array('gb2312', 'UTF-16'),array('utf8', 'utf8'),$in['requestData']);
+		$requestData = simplexml_load_string($in['requestData']);
+		if(!$requestData)
+		{
+			return $this->error_xml('参数requestData不是合法的xml');
+		}
+		//验证参数
+		$data = (array)$requestData->commitdata->data;
+		if(!is_array($data['datarow']))
+		{
+			$data['datarow'] = (array)$data['datarow'];
+			foreach ($data['datarow']['@attributes'] as $k => $v)
+			{
+				if($v == "")
+				{
+					return $this->error_xml('参数'.$k.'不能为空');
+				}
+			}
+		}
+		else
+		{
+			foreach($data['datarow'] as $dr)
+			{
+				$drr = (array)$dr->attributes();
+				foreach ($drr['@attributes'] as $k => $v)
+				{
+					if($v == "")
+					{
+						return $this->error_xml('参数'.$k.'不能为空');
+					}
+				}
+			}
+		}
+		$info = (array)$requestData->operateinfo->info;
+		foreach ($info['@attributes'] as $k => $v)
+		{
+			if($v == "")
+			{
+				return $this->error_xml('参数'.$k.'不能为空');
+			}
+		}
+		//调用具体业务方法
 		if(method_exists($this, $function))
 			return $this->$function($in['requestData']);
 		else
 			return $this->error_xml('找不到'.$in['requestData'].'业务方法');
 	}
 	//患者信息
 	private function YYT_QRY_PATI($in)