用Gii工具生成的CRUD操作中,想获取指定条件的模型,可以使用CDbCriteria类的condition来指定条件,获取想要的数据。废话不说,直接上代码:
在components下自定义一个类:accessCtrl.php
<?php
/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
/**
* //如果当前登陆的是店铺管理员,则只显示该管理员对应的信息。
*/
class accessCtrl{
public function shopsmanager($criteria){
//获取当前登陆用户
$user=$_SESSION['s_manager'];
echo "user==".$user;
//获取当前店铺ID信息
$shops_id=$_SESSION['shops_id'];
//如果店铺管理员存在,显执行按条件查询显示相关信息。
if(isset($user)){
if(isset($shops_id)){
//设定条件
$criteria->condition='shops_id=:p1';
//设定参数,防SQL注入
$criteria->params=array(
':p1'=>$shops_id,
);
//返回该对象
return $criteria;
}
} else {
//不存在店铺管理员,返回false
return FALSE;
}//end if else
}//end shopsmanager()
public function accessByShopsID($criteria){
//获取当前登陆用户
$user=$_SESSION['s_manager'];
echo "user==".$user;
//获取当前店铺ID信息
$shops_id=$_SESSION['shops_id'];
//如果店铺管理员存在,显执行按条件查询显示相关信息。
if(isset($user)){
if(isset($shops_id)){
//设定条件
$criteria->condition='shops_id=:p1';
//设定参数,防SQL注入
$criteria->params=array(
':p1'=>$shops_id,
);
//返回该对象
return $criteria;
}
} else {
//不存在店铺管理员,返回false
return FALSE;
}//end if else
}//end shopsmanager()
public function accessForGoods($criteria){
//获取当前登陆用户
$user=$_SESSION['s_manager'];
echo "user==".$user;
//获取当前店铺ID信息
$shops_id=$_SESSION['shops_id'];
//如果店铺管理员存在,显执行按条件查询显示相关信息。
if(isset($user)){
if(isset($shops_id)){
//设定条件
$criteria->condition='shops_id=:p1 or shops_id=1';
//设定参数,防SQL注入
$criteria->params=array(
':p1'=>$shops_id,
);
//返回该对象
return $criteria;
}
} else {
//不存在店铺管理员,返回false
return FALSE;
}//end if else
}//end shopsmanager()
public function accessForConsignee($criteria){
//获取当前登陆用户
$user=$_SESSION['s_manager'];
echo "user==".$user;
//获取当前店铺ID信息
$shops_id=$_SESSION['shops_id'];
//$sql="select ?? from tblmembers t1,tblconsignee t2 where t1.members_id=t2.members_id and t1.shops_id='".$shops_id."'";
//如果店铺管理员存在,显执行按条件查询显示相关信息。
if(isset($user)){
if(isset($shops_id)){
//设定条件
//这里可以使用子查询
$criteria->condition="members_id in(select members_id from tbl_members where shops_id='".$shops_id."')";
//设定参数,防SQL注入
//$criteria->params=array(
// ':p1'=>$shops_id,
//);
//返回该对象
return $criteria;
}
} else {
//不存在店铺管理员,返回false
return FALSE;
}//end if else
}//end accessForConsignee()
public function accessForOrders($criteria){
//获取当前登陆用户
$user=$_SESSION['s_manager'];
echo "user==".$user;
//获取当前店铺ID信息
$shops_id=$_SESSION['shops_id'];
//$sql="select ?? from tblmembers t1,tblconsignee t2 where t1.members_id=t2.members_id and t1.shops_id='".$shops_id."'";
//如果店铺管理员存在,显执行按条件查询显示相关信息。
if(isset($user)){
if(isset($shops_id)){
//设定条件
//这里可以使用子查询
$criteria->condition="members_id in(select members_id from tbl_members where shops_id='".$shops_id."')";
//设定参数,防SQL注入
//$criteria->params=array(
// ':p1'=>$shops_id,
//);
//返回该对象
return $criteria;
}
} else {
//不存在店铺管理员,返回false
return FALSE;
}//end if else
}//end accessForConsignee()
public function accessForOrderDetial($criteria){
//获取当前登陆用户
$user=$_SESSION['s_manager'];
echo "user==".$user;
//获取当前店铺ID信息
$shops_id=$_SESSION['shops_id'];
//$sql="select ?? from tblmembers t1,tblconsignee t2 where t1.members_id=t2.members_id and t1.shops_id='".$shops_id."'";
//如果店铺管理员存在,显执行按条件查询显示相关信息。
if(isset($user)){
if(isset($shops_id)){
//设定条件
//这里可以使用子查询
$criteria->condition="orders_id in(select orders_id from tbl_members t1,tbl_orders t2 where t1.members_id=t2.members_id and t1.shops_id='".$shops_id."')";
//设定参数,防SQL注入
//$criteria->params=array(
// ':p1'=>$shops_id,
//);
//返回该对象
return $criteria;
}
} else {
//不存在店铺管理员,返回false
return FALSE;
}//end if else
}//end accessForOrderDetial()
}
//调用方法说明:shopsmanager($criteria)
//把下面的代码复制对要控制的数据模型下面的search()方法里面。位置为$criteria=new CDbCriteria;后面。
/**
*按照特定的条件显示数据表的内容
*/
//创建访问控制对象,该类在components组件文件夹下accessCtrl,该类是自定义的by ping
//$accessCtrl=new accessCtrl();
//把上面得到的criteria对象传递到shopmanager方法,得到返回结果
//if($temp=$accessCtrl->shopsmanager($criteria)){
//$criteria=$temp;
//}
//END:按照特定的条件显示数据表的内容
?>
模型文件:
<?php
/**
* This is the model class for table "tbl_order_detial".
*
* The followings are the available columns in table 'tbl_order_detial':
* @property string $detial_id
* @property string $orders_id
* @property string $goods_id
* @property string $goods_name
* @property string $goods_sn
* @property string $goods_number
* @property string $market_price
* @property string $shop_price
* @property string $promote_price
* @property string $final_price
*/
class TblOrderDetial extends CActiveRecord
{
/**
* @return string the associated database table name
*/
public function tableName()
{
return 'tbl_order_detial';
}
/**
* @return array validation rules for model attributes.
*/
public function rules()
{
// NOTE: you should only define rules for those attributes that
// will receive user inputs.
return array(
array('orders_id, goods_id, goods_number, market_price, shop_price, promote_price, final_price', 'length', 'max'=>8),
array('goods_name', 'length', 'max'=>32),
array('goods_sn', 'length', 'max'=>16),
// The following rule is used by search().
// @todo Please remove those attributes that should not be searched.
array('detial_id, orders_id, goods_id, goods_name, goods_sn, goods_number, market_price, shop_price, promote_price, final_price', 'safe', 'on'=>'search'),
);
}
/**
* @return array relational rules.
*/
public function relations()
{
// NOTE: you may need to adjust the relation name and the related
// class name for the relations automatically generated below.
return array(
);
}
/**
* @return array customized attribute labels (name=>label)
*/
public function attributeLabels()
{
return array(
'detial_id' => '订单明细ID',
'orders_id' => '订单ID',
'goods_id' => '商品ID',
'goods_name' => '商品名称',
'goods_sn' => '商品编号',
'goods_number' => '商品数量',
'market_price' => '市场价',
'shop_price' => '本店价',
'promote_price' => '促销价',
'final_price' => '最终售价',
);
}
/**
* Retrieves a list of models based on the current search/filter conditions.
*
* Typical usecase:
* - Initialize the model fields with values from filter form.
* - Execute this method to get CActiveDataProvider instance which will filter
* models according to data in model fields.
* - Pass data provider to CGridView, CListView or any similar widget.
*
* @return CActiveDataProvider the data provider that can return the models
* based on the search/filter conditions.
*/
public function search()
{
// @todo Please modify the following code to remove attributes that should not be searched.
$criteria=new CDbCriteria;
/**
*按照特定的条件显示数据表的内容
*/
//创建访问控制对象,该类在components组件文件夹下accessCtrl,该类是自定义的by ping
$accessCtrl=new accessCtrl();
//把上面得到的criteria对象传递到shopmanager方法,得到返回结果
if($temp=$accessCtrl->accessForOrderDetial($criteria)){
$criteria=$temp;
}
//END:按照特定的条件显示数据表的内容
$criteria->compare('detial_id',$this->detial_id,true);
$criteria->compare('orders_id',$this->orders_id,true);
$criteria->compare('goods_id',$this->goods_id,true);
$criteria->compare('goods_name',$this->goods_name,true);
$criteria->compare('goods_sn',$this->goods_sn,true);
$criteria->compare('goods_number',$this->goods_number,true);
$criteria->compare('market_price',$this->market_price,true);
$criteria->compare('shop_price',$this->shop_price,true);
$criteria->compare('promote_price',$this->promote_price,true);
$criteria->compare('final_price',$this->final_price,true);
return new CActiveDataProvider($this, array(
'criteria'=>$criteria,
));
}
/**
* Returns the static model of the specified AR class.
* Please note that you should have this exact method in all your CActiveRecord descendants!
* @param string $className active record class name.
* @return TblOrderDetial the static model class
*/
public static function model($className=__CLASS__)
{
return parent::model($className);
}
}
登陆时,设置SESSION
<?php
/**
* 后台管理员登录控制器
* 13-5-8 下午9:03
*/
class ShopsManagerController extends Controller{
/**
* @return array action filters
*/
public function filters()
{
return array(
'accessControl', // perform access control for CRUD operations
'postOnly + delete', // we only allow deletion via POST request
);
}
/**
* Specifies the access control rules.
* This method is used by the 'accessControl' filter.
* @return array access control rules
*/
public function accessRules()
{
return array(
array('allow', // allow all users to perform 'index' and 'view' actions
'actions'=>array('Index','Head','Left','Right'),
'users'=>array('admin','@'),
),
array('allow', // allow all users to perform 'index' and 'view' actions
'actions'=>array('login','logout'),
'users'=>array('*'),
),
array('deny', // deny all users
'users'=>array('*'),
),
);
}
public function actionIndex()
{
$this->renderPartial('index');
}
public function actionHead()
{
$this->renderPartial('head');
}
public function actionLeft()
{
$this->renderPartial('left');
}
public function actionRight()
{
$this->renderPartial('right');
}
/*
* 实现用户登录
*/
function actionLogin(){
$smlogin_model = new smLoginForm();
if(isset($_POST['smLoginForm'])){
$smlogin_model->attributes = $_POST['smLoginForm'];
//用户名和密码(包括真实性)判断validate,持久化session信息login
if($smlogin_model->validate() && $smlogin_model->login()){
//把该店长对应的店铺的ID号保存到session中
$_SESSION['s_manager']= Yii::app()->user->getName();
$_SESSION['shops_id']= $this->getshopsid();
$this->redirect('./index.php?r=admin/ShopsManager/index');
}
}
//调用模板
$this ->renderPartial('login',array('smlogin_model'=>$smlogin_model));
}
/*
* 管理员退出系统
*/
function actionLogout(){
//删除session变量
Yii::app()->session->clear();
//删除服务器session信息
Yii::app()->session->destroy();
//页面重定向到登录页面
$this -> redirect('./index.php?r=admin/ShopsManager/login');
}
private function getshopsid(){
$manager_sn=Yii::app()->user->getId();
$temp= TblShopManager::model()->findByAttributes(array('manager_sn'=>$manager_sn))->attributes;
$shops_id=$temp['shops_id'];
return $shops_id;
}
}