преди 11 месеца · ca358b3a09
--- a/main_new_version.php
+++ b/main_new_version.php
@@ -845,7 +845,7 @@ switch ($action) {
 
				         $rootPath = realpath(dirname(__FILE__)) . DS;
			
 
				         //common::download_file($rootPath."images\ACE-M1_ISF_ACI_User_Guide\ACE-M1_ISF_ACI_User_Guide.pdf", "ACE-M1_ISF_ACI_User_Guide_V2.0.pdf");
			
 
				         // PDF文件在服务器上的位置
			
 
				-        $filename = $rootPath."userFile\KLN_Online_User_Guide_24.11.26.pdf";
			
 
				+        $filename = $rootPath."userFile". DS."KLN_Online_User_Guide_24.11.26.pdf";
			
 
				         $display_name = "KLN_Online_User_Guide_24_11_26.pdf";
			
 
				         // Header content type
			
 
				         header("Content-type: application/pdf");
			
--- a/service/login.class.php
+++ b/service/login.class.php
@@ -430,6 +430,15 @@ class login {
 
				                            header("Location: main.php?action=main");
			
 
				                         }
			
 
				                     }
			
 
				+                    //处理登录成功后的记录保存
			
 
				+                    //$user_type,$user_name,$page,$operation,$operation_detail
			
 
				+                    $user_type = _isCustomerLogin() ? "Customer" : "Employee";
			
 
				+                    $user_name = _getLoginName();
			
 
				+                    $detail = 'System Account';
			
 
				+                    if(isset($_POST['token']) && !empty($_POST['token'])){
			
 
				+                        $detail = 'From Apex Online';
			
 
				+                    }
			
 
				+                    utils::single_operation_log_save($user_type,$user_name,"Login","Login",$detail);
			
 
				                     exit();
			
 
				                 } else {
			
 
				                     $data = array(
			
@@ -1150,8 +1159,8 @@ class login {
 
				             $reference_number_lower = strtolower($reference_number);
			
 
				             $online_ocean_sql = "select serial_no,order_from from online_ocean 
			
 
				                 where ((ARRAY['$reference_number_lower'] && array_append(ARRAY[lower(booking_no::text), lower(h_bol::text), lower(m_bol), lower(carrier_booking), lower(quote_no), lower(tracking_no)]||string_to_array(lower(ctnrs),','), ''::text))
			
 
				-                    or po_no ilike '%$reference_number%'
			
 
				-                    or invoice_no ilike '%$reference_number%')";
			
 
				+                    or lower(po_no) like '%$reference_number_lower%'
			
 
				+                    or lower(invoice_no) like '%$reference_number_lower%')";
			
 
				             $online_ocean_arr = common::excuteListSql($online_ocean_sql);        
			
 
				             if(empty($online_ocean_arr)){
			
 
				                 $data = array("msg" =>"No matches");
			
@@ -1168,7 +1177,8 @@ class login {
 
				             } else {
			
 
				                 $detail = "Public tracking number:".$reference_number."; search fail(".$data['msg'].")";
			
 
				             }
			
 
				-            utils::single_operation_log_save("Tracking","Public tracking",$detail);
			
 
				+            $user_name = common::ip();
			
 
				+            utils::single_operation_log_save("Customer",$user_name,"Tracking","Public tracking",$detail);
			
 
				             exit();
			
 
				         }
			
 
				     }
			
--- a/service/ocean_booking.class.php
+++ b/service/ocean_booking.class.php
@@ -152,7 +152,7 @@ class ocean_booking {
 
				             $more_param = common::getInNotInSqlForSearch(strtolower(implode(';',$textSearch_arr)));
			
 
				             //$sqlWhere .= " and (ARRAY[$more_param] && array_append(array[lower(booking_no)::text,lower(h_bol)::text, lower(po_no),lower(carrier_booking)],''))"; 
			
 
				             $sqlWhere .= " and ((ARRAY[$more_param] && array_append(array[lower(booking_no)::text,lower(h_bol)::text, lower(po_no),lower(carrier_booking)],''))
			
 
				-                or po_no ilike '%" . common::check_input($_POST["_textSearch"]) . "%')"; 
			
 
				+                or lower(po_no) like '%" . strtolower(common::check_input($_POST["_textSearch"])) . "%')"; 
			
 
				         } 
			
 
				         //为了移除filterTag条件
			
 
				         $sqlWhere_befrom_filterTag  = $sqlWhere;
			
--- a/service/ocean_order.class.php
+++ b/service/ocean_order.class.php
@@ -407,8 +407,8 @@ class ocean_order {
 
				             // or text_search @@ (str_to_tsquery('" . common::check_input($_POST["_textSearch"]) . "'))
			
 
				             //$sqlWhere .= " and (ARRAY[$more_param] && array_append(array[lower(booking_no)::text,lower(h_bol)::text, lower(po_no),lower(carrier_booking),lower(tracking_no)],''))";
			
 
				             $sqlWhere .= " and ((ARRAY[$more_param] && array_append(ARRAY[lower(booking_no::text), lower(h_bol::text), lower(m_bol), lower(carrier_booking), lower(quote_no), lower(tracking_no)]||string_to_array(lower(ctnrs),','), ''::text))
			
 
				-                or po_no ilike '%" . common::check_input($_POST["_textSearch"]) . "%'
			
 
				-                or invoice_no ilike '%" . common::check_input($_POST["_textSearch"]) . "%')";
			
 
				+                or lower(po_no) like '%" . strtolower(common::check_input($_POST["_textSearch"])) . "%'
			
 
				+                or lower(invoice_no) like '%" . strtolower(common::check_input($_POST["_textSearch"])) . "%')";
			
 
				         }
			
 
				         //移除filterTag
			
 
				         $sqlWhere_befrom_filterTag  = $sqlWhere;
			
--- a/utils/utils.class.php
+++ b/utils/utils.class.php
@@ -355,6 +355,7 @@ class utils {
 
				             || empty($_REQUEST["operate"])
			
 
				             || ($_REQUEST["action"] == "login" && $_REQUEST["operate"] == "verifcation_code")
			
 
				             || ($_REQUEST["action"] == "login" && $_REQUEST["operate"] == "check_uname")
			
 
				+            || ($_REQUEST["action"] == "login" && $_REQUEST["operate"] == "do_login")
			
 
				             || ($_REQUEST["action"] == "ocean_order" && $_REQUEST["operate"] == "setting_ocean_order_display")
			
 
				             || ($_REQUEST["action"] == "ocean_booking" && $_REQUEST["operate"] == "setting_display")){
			
 
				             return;
			
@@ -365,6 +366,7 @@ class utils {
 
				             $user_type = "Customer";
			
 
				             $user_name = common::ip();
			
 
				         } elseif($_REQUEST["action"] == "login" && $_REQUEST["operate"] == "do_login"){
			
 
				+            //移除do_login 因为在登录的过程中，是没有用户信息的
			
 
				             $user_name = $_REQUEST["uname"];
			
 
				         } else{
			
 
				             $user_name = _getLoginName();
			
@@ -420,7 +422,10 @@ class utils {
 
				 
			
 
				     public static function analyzeOperationDetail($action,$operate){
			
 
				         if($action == "login" && $operate == "do_login"){
			
 
				-            $detail = 'System account';
			
 
				+            $detail = 'System Account';
			
 
				+            if($_REQUEST['token']){
			
 
				+                $detail = 'From Apex Online';
			
 
				+            }
			
 
				         }
			
 
				         if($action == "login" && $operate == "logout"){
			
 
				             $detail = 'User Logout';
			
@@ -522,9 +527,7 @@ class utils {
 
				     }
			
 
				 
			
 
				     //只记录Public tracking
			
 
				-    public static function single_operation_log_save($page,$operation,$operation_detail){
			
 
				-        $user_type ="Customer";
			
 
				-        $user_name = common::ip();
			
 
				+    public static function single_operation_log_save($user_type,$user_name,$page,$operation,$operation_detail){
			
 
				         $sql = "INSERT INTO public.customer_service_operation_log(user_type, user_name, page, operation, operation_detail, 
			
 
				         operation_time) 
			
 
				         VALUES ('$user_type', '$user_name', '$page', '$operation', '$operation_detail', now())";