package cn.cerc.mis.sms;

import cn.cerc.core.TDateTime;
import cn.cerc.db.mysql.SqlQuery;
import cn.cerc.mis.core.AbstractForm;
import cn.cerc.mis.core.AbstractHandle;
import cn.cerc.mis.core.AbstractJspPage;
import cn.cerc.mis.core.Application;
import cn.cerc.mis.core.DataValidateException;
import cn.cerc.mis.core.IForm;
import cn.cerc.mis.core.ISystemTable;
import cn.cerc.mis.language.R;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:cn/cerc/mis/sms/SecurityEnvironment.class */
public class SecurityEnvironment {
    private static final Logger log = LoggerFactory.getLogger(SecurityEnvironment.class);

    public boolean check(AbstractJspPage abstractJspPage) {
        AbstractForm abstractForm = (AbstractForm) abstractJspPage.getForm();
        boolean isSecurity = isSecurity(abstractForm);
        if (abstractForm.getRequest().getParameter("checkSecurity") != null) {
            try {
                safetyCheck(abstractForm);
                isSecurity = true;
            } catch (DataValidateException e) {
                abstractJspPage.add("message", e.getMessage());
                isSecurity = false;
            }
        }
        if (isSecurity) {
            abstractJspPage.add("securityEnvironment", true);
        } else {
            abstractJspPage.setJspFile("common/SecurityVerify.jsp");
        }
        return isSecurity;
    }

    public boolean backCheck(AbstractJspPage abstractJspPage) {
        AbstractForm abstractForm = (AbstractForm) abstractJspPage.getForm();
        boolean isSecurity = isSecurity(abstractForm);
        if (abstractForm.getRequest().getParameter("checkSecurity") != null) {
            try {
                safetyCheck(abstractForm);
                isSecurity = true;
            } catch (DataValidateException e) {
                abstractJspPage.add("message", e.getMessage());
                isSecurity = false;
            }
        }
        if (isSecurity) {
            abstractJspPage.add("securityEnvironment", true);
        } else {
            abstractJspPage.setJspFile("common/SecurityVerify-back.jsp");
        }
        return isSecurity;
    }

    private boolean isSecurity(AbstractForm abstractForm) {
        String str = RemoteIP.get(abstractForm);
        String id = abstractForm.getClient().getId();
        log.debug(String.format("ip: %s, clientId:%s, userId: %s", str, id, abstractForm.getHandle().getUserCode()));
        String userSecuirtyMobile = getUserSecuirtyMobile(abstractForm);
        if ("".equals(userSecuirtyMobile)) {
            return false;
        }
        ISystemTable iSystemTable = (ISystemTable) Application.getBean("systemTable", ISystemTable.class);
        SqlQuery sqlQuery = new SqlQuery(abstractForm.getHandle());
        sqlQuery.add("select * from %s", new Object[]{iSystemTable.getSecurityMobile()});
        sqlQuery.add("where mobile_='%s'", new Object[]{userSecuirtyMobile});
        sqlQuery.open();
        return !sqlQuery.eof() && id.equals(sqlQuery.getString("clientId_")) && str.equals(sqlQuery.getString("remoteIP_"));
    }

    public void check(AbstractHandle abstractHandle) throws DataValidateException {
        if (!(abstractHandle.getHandle() instanceof AbstractForm)) {
            log.error("程序调用错误，需要修正！");
            DataValidateException.stopRun(R.asString(abstractHandle, "程序调用错误，需要修正！"), true);
        }
        AbstractForm abstractForm = (AbstractForm) abstractHandle.getHandle();
        if (isSecurity(abstractForm)) {
            return;
        }
        safetyCheck(abstractForm);
    }

    private void safetyCheck(AbstractForm abstractForm) throws DataValidateException {
        if (abstractForm.getRequest().getParameter("securityCode") == null) {
            DataValidateException.stopRun(R.asString(abstractForm, "关键操作，请输入安全手机的验证码"), true);
        }
        PhoneVerify phoneVerify = new PhoneVerify(abstractForm);
        phoneVerify.init();
        String mobile = phoneVerify.getMobile();
        switch (phoneVerify.checkVerify(r0)) {
            case PASS:
                if ("".equals(mobile)) {
                    return;
                }
                updateSecurityRecord(mobile, abstractForm, false);
                return;
            case DIFFERENCE:
                if (!"".equals(mobile)) {
                    updateSecurityRecord(mobile, abstractForm, true);
                }
                DataValidateException.stopRun(R.asString(abstractForm, "验证码输入有误，请检查"), true);
                return;
            case ERROR:
                DataValidateException.stopRun(phoneVerify.getMessage(), true);
                return;
            default:
                return;
        }
    }

    public void updateSecurityRecord(String str, AbstractForm abstractForm, boolean z) {
        if ("".equals(str)) {
            return;
        }
        ISystemTable iSystemTable = (ISystemTable) Application.getBean("systemTable", ISystemTable.class);
        if (!str.startsWith("+")) {
            SqlQuery sqlQuery = new SqlQuery(abstractForm.getHandle());
            sqlQuery.add("select countryCode_ from %s", new Object[]{iSystemTable.getUserInfo()});
            sqlQuery.add("where mobile_='%s'", new Object[]{str});
            sqlQuery.open();
            if (sqlQuery.eof()) {
                return;
            } else {
                str = sqlQuery.getString("countryCode_") + str;
            }
        }
        SqlQuery sqlQuery2 = new SqlQuery(abstractForm.getHandle());
        sqlQuery2.add("select * from %s", new Object[]{iSystemTable.getSecurityMobile()});
        sqlQuery2.add("where mobile_='%s'", new Object[]{str});
        sqlQuery2.open();
        if (!sqlQuery2.eof()) {
            sqlQuery2.edit();
            if (z) {
                sqlQuery2.setField("errorCount_", sqlQuery2.getInt("errorCount_") + 1);
            } else {
                sqlQuery2.setField("clientId_", abstractForm.getClient().getId());
                sqlQuery2.setField("remoteIP_", RemoteIP.get(abstractForm));
                sqlQuery2.setField("updateUser_", abstractForm.getHandle().getUserCode());
            }
            sqlQuery2.setField("updateDate_", TDateTime.Now());
            sqlQuery2.post();
            return;
        }
        if (z) {
            return;
        }
        sqlQuery2.append();
        sqlQuery2.setField("mobile_", str);
        sqlQuery2.setField("clientId_", abstractForm.getClient().getId());
        sqlQuery2.setField("remoteIP_", RemoteIP.get(abstractForm));
        sqlQuery2.setField("errorCount_", 0);
        sqlQuery2.setField("userMax_", 20);
        sqlQuery2.setField("userCount_", 1);
        sqlQuery2.setField("updateUser_", abstractForm.getHandle().getUserCode());
        sqlQuery2.setField("updateDate_", TDateTime.Now());
        sqlQuery2.setField("createUser_", abstractForm.getHandle().getUserCode());
        sqlQuery2.setField("createDate_", TDateTime.Now());
        sqlQuery2.post();
    }

    public String getUserSecuirtyMobile(IForm iForm) {
        ISystemTable iSystemTable = (ISystemTable) Application.getBean("systemTable", ISystemTable.class);
        SqlQuery sqlQuery = new SqlQuery(iForm.getHandle());
        sqlQuery.add("SELECT mobile_,securityMobile_,countryCode_ FROM %s", new Object[]{iSystemTable.getUserInfo()});
        sqlQuery.add("WHERE id_='%s'", new Object[]{iForm.getHandle().getUserCode()});
        sqlQuery.open();
        if (!sqlQuery.eof()) {
            return !"".equals(sqlQuery.getString("securityMobile_")) ? sqlQuery.getString("securityMobile_") : sqlQuery.getString("countryCode_") + sqlQuery.getString("mobile_");
        }
        log.error(String.format("userCode %s 找不到", iForm.getHandle().getUserCode()));
        return "";
    }
}
