diff --git a/app/appfront/modules/Payment/block/paypal/express/Placeorder.php b/app/appfront/modules/Payment/block/paypal/express/Placeorder.php
index 4cebc4d94c1b6bda33c81c7869d55fd3d0e6736b..42c19f24c45090be1d86a1818c5a2ccb25554268 100644
--- a/app/appfront/modules/Payment/block/paypal/express/Placeorder.php
+++ b/app/appfront/modules/Payment/block/paypal/express/Placeorder.php
@@ -31,7 +31,10 @@ class Placeorder
* 用户的支付方式.
*/
public $_payment_method;
-
+ /**
+ * 订单备注信息.
+ */
+ public $_order_remark;
public function getLastData()
{
$post = Yii::$app->request->post();
@@ -59,7 +62,7 @@ class Placeorder
// 将购物车数据,生成订单,生成订单后,不清空购物车,不扣除库存,在支付成功后在清空购物车。
$innerTransaction = Yii::$app->db->beginTransaction();
try {
- $genarateStatus = Yii::$service->order->generateOrderByCart($this->_billing, $this->_shipping_method, $this->_payment_method, false,$token);
+ $genarateStatus = Yii::$service->order->generateOrderByCart($this->_billing, $this->_shipping_method, $this->_payment_method, false, $token, $this->_order_remark);
if ($genarateStatus) {
$innerTransaction->commit();
} else {
@@ -223,7 +226,20 @@ class Placeorder
return false;
}
}
-
+ // 订单备注信息不能超过1500字符
+ $orderRemarkStrMaxLen = Yii::$service->order->orderRemarkStrMaxLen;
+ $order_remark = isset($post['order_remark']) ? $post['order_remark'] : '';
+ if ($order_remark && $orderRemarkStrMaxLen) {
+ $order_remark_strlen = strlen($order_remark);
+ if ($order_remark_strlen > $orderRemarkStrMaxLen) {
+ Yii::$service->helper->errors->add('order remark string length can not gt '.$orderRemarkStrMaxLen);
+
+ return false;
+ } else {
+ // 去掉xss攻击字符,关于防止xss攻击的yii文档参看:http://www.yiichina.com/doc/guide/2.0/security-best-practices#fang-zhi-xss-gong-ji
+ $this->_order_remark = $order_remark;
+ }
+ }
$this->_shipping_method = $shipping_method;
$this->_payment_method = $payment_method;
Yii::$service->payment->setPaymentMethod($this->_payment_method);
diff --git a/app/appfront/theme/base/front/payment/paypal/express/review.php b/app/appfront/theme/base/front/payment/paypal/express/review.php
index 267f8f8bd88677eb0a91a381564a8ced80f23fc8..83ef95f6b927f68cff1ba4a230123dfb07523b68 100644
--- a/app/appfront/theme/base/front/payment/paypal/express/review.php
+++ b/app/appfront/theme/base/front/payment/paypal/express/review.php
@@ -66,6 +66,11 @@
+
+
= Yii::$service->page->translate->__('Order Remark (optional)');?>
+
+
+
diff --git a/app/apphtml5/modules/Payment/block/paypal/express/Placeorder.php b/app/apphtml5/modules/Payment/block/paypal/express/Placeorder.php
index 907a832c5ec2ab82d8c85e2b70c0f85ce38ae635..798b4be41fd3bcefe1a26547c12014e31ba971ff 100644
--- a/app/apphtml5/modules/Payment/block/paypal/express/Placeorder.php
+++ b/app/apphtml5/modules/Payment/block/paypal/express/Placeorder.php
@@ -31,7 +31,10 @@ class Placeorder
* 用户的支付方式.
*/
public $_payment_method;
-
+ /**
+ * 订单备注信息.
+ */
+ public $_order_remark;
public function getLastData()
{
$post = Yii::$app->request->post();
@@ -59,7 +62,7 @@ class Placeorder
// 将购物车数据,生成订单,生成订单后,不清空购物车,不扣除库存,在支付成功后在清空购物车。
$innerTransaction = Yii::$app->db->beginTransaction();
try {
- $genarateStatus = Yii::$service->order->generateOrderByCart($this->_billing, $this->_shipping_method, $this->_payment_method, false,$token);
+ $genarateStatus = Yii::$service->order->generateOrderByCart($this->_billing, $this->_shipping_method, $this->_payment_method, false, $token, $this->_order_remark);
if ($genarateStatus) {
$innerTransaction->commit();
} else {
@@ -223,7 +226,20 @@ class Placeorder
return false;
}
}
-
+ // 订单备注信息不能超过1500字符
+ $orderRemarkStrMaxLen = Yii::$service->order->orderRemarkStrMaxLen;
+ $order_remark = isset($post['order_remark']) ? $post['order_remark'] : '';
+ if ($order_remark && $orderRemarkStrMaxLen) {
+ $order_remark_strlen = strlen($order_remark);
+ if ($order_remark_strlen > $orderRemarkStrMaxLen) {
+ Yii::$service->helper->errors->add('order remark string length can not gt '.$orderRemarkStrMaxLen);
+
+ return false;
+ } else {
+ // 去掉xss攻击字符,关于防止xss攻击的yii文档参看:http://www.yiichina.com/doc/guide/2.0/security-best-practices#fang-zhi-xss-gong-ji
+ $this->_order_remark = $order_remark;
+ }
+ }
$this->_shipping_method = $shipping_method;
$this->_payment_method = $payment_method;
Yii::$service->payment->setPaymentMethod($this->_payment_method);
diff --git a/app/apphtml5/theme/base/html5/checkout/onepage/index/review_order.php b/app/apphtml5/theme/base/html5/checkout/onepage/index/review_order.php
index 5167893d4d13baee245223496d55ea27b46a3c4c..6d568595768b1a5de1bb60863693b30021d81b64 100644
--- a/app/apphtml5/theme/base/html5/checkout/onepage/index/review_order.php
+++ b/app/apphtml5/theme/base/html5/checkout/onepage/index/review_order.php
@@ -60,25 +60,25 @@ use fecshop\app\apphtml5\helper\Format;
- = Yii::$service->page->translate->__('Subtotal') ?> |
+ = Yii::$service->page->translate->__('Subtotal') ?> |
= $currency_info['symbol']; ?>= Format::price($cart_info['product_total']); ?>
|
- = Yii::$service->page->translate->__('Shipping Cost') ?> |
+ = Yii::$service->page->translate->__('Shipping Cost') ?> |
= $currency_info['symbol']; ?>= Format::price($cart_info['shipping_cost']); ?>
|
- = Yii::$service->page->translate->__('Discount') ?> |
+ = Yii::$service->page->translate->__('Discount') ?> |
-= $currency_info['symbol']; ?>= Format::price($cart_info['coupon_cost']); ?>
|
- = Yii::$service->page->translate->__('Grand Total') ?> |
+ = Yii::$service->page->translate->__('Grand Total') ?> |
= $currency_info['symbol']; ?>= Format::price($cart_info['grand_total']) ?>
|
diff --git a/app/apphtml5/theme/base/html5/payment/paypal/express/review.php b/app/apphtml5/theme/base/html5/payment/paypal/express/review.php
index a25f7b22e121428f6450baaca9ced3b6dc1b3e04..362058d17af0103dc728c193fe13bb88dcee47d1 100644
--- a/app/apphtml5/theme/base/html5/payment/paypal/express/review.php
+++ b/app/apphtml5/theme/base/html5/payment/paypal/express/review.php
@@ -65,7 +65,11 @@
-
+
+
= Yii::$service->page->translate->__('Order Remark (optional)');?>
+
+
+
diff --git a/app/apphtml5/theme/base/html5/payment/paypal/express/review/review_order.php b/app/apphtml5/theme/base/html5/payment/paypal/express/review/review_order.php
index 51488ae40451265527727a77c8bc70452a4f13f5..b7d9a290957120c41a95cc8d3304b3fac1f8019a 100644
--- a/app/apphtml5/theme/base/html5/payment/paypal/express/review/review_order.php
+++ b/app/apphtml5/theme/base/html5/payment/paypal/express/review/review_order.php
@@ -61,25 +61,25 @@ use fecshop\app\apphtml5\helper\Format;
- = Yii::$service->page->translate->__('Subtotal') ?> |
+ = Yii::$service->page->translate->__('Subtotal') ?> |
= $currency_info['symbol']; ?>= Format::price($cart_info['product_total']); ?>
|
- = Yii::$service->page->translate->__('Shipping Cost') ?> |
+ = Yii::$service->page->translate->__('Shipping Cost') ?> |
= $currency_info['symbol']; ?>= Format::price($cart_info['shipping_cost']); ?>
|
- = Yii::$service->page->translate->__('Discount') ?> |
+ = Yii::$service->page->translate->__('Discount') ?> |
-= $currency_info['symbol']; ?>= Format::price($cart_info['coupon_cost']); ?>
|
- = Yii::$service->page->translate->__('Grand Total') ?> |
+ = Yii::$service->page->translate->__('Grand Total') ?> |
= $currency_info['symbol']; ?>= Format::price($cart_info['grand_total']) ?>
|
diff --git a/app/appserver/modules/Payment/block/paypal/express/Placeorder.php b/app/appserver/modules/Payment/block/paypal/express/Placeorder.php
index 2e7f1397e74bc02b4afd43f2b2d0b01633582363..4a8a2dbc2632a847bff788b46816a444cd08daa6 100644
--- a/app/appserver/modules/Payment/block/paypal/express/Placeorder.php
+++ b/app/appserver/modules/Payment/block/paypal/express/Placeorder.php
@@ -31,7 +31,9 @@ class Placeorder
* 用户的支付方式.
*/
public $_payment_method;
-
+
+ public $_order_remark;
+
public function getLastData()
{
$post = Yii::$app->request->post();
@@ -66,7 +68,7 @@ class Placeorder
// 将购物车数据,生成订单,生成订单后,不清空购物车,不扣除库存,在支付成功后在清空购物车。
$innerTransaction = Yii::$app->db->beginTransaction();
try {
- $genarateStatus = Yii::$service->order->generateOrderByCart($this->_billing, $this->_shipping_method, $this->_payment_method, false,$token);
+ $genarateStatus = Yii::$service->order->generateOrderByCart($this->_billing, $this->_shipping_method, $this->_payment_method, false, $token, $this->_order_remark);
if ($genarateStatus) {
$innerTransaction->commit();
} else {
@@ -266,7 +268,20 @@ class Placeorder
}
}
-
+ // 订单备注信息不能超过1500字符
+ $orderRemarkStrMaxLen = Yii::$service->order->orderRemarkStrMaxLen;
+ $order_remark = isset($post['order_remark']) ? $post['order_remark'] : '';
+ if ($order_remark && $orderRemarkStrMaxLen) {
+ $order_remark_strlen = strlen($order_remark);
+ if ($order_remark_strlen > $orderRemarkStrMaxLen) {
+ Yii::$service->helper->errors->add('order remark string length can not gt '.$orderRemarkStrMaxLen);
+
+ return false;
+ } else {
+ // 去掉xss攻击字符,关于防止xss攻击的yii文档参看:http://www.yiichina.com/doc/guide/2.0/security-best-practices#fang-zhi-xss-gong-ji
+ $this->_order_remark = $order_remark;
+ }
+ }
$this->_shipping_method = $shipping_method;
$this->_payment_method = $payment_method;
Yii::$service->payment->setPaymentMethod($this->_payment_method);