From 417c51f60d9cbb6f775afb752acf4814dc62e61d Mon Sep 17 00:00:00 2001 From: Terry <2358269014@qq.com> Date: Mon, 11 Dec 2017 10:06:18 +0800 Subject: [PATCH] =?UTF-8?q?=E8=AE=A2=E5=8D=95=E5=A4=87=E6=B3=A8=E5=AE=8C?= =?UTF-8?q?=E5=96=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../block/paypal/express/Placeorder.php | 22 ++++++++++++++++--- .../front/payment/paypal/express/review.php | 5 +++++ .../block/paypal/express/Placeorder.php | 22 ++++++++++++++++--- .../checkout/onepage/index/review_order.php | 8 +++---- .../html5/payment/paypal/express/review.php | 6 ++++- .../paypal/express/review/review_order.php | 8 +++---- .../block/paypal/express/Placeorder.php | 21 +++++++++++++++--- 7 files changed, 74 insertions(+), 18 deletions(-) diff --git a/app/appfront/modules/Payment/block/paypal/express/Placeorder.php b/app/appfront/modules/Payment/block/paypal/express/Placeorder.php index 4cebc4d9..42c19f24 100644 --- a/app/appfront/modules/Payment/block/paypal/express/Placeorder.php +++ b/app/appfront/modules/Payment/block/paypal/express/Placeorder.php @@ -31,7 +31,10 @@ class Placeorder * 用户的支付方式. */ public $_payment_method; - + /** + * 订单备注信息. + */ + public $_order_remark; public function getLastData() { $post = Yii::$app->request->post(); @@ -59,7 +62,7 @@ class Placeorder // 将购物车数据,生成订单,生成订单后,不清空购物车,不扣除库存,在支付成功后在清空购物车。 $innerTransaction = Yii::$app->db->beginTransaction(); try { - $genarateStatus = Yii::$service->order->generateOrderByCart($this->_billing, $this->_shipping_method, $this->_payment_method, false,$token); + $genarateStatus = Yii::$service->order->generateOrderByCart($this->_billing, $this->_shipping_method, $this->_payment_method, false, $token, $this->_order_remark); if ($genarateStatus) { $innerTransaction->commit(); } else { @@ -223,7 +226,20 @@ class Placeorder return false; } } - + // 订单备注信息不能超过1500字符 + $orderRemarkStrMaxLen = Yii::$service->order->orderRemarkStrMaxLen; + $order_remark = isset($post['order_remark']) ? $post['order_remark'] : ''; + if ($order_remark && $orderRemarkStrMaxLen) { + $order_remark_strlen = strlen($order_remark); + if ($order_remark_strlen > $orderRemarkStrMaxLen) { + Yii::$service->helper->errors->add('order remark string length can not gt '.$orderRemarkStrMaxLen); + + return false; + } else { + // 去掉xss攻击字符,关于防止xss攻击的yii文档参看:http://www.yiichina.com/doc/guide/2.0/security-best-practices#fang-zhi-xss-gong-ji + $this->_order_remark = $order_remark; + } + } $this->_shipping_method = $shipping_method; $this->_payment_method = $payment_method; Yii::$service->payment->setPaymentMethod($this->_payment_method); diff --git a/app/appfront/theme/base/front/payment/paypal/express/review.php b/app/appfront/theme/base/front/payment/paypal/express/review.php index 267f8f8b..83ef95f6 100644 --- a/app/appfront/theme/base/front/payment/paypal/express/review.php +++ b/app/appfront/theme/base/front/payment/paypal/express/review.php @@ -66,6 +66,11 @@
+
+
page->translate->__('Order Remark (optional)');?>
+ + +
diff --git a/app/apphtml5/modules/Payment/block/paypal/express/Placeorder.php b/app/apphtml5/modules/Payment/block/paypal/express/Placeorder.php index 907a832c..798b4be4 100644 --- a/app/apphtml5/modules/Payment/block/paypal/express/Placeorder.php +++ b/app/apphtml5/modules/Payment/block/paypal/express/Placeorder.php @@ -31,7 +31,10 @@ class Placeorder * 用户的支付方式. */ public $_payment_method; - + /** + * 订单备注信息. + */ + public $_order_remark; public function getLastData() { $post = Yii::$app->request->post(); @@ -59,7 +62,7 @@ class Placeorder // 将购物车数据,生成订单,生成订单后,不清空购物车,不扣除库存,在支付成功后在清空购物车。 $innerTransaction = Yii::$app->db->beginTransaction(); try { - $genarateStatus = Yii::$service->order->generateOrderByCart($this->_billing, $this->_shipping_method, $this->_payment_method, false,$token); + $genarateStatus = Yii::$service->order->generateOrderByCart($this->_billing, $this->_shipping_method, $this->_payment_method, false, $token, $this->_order_remark); if ($genarateStatus) { $innerTransaction->commit(); } else { @@ -223,7 +226,20 @@ class Placeorder return false; } } - + // 订单备注信息不能超过1500字符 + $orderRemarkStrMaxLen = Yii::$service->order->orderRemarkStrMaxLen; + $order_remark = isset($post['order_remark']) ? $post['order_remark'] : ''; + if ($order_remark && $orderRemarkStrMaxLen) { + $order_remark_strlen = strlen($order_remark); + if ($order_remark_strlen > $orderRemarkStrMaxLen) { + Yii::$service->helper->errors->add('order remark string length can not gt '.$orderRemarkStrMaxLen); + + return false; + } else { + // 去掉xss攻击字符,关于防止xss攻击的yii文档参看:http://www.yiichina.com/doc/guide/2.0/security-best-practices#fang-zhi-xss-gong-ji + $this->_order_remark = $order_remark; + } + } $this->_shipping_method = $shipping_method; $this->_payment_method = $payment_method; Yii::$service->payment->setPaymentMethod($this->_payment_method); diff --git a/app/apphtml5/theme/base/html5/checkout/onepage/index/review_order.php b/app/apphtml5/theme/base/html5/checkout/onepage/index/review_order.php index 5167893d..6d568595 100644 --- a/app/apphtml5/theme/base/html5/checkout/onepage/index/review_order.php +++ b/app/apphtml5/theme/base/html5/checkout/onepage/index/review_order.php @@ -60,25 +60,25 @@ use fecshop\app\apphtml5\helper\Format; - + - + - + - + diff --git a/app/apphtml5/theme/base/html5/payment/paypal/express/review.php b/app/apphtml5/theme/base/html5/payment/paypal/express/review.php index a25f7b22..362058d1 100644 --- a/app/apphtml5/theme/base/html5/payment/paypal/express/review.php +++ b/app/apphtml5/theme/base/html5/payment/paypal/express/review.php @@ -65,7 +65,11 @@
- +
+
page->translate->__('Order Remark (optional)');?>
+ + +
diff --git a/app/apphtml5/theme/base/html5/payment/paypal/express/review/review_order.php b/app/apphtml5/theme/base/html5/payment/paypal/express/review/review_order.php index 51488ae4..b7d9a290 100644 --- a/app/apphtml5/theme/base/html5/payment/paypal/express/review/review_order.php +++ b/app/apphtml5/theme/base/html5/payment/paypal/express/review/review_order.php @@ -61,25 +61,25 @@ use fecshop\app\apphtml5\helper\Format;
page->translate->__('Subtotal') ?>page->translate->__('Subtotal') ?>
page->translate->__('Shipping Cost') ?>page->translate->__('Shipping Cost') ?>
page->translate->__('Discount') ?>page->translate->__('Discount') ?> -
page->translate->__('Grand Total') ?>page->translate->__('Grand Total') ?>
- + - + - + - + diff --git a/app/appserver/modules/Payment/block/paypal/express/Placeorder.php b/app/appserver/modules/Payment/block/paypal/express/Placeorder.php index 2e7f1397..4a8a2dbc 100644 --- a/app/appserver/modules/Payment/block/paypal/express/Placeorder.php +++ b/app/appserver/modules/Payment/block/paypal/express/Placeorder.php @@ -31,7 +31,9 @@ class Placeorder * 用户的支付方式. */ public $_payment_method; - + + public $_order_remark; + public function getLastData() { $post = Yii::$app->request->post(); @@ -66,7 +68,7 @@ class Placeorder // 将购物车数据,生成订单,生成订单后,不清空购物车,不扣除库存,在支付成功后在清空购物车。 $innerTransaction = Yii::$app->db->beginTransaction(); try { - $genarateStatus = Yii::$service->order->generateOrderByCart($this->_billing, $this->_shipping_method, $this->_payment_method, false,$token); + $genarateStatus = Yii::$service->order->generateOrderByCart($this->_billing, $this->_shipping_method, $this->_payment_method, false, $token, $this->_order_remark); if ($genarateStatus) { $innerTransaction->commit(); } else { @@ -266,7 +268,20 @@ class Placeorder } } - + // 订单备注信息不能超过1500字符 + $orderRemarkStrMaxLen = Yii::$service->order->orderRemarkStrMaxLen; + $order_remark = isset($post['order_remark']) ? $post['order_remark'] : ''; + if ($order_remark && $orderRemarkStrMaxLen) { + $order_remark_strlen = strlen($order_remark); + if ($order_remark_strlen > $orderRemarkStrMaxLen) { + Yii::$service->helper->errors->add('order remark string length can not gt '.$orderRemarkStrMaxLen); + + return false; + } else { + // 去掉xss攻击字符,关于防止xss攻击的yii文档参看:http://www.yiichina.com/doc/guide/2.0/security-best-practices#fang-zhi-xss-gong-ji + $this->_order_remark = $order_remark; + } + } $this->_shipping_method = $shipping_method; $this->_payment_method = $payment_method; Yii::$service->payment->setPaymentMethod($this->_payment_method); -- GitLab
page->translate->__('Subtotal') ?>page->translate->__('Subtotal') ?>
page->translate->__('Shipping Cost') ?>page->translate->__('Shipping Cost') ?>
page->translate->__('Discount') ?>page->translate->__('Discount') ?> -
page->translate->__('Grand Total') ?>page->translate->__('Grand Total') ?>