用户名带特殊字符串用户下单问题

241d8b95 · liuyuzhen · b3fc2bad · 241d8b95 · 241d8b95 · 241d8b95
Commit 241d8b95 authored Dec 08, 2018 by liuyuzhen
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 6 deletions

Cart.php application/controllers/Cart.php +1 -0

OrderConfirmUtil.php application/library/Order/OrderConfirmUtil.php +4 -4

application.ini conf/application.ini +2 -2

No files found.
--- a/application/controllers/Cart.php
+++ b/application/controllers/Cart.php
@@ -164,4 +164,5 @@ class CartController extends \Our\Controller_AbstractApi{
        $result = $cartService->addOrder($data,$this->memberId,$currentAddress);
        $this->success($result);
    }
+
 }
--- a/application/library/Order/OrderConfirmUtil.php
+++ b/application/library/Order/OrderConfirmUtil.php
@@ -510,7 +510,7 @@ class OrderConfirmUtil {
            $order['store_id'] = $storeId;
            $order['store_name'] = $storeCarts['storeName'];
            $order['buyer_id'] = $this->memberId;
-            $order['buyer_name'] = $this->member['memberName'];
+            $order['buyer_name'] = addslashes($this->member['memberName']);
            if(CURRENTVERSION==\Our\NameConst::versionDefault){
                $order['buyer_email'] = $this->member['memberEmail'];
            }else{
@@ -600,12 +600,12 @@ class OrderConfirmUtil {
            if($storeCarts['delivery']['deliveryType'] == \Our\ApiConst::deliveryBuyer){
                list($buyerStoreInfo,$buyerName) = $this->getStoreInfoAndBuyerInfo($store,array('buyerMobile'=>$storeCarts['delivery']['buyerMobile'],'member_name'=>$this->member['memberName']));
                $orderCommon['reciver_info'] = $buyerStoreInfo;
-                $orderCommon['reciver_name'] = $buyerName;
+                $orderCommon['reciver_name'] = addslashes($buyerName);
            }else{
                $orderCommon['reciver_info'] = $reciverInfo;
-                $orderCommon['reciver_name'] = $reciverName;
+                $orderCommon['reciver_name'] = addslashes($reciverName);
            }
-            $orderCommon['reciver_city_id'] = $this->address['city_id'];
+            $orderCommon['reciver_city_id'] = ($storeCarts['delivery']['deliveryType'] == \Our\ApiConst::deliveryBuyer)?\Our\ApiConst::zero:$this->address['city_id'];
            $orderCommonList[] = $orderCommon;
            //$orderCommonDao->insert($orderCommon);
            foreach($storeCarts['storeCarts'] as $storeCart){

--- a/conf/application.ini
+++ b/conf/application.ini
@@ -404,7 +404,7 @@ elastic.master.scheme="http";
 resources.database.params.driver   = "pdo_mysql"
 resources.database.params.hostname = "127.0.0.1"
 resources.database.params.port     = 3306
-resources.database.params.database = "qmcs"
+resources.database.params.database = "testqmcs"
 resources.database.params.username = "root"
 resources.database.params.password = "123456"
 resources.database.params.charset  = "UTF8"
@@ -414,7 +414,7 @@ resources.database.params.driver_options.1002 = "SET NAMES utf8"
 resources.database.slave.params.driver   = "pdo_mysql"
 resources.database.slave.params.hostname = "127.0.0.1"
 resources.database.slave.params.port     = 3306
-resources.database.slave.params.database = "qmcs"
+resources.database.slave.params.database = "testqmcs"
 resources.database.slave.params.username = "root"
 resources.database.slave.params.password = "123456"
 resources.database.slave.params.charset  = "UTF8"