firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

주문 상세보기 url에서 uq_id 제거

Browse Source
This commit is contained in:
chicpro
2013-08-22 17:23:58 +09:00
parent 7785d8381c
commit 8ae41a2213
10 changed files with 31 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
adm/shop_admin/orderlist.php
View File

@ -206,11 +206,13 @@ if ($search) // 검색렬일 때만 처음 버튼을 보여줌
$od_mobile = '';
if($lines[$i]['od_mobile'])
$od_mobile = '(M)';
$uid = md5($lines[$i]['od_id'].$lines[$i]['od_time'].$lines[$i]['od_ip']);
?>
<tr class="orderlist">
<td class="td_odrnum2">
<?php echo $od_mobile; ?>
<a href="<?php echo G4_SHOP_URL; ?>/orderinquiryview.php?od_id=<?php echo $lines[$i]['od_id']; ?>&amp;uq_id=<?php echo $lines[$i]['uq_id']; ?>">
<a href="<?php echo G4_SHOP_URL; ?>/orderinquiryview.php?od_id=<?php echo $lines[$i]['od_id']; ?>&amp;uid=<?php echo $uid; ?>">
<?php echo $lines[$i]['od_id']; ?><br>
<span class="sound_only">주문일시 </span><?php echo $lines[$i]['od_time']; ?>
</a>

4
adm/shop_admin/orderlist2.php
View File

@ -145,6 +145,8 @@ if ($search) // 검색렬일 때만 처음 버튼을 보여줌
$tot_receiptcancel += $row['receiptcancel'];
$tot_couponamount += $row['couponamount'];
$tot_misu += $row['misu'];
$uid = md5($row['od_id'].$row['od_time'].$row['od_ip']);
?>
<li>
<dl class="sodr_basic">
@ -152,7 +154,7 @@ if ($search) // 검색렬일 때만 처음 버튼을 보여줌
<dd>
<strong>
<?php echo $od_mobile; ?>
<a href="<?php echo G4_SHOP_URL; ?>/orderinquiryview.php?od_id=<?php echo $row['od_id']; ?>&amp;uq_id=<?php echo $row['uq_id']; ?>"><?php echo $row['od_id']; ?></a>
<a href="<?php echo G4_SHOP_URL; ?>/orderinquiryview.php?od_id=<?php echo $row['od_id']; ?>&amp;uid=<?php echo $uid; ?>"><?php echo $row['od_id']; ?></a>
</strong>
</dd>
<dt>주문일시</dt>

7
mobile/shop/orderformupdate.php
View File

@ -595,8 +595,9 @@ if($default['de_sms_use'] && ($default['de_sms_use2'] || $default['de_sms_use3']
// SMS END --------------------------------------------------------
// orderview 에서 사용하기 위해 tmp에 넣고
set_session('ss_temp_uq_id', $uq_id);
// orderview 에서 사용하기 위해 session에 넣고
$uid = md5($od_id.G4_TIME_YMDHIS.$REMOTE_ADDR);
set_session('ss_orderview_uid', $uid);
// 주문번호제거
set_session('ss_order_uniqid', '');
@ -605,5 +606,5 @@ set_session('ss_order_uniqid', '');
if (get_session('ss_direct'))
set_session('ss_uq_direct', '');
goto_url(G4_SHOP_URL.'/orderinquiryview.php?od_id='.$od_id.'&amp;uq_id='.$uq_id);
goto_url(G4_SHOP_URL.'/orderinquiryview.php?od_id='.$od_id.'&amp;uid='.$uid);
?>

5
mobile/shop/orderinquiry.php
View File

@ -46,8 +46,9 @@ if (!$is_member)
$sql = " select od_id, uq_id from {$g4['shop_order_table']} where od_id = '$od_id' and od_pwd = '$od_pwd' ";
$row = sql_fetch($sql);
if ($row['od_id']) {
set_session("ss_uq_id_inquiry", $row['uq_id']);
goto_url(G4_SHOP_URL.'/orderinquiryview.php?od_id='.$row['od_id'].'&amp;uq_id='.$row['uq_id']);
$uid = md5($row['od_id'].$row['od_time'].$row['od_ip']);
set_session('ss_orderview_uid', $uid);
goto_url(G4_SHOP_URL.'/orderinquiryview.php?od_id='.$row['od_id'].'&amp;uid='.$uid);
}
}

3
mobile/shop/orderinquiry.sub.php
View File

@ -29,12 +29,13 @@ $sql = " select a.od_id,
$result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++)
{
$uid = md5($row['od_id'].$row['od_time'].$row['od_ip']);
?>
<tr>
<td>
<input type="hidden" name="ct_id[<?php echo $i; ?>]" value="<?php echo $row['ct_id']; ?>">
<a href="<?php echo G4_SHOP_URL; ?>/orderinquiryview.php?od_id=<?php echo $row['od_id']; ?>&amp;uq_id=<?php echo $row['uq_id']; ?>"><?php echo $row['od_id']; ?></a>
<a href="<?php echo G4_SHOP_URL; ?>/orderinquiryview.php?od_id=<?php echo $row['od_id']; ?>&amp;uid=<?php echo $uid; ?>"><?php echo $row['od_id']; ?></a>
</td>
<td class="td_datetime"><?php echo substr($row['od_time'],0,16); ?> (<?php echo get_yoil($row['od_time']); ?>)</td>
<td class="td_bignum"><?php echo display_price($row['orderamount']); ?></td>

7
mobile/shop/orderinquiryview.php
View File

@ -6,14 +6,13 @@ $token = md5(uniqid(rand(), true));
set_session("ss_token", $token);
if (!$is_member) {
if (get_session("ss_temp_uq_id") != $_GET['uq_id'])
if (get_session('ss_orderview_uid') != $_GET['uid'])
alert("직접 링크로는 주문서 조회가 불가합니다.\\n\\n주문조회 화면을 통하여 조회하시기 바랍니다.", G4_SHOP_URL);
}
$sql = "select * from {$g4['shop_order_table']} where od_id = '$od_id' and uq_id = '$uq_id' ";
$sql = "select * from {$g4['shop_order_table']} where od_id = '$od_id' ";
$od = sql_fetch($sql);
if (!$od['od_id']) {
echo "$od_id $uq_id $MxIssueNO";
if (!$od['od_id'] || (!$is_member && md5($od['od_id'].$od['od_time'].$od['od_ip']) != get_session('ss_orderview_uid'))) {
alert("조회하실 주문서가 없습니다.", G4_SHOP_URL);
}

7
shop/orderformupdate.php
View File

@ -589,8 +589,9 @@ if($default['de_sms_use'] && ($default['de_sms_use2'] || $default['de_sms_use3']
// SMS END --------------------------------------------------------
// orderview 에서 사용하기 위해 tmp에 넣고
set_session('ss_temp_uq_id', $uq_id);
// orderview 에서 사용하기 위해 session에 넣고
$uid = md5($od_id.G4_TIME_YMDHIS.$REMOTE_ADDR);
set_session('ss_orderview_uid', $uid);
// 주문번호제거
set_session('ss_order_uniqid', '');
@ -599,7 +600,7 @@ set_session('ss_order_uniqid', '');
if (get_session('ss_direct'))
set_session('ss_uq_direct', '');
goto_url(G4_SHOP_URL.'/orderinquiryview.php?od_id='.$od_id.'&amp;uq_id='.$uq_id);
goto_url(G4_SHOP_URL.'/orderinquiryview.php?od_id='.$od_id.'&amp;uid='.$uid);
?>
<html>

7
shop/orderinquiry.php
View File

@ -48,11 +48,12 @@ $from_record = ($page - 1) * $rows; // 시작 열을 구함
// 비회원 주문확인의 경우 바로 주문서 상세조회로 이동
if (!$is_member)
{
$sql = " select od_id, uq_id from {$g4['shop_order_table']} where od_id = '$od_id' and od_pwd = '$od_pwd' ";
$sql = " select od_id, od_time, od_ip from {$g4['shop_order_table']} where od_id = '$od_id' and od_pwd = '$od_pwd' ";
$row = sql_fetch($sql);
if ($row['od_id']) {
set_session("ss_temp_uq_id", $row['uq_id']);
goto_url(G4_SHOP_URL.'/orderinquiryview.php?od_id='.$row['od_id'].'&amp;uq_id='.$row['uq_id']);
$uid = md5($row['od_id'].$row['od_time'].$row['od_ip']);
set_session('ss_orderview_uid', $uid);
goto_url(G4_SHOP_URL.'/orderinquiryview.php?od_id='.$row['od_id'].'&amp;uid='.$uid);
}
}

3
shop/orderinquiry.sub.php
View File

@ -32,12 +32,13 @@ $sql = " select a.od_id,
$result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++)
{
$uid = md5($row['od_id'].$row['od_time'].$row['od_ip']);
?>
<tr>
<td>
<input type="hidden" name="ct_id[<?php echo $i; ?>]" value="<?php echo $row['ct_id']; ?>">
<a href="<?php echo G4_SHOP_URL; ?>/orderinquiryview.php?od_id=<?php echo $row['od_id']; ?>&amp;uq_id=<?php echo $row['uq_id']; ?>"><?php echo $row['od_id']; ?></a>
<a href="<?php echo G4_SHOP_URL; ?>/orderinquiryview.php?od_id=<?php echo $row['od_id']; ?>&amp;uid=<?php echo $uid; ?>"><?php echo $row['od_id']; ?></a>
</td>
<td><?php echo substr($row['od_time'],0,16); ?> (<?php echo get_yoil($row['od_time']); ?>)</td>
<td class="td_num"><?php echo $row['itemcount']; ?></td>

9
shop/orderinquiryview.php
View File

@ -11,14 +11,13 @@ $token = md5(uniqid(rand(), true));
set_session("ss_token", $token);
if (!$is_member) {
if (get_session("ss_temp_uq_id") != $_GET['uq_id'])
if (get_session('ss_orderview_uid') != $_GET['uid'])
alert("직접 링크로는 주문서 조회가 불가합니다.\\n\\n주문조회 화면을 통하여 조회하시기 바랍니다.", G4_SHOP_URL);
}
$sql = "select * from {$g4['shop_order_table']} where od_id = '$od_id' and uq_id = '$uq_id' ";
$sql = "select * from {$g4['shop_order_table']} where od_id = '$od_id' ";
$od = sql_fetch($sql);
if (!$od['od_id']) {
echo "$od_id $uq_id $MxIssueNO";
if (!$od['od_id'] || (!$is_member && md5($od['od_id'].$od['od_time'].$od['od_ip']) != get_session('ss_orderview_uid'))) {
alert("조회하실 주문서가 없습니다.", G4_SHOP_URL);
}
@ -32,8 +31,6 @@ if($rq['cnt'])
// 결제방법
$settle_case = $od['od_settle_case'];
set_session('ss_temp_uq_id', $uq_id);
$g4['title'] = '주문상세내역';
include_once('./_head.php');
?>