firstgarden/firstgarden-web-gnu
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

주문 상세보기 url에서 uq_id 제거

Browse Source
This commit is contained in:
chicpro
2013-08-22 17:23:58 +09:00
parent 7785d8381c
commit 8ae41a2213
10 changed files with 31 additions and 25 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
mobile/shop/orderformupdate.php
View File

@ -595,8 +595,9 @@ if($default['de_sms_use'] && ($default['de_sms_use2'] || $default['de_sms_use3']
// SMS END --------------------------------------------------------
// orderview 에서 사용하기 위해 tmp에 넣고
set_session('ss_temp_uq_id', $uq_id);
// orderview 에서 사용하기 위해 session에 넣고
$uid = md5($od_id.G4_TIME_YMDHIS.$REMOTE_ADDR);
set_session('ss_orderview_uid', $uid);
// 주문번호제거
set_session('ss_order_uniqid', '');
@ -605,5 +606,5 @@ set_session('ss_order_uniqid', '');
if (get_session('ss_direct'))
set_session('ss_uq_direct', '');
goto_url(G4_SHOP_URL.'/orderinquiryview.php?od_id='.$od_id.'&uq_id='.$uq_id);
goto_url(G4_SHOP_URL.'/orderinquiryview.php?od_id='.$od_id.'&uid='.$uid);
?>

5
mobile/shop/orderinquiry.php
View File

@ -46,8 +46,9 @@ if (!$is_member)
$sql = " select od_id, uq_id from {$g4['shop_order_table']} where od_id = '$od_id' and od_pwd = '$od_pwd' ";
$row = sql_fetch($sql);
if ($row['od_id']) {
set_session("ss_uq_id_inquiry", $row['uq_id']);
goto_url(G4_SHOP_URL.'/orderinquiryview.php?od_id='.$row['od_id'].'&uq_id='.$row['uq_id']);
$uid = md5($row['od_id'].$row['od_time'].$row['od_ip']);
set_session('ss_orderview_uid', $uid);
goto_url(G4_SHOP_URL.'/orderinquiryview.php?od_id='.$row['od_id'].'&uid='.$uid);
}
}

3
mobile/shop/orderinquiry.sub.php
View File

@ -29,12 +29,13 @@ $sql = " select a.od_id,
$result = sql_query($sql);
for ($i=0; $row=sql_fetch_array($result); $i++)
{
$uid = md5($row['od_id'].$row['od_time'].$row['od_ip']);
?>
<tr>
<td>
<input type="hidden" name="ct_id[<?php echo $i; ?>]" value="<?php echo $row['ct_id']; ?>">
<a href="<?php echo G4_SHOP_URL; ?>/orderinquiryview.php?od_id=<?php echo $row['od_id']; ?>&amp;uq_id=<?php echo $row['uq_id']; ?>"><?php echo $row['od_id']; ?></a>
<a href="<?php echo G4_SHOP_URL; ?>/orderinquiryview.php?od_id=<?php echo $row['od_id']; ?>&amp;uid=<?php echo $uid; ?>"><?php echo $row['od_id']; ?></a>
</td>
<td class="td_datetime"><?php echo substr($row['od_time'],0,16); ?> (<?php echo get_yoil($row['od_time']); ?>)</td>
<td class="td_bignum"><?php echo display_price($row['orderamount']); ?></td>

7
mobile/shop/orderinquiryview.php
View File

@ -6,14 +6,13 @@ $token = md5(uniqid(rand(), true));
set_session("ss_token", $token);
if (!$is_member) {
if (get_session("ss_temp_uq_id") != $_GET['uq_id'])
if (get_session('ss_orderview_uid') != $_GET['uid'])
alert("직접 링크로는 주문서 조회가 불가합니다.\\n\\n주문조회 화면을 통하여 조회하시기 바랍니다.", G4_SHOP_URL);
}
$sql = "select * from {$g4['shop_order_table']} where od_id = '$od_id' and uq_id = '$uq_id' ";
$sql = "select * from {$g4['shop_order_table']} where od_id = '$od_id' ";
$od = sql_fetch($sql);
if (!$od['od_id']) {
echo "$od_id $uq_id $MxIssueNO";
if (!$od['od_id'] || (!$is_member && md5($od['od_id'].$od['od_time'].$od['od_ip']) != get_session('ss_orderview_uid'))) {
alert("조회하실 주문서가 없습니다.", G4_SHOP_URL);
}