Context Navigation

Changeset 13457

Timestamp:

2007/05/25 17:18:46 (17 years ago)

Author:

adati

Message:

Location:

branches/rel/html

Files:

r13454	r13457
203	203	<tr>
204	204	<td class="fs12"><!--{if $arrErr.quantity != ""}--><span class="redst"><!--{$arrErr.quantity}--></span><br/><!--{/if}--><img src="<!--{$smarty.const.URL_DIR}-->img/common/arrow_gray.gif" width="15" height="10" alt=""><strong>¸Ä¡¡¿ô</strong>
205		<input type="text" name="quantity" size="3" class="box3" value="<!--{$arrForm.quantity.value\|default:1~~\|escape~~}-->" maxlength=<!--{$smarty.const.INT_LEN}--> style="<!--{$arrErr.quantity\|sfGetErrorColor}-->" >
	205	<input type="text" name="quantity" size="3" class="box3" value="<!--{$arrForm.quantity.value\|default:1}-->" maxlength=<!--{$smarty.const.INT_LEN}--> style="<!--{$arrErr.quantity\|sfGetErrorColor}-->" >
206	206	</td>
207	207	</tr>

r13443	r13457
224	224	<td align="right" width="115" class="fs12st">¸Ä¿ô¡§
225	225	<!--{if $arrErr.quantity != ""}--><br/><span class="redst"><!--{$arrErr.quantity}--></span><!--{/if}-->
226		<input type="text" name="<!--{$quantity}-->" size="3" class="box3" value="<!--{$arrForm[$quantity]\|default:1~~\|escape~~}-->" maxlength=<!--{$smarty.const.INT_LEN}--> style="<!--{$arrErr[$quantity]\|sfGetErrorColor}-->" >
	226	<input type="text" name="<!--{$quantity}-->" size="3" class="box3" value="<!--{$arrForm[$quantity]\|default:1}-->" maxlength=<!--{$smarty.const.INT_LEN}--> style="<!--{$arrErr[$quantity]\|sfGetErrorColor}-->" >
227	227	</td>
228	228	<td width="170" align="center">

r13443	r13457
8	8	<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF\|escape}-->">
9	9	<input type="hidden" name="order_id" value="" >
10		<input type="hidden" name="pageno" value="<!--{$tpl_pageno~~\|escape~~}-->">
	10	<input type="hidden" name="pageno" value="<!--{$tpl_pageno}-->">
11	11	<tr>
12	12	<td align="center" bgcolor="#ffffff">

r13454	r13457
203	203	<tr>
204	204	<td class="fs12"><!--{if $arrErr.quantity != ""}--><span class="redst"><!--{$arrErr.quantity}--></span><br/><!--{/if}--><img src="<!--{$smarty.const.URL_DIR}-->img/common/arrow_gray.gif" width="15" height="10" alt=""><strong>¸Ä¡¡¿ô</strong>
205		<input type="text" name="quantity" size="3" class="box3" value="<!--{$arrForm.quantity.value\|default:1~~\|escape~~}-->" maxlength=<!--{$smarty.const.INT_LEN}--> style="<!--{$arrErr.quantity\|sfGetErrorColor}-->" >
	205	<input type="text" name="quantity" size="3" class="box3" value="<!--{$arrForm.quantity.value\|default:1}-->" maxlength=<!--{$smarty.const.INT_LEN}--> style="<!--{$arrErr.quantity\|sfGetErrorColor}-->" >
206	206	</td>
207	207	</tr>

r13442	r13457
224	224	<td align="right" width="115" class="fs12st">¸Ä¿ô¡§
225	225	<!--{if $arrErr.quantity != ""}--><br/><span class="redst"><!--{$arrErr.quantity}--></span><!--{/if}-->
226		<input type="text" name="<!--{$quantity}-->" size="3" class="box3" value="<!--{$arrForm[$quantity]\|default:1~~\|escape~~}-->" maxlength=<!--{$smarty.const.INT_LEN}--> style="<!--{$arrErr[$quantity]\|sfGetErrorColor}-->" >
	226	<input type="text" name="<!--{$quantity}-->" size="3" class="box3" value="<!--{$arrForm[$quantity]\|default:1}-->" maxlength=<!--{$smarty.const.INT_LEN}--> style="<!--{$arrErr[$quantity]\|sfGetErrorColor}-->" >
227	227	</td>
228	228	<td width="170" align="center">

r13442	r13457
8	8	<form name="form1" method="post" action="<!--{$smarty.server.PHP_SELF\|escape}-->">
9	9	<input type="hidden" name="order_id" value="" >
10		<input type="hidden" name="pageno" value="<!--{$tpl_pageno~~\|escape~~}-->">
	10	<input type="hidden" name="pageno" value="<!--{$tpl_pageno}-->">
11	11	<tr>
12	12	<td align="center" bgcolor="#ffffff">

-                      r12157
+                      r13457
 //¥Ú¡¼¥¸Á÷¤êÍÑ
+$objPage->tpl_pageno = $_POST['pageno'];
+if (isset($_POST['pageno'])) {
+    $objPage->tpl_pageno = htmlspecialchars($_POST['pageno'], ENT_QUOTES, CHAR_CODE);
+}
 $col = "order_id, create_date, payment_id, payment_total";
 $from = "dtb_order";
 …
 $objPage->arrPayment = sfGetIDValueList("dtb_payment", "payment_id", "payment_method");
 $objView->assignobj($objPage);              //$objpageÆâ¤ÎÁ´¤Æ¤Î¥Æ¥ó¥×¥ì¡¼¥ÈÊÑ¿ô¤òsmarty¤Ë³ÊÇ¼
 $objView->display(SITE_FRAME);              //¥Ñ¥¹¤È¥Æ¥ó¥×¥ì¡¼¥ÈÊÑ¿ô¤Î¸Æ¤Ó½Ð¤·¡¢¼Â¹Ô
 …
     return $objErr->arrErr;
+}
 ?>

-                      r12157
+                      r13457
 $objPage->tpl_large_width = $large_width + 60;
 $objPage->tpl_large_height = $large_height + 80;
+lfConvertParam();
 $objView->assignobj($objPage);
 …
+}
+function lfConvertParam() {
+    global $objPage;
+    $value = $objPage->arrForm['quantity']['value'];
+    $objPage->arrForm['quantity']['value'] = htmlspecialchars($value, ENT_QUOTES, CHAR_CODE);
+}
 ?>

-                      r12157
+                      r13457
 $objPage->arrForm = $_POST;
+lfConvertParam();
 $objPage->category_id = $category_id;
 $objPage->arrSearch = $arrSearch;
 …
+}
+function lfconvertParam () {
+    global $objPage;
+    $count = 1;
+    while(1) {
+        $quantity_key = 'quantity' . $count;
+        if (isset($objPage->arrForm[$quantity_key])) {
+            $objPage->arrForm[$quantity_key]
+                = htmlspecialchars($objPage->arrForm[$quantity_key], ENT_QUOTES, CHAR_CODE);
+        } else {
+            break;
+        }
+        $count++;
+    }
+}
 ?>

Note: See TracChangeset for help on using the changeset viewer.