Project-Pro/shopPRO
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a45256e9f6ad5ece44d0f7dadc2ec28cea38a9d8
shopPRO/templates/shop-basket/address-form.php
Jacek c7be154d57 feat: ochrona przed podwójnym składaniem zamówienia (order submit token) 
Token CSRF w sesji zapobiega duplikowaniu zamówień przy wielokrotnym
kliknięciu przycisku. Przy duplikacie przekierowanie do istniejącego
zamówienia. JS naprawiony — nasłuch na submit formularza zamiast click.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
2026-03-10 21:50:21 +01:00

203 lines
9.0 KiB
PHP
Raw Blame History

<div class="basket-address-form">
<? if ( !$this -> client ):?>
<div class="box-title"><?= \Shared\Helpers\Helpers::lang( 'zloz-zamowienie-bez-rejestraji' );?></div>
<? else:?>
<?
if ( is_array( $this -> addresses ) ) for ( $i = 0; $i < count( $this -> addresses ); $i++ )
if ( $this -> addresses[$i]['current'] == 1 )
$address_current = $this -> addresses[$i];
if ( !$address and $this -> addresses[0] )
$address_current = $this -> addresses[0];
?>
<? endif;?>
<? if ( $this -> client ):?>
<div class="left">
<? if ( is_array( $this -> addresses ) and count( $this -> addresses ) ):?>
<div class="addresses">
<? foreach ( $this -> addresses as $address ):?>
<? if ( $address['current'] ) $address_current = $address; ?>
<div class="address<? if ( $address['current'] ):?> active<? endif;?>" id="address-<?= $address['id'];?>">
<span field="name"><?= $address['name'] . '</span> <span field="surname">' . $address['surname'];?></span>
<? if ( $address['firm'] ) echo '<br/><span field="firm">' . $address['firm'] . '</span>';?>
<br/><span field="street"><?= $address['street'];?></span>
<br/><span field="postal_code"><?= $address['postal_code'] . '</span> <span field="city">' . $address['city'] . '</span>';?>
<br/><span field="phone"><?= $address['phone'];?></span>
<div class="buttons">
<a href="#" class="btn-select" address="<?= $address['id'];?>"><?= \Shared\Helpers\Helpers::lang( 'wybierz' );?></a>
</div>
</div>
<? endforeach;?>
</div>
<? endif;?>
</div>
<? endif;?>
<? if ( $this -> client ):?><div class="right"><? endif;?>
<form class="form-horizontal" action="/zloz-zamowienie" method="POST" id="form-order">
<input type="hidden" name="order_submit_token" value="<?= htmlspecialchars( (string)($this -> order_submit_token ?? ''), ENT_QUOTES, 'UTF-8' );?>">
<? if ( !$this -> client ):?>
<div class="form-group row">
<div class="col-12">
<input type="email" name="email" class="form-control" required placeholder="<?= ucfirst( \Shared\Helpers\Helpers::lang( 'email' ) );?>">
</div>
</div>
<? endif;?>
<div class="form-group row">
<div class="col-12">
<input type="text" id="name" name="name" class="form-control" required placeholder="<?= ucfirst( \Shared\Helpers\Helpers::lang( 'imie' ) );?>" value="<?= htmlspecialchars( $address_current['name'] );?>">
</div>
</div>
<div class="form-group row">
<div class="col-12">
<input type="text" id="surname" name="surname" class="form-control" required placeholder="<?= ucfirst( \Shared\Helpers\Helpers::lang( 'nazwisko' ) );?>" value="<?= htmlspecialchars( $address_current['surname'] );?>">
</div>
</div>
<div class="form-group">
<input type="text" id="street" name="street" class="form-control" <? if ( !in_array( $this -> transport_method['id'], [ 1, 2, 3, 9] ) ):?> required<? endif;?> placeholder="<?= ucfirst( \Shared\Helpers\Helpers::lang( 'ulica-i-nr-domu' ) );?> <? if ( in_array( $this -> transport_method['id'], [ 1, 2, 3, 9] ) ):?> (<?= \Shared\Helpers\Helpers::lang( 'opcjonalnie' );?>)<? endif;?>" value="<?= htmlspecialchars( $address_current['street'] );?>">
</div>
<div class="form-group">
<div class="row">
<div class="col-12 col-md-6">
<input type="text" id="postal_code" name="postal_code" pattern="[0-9]{2}-[0-9]{3}" title="Format xx-xxx" class="form-control" <? if ( !in_array( $this -> transport_method['id'], [ 1, 2, 3, 9] ) ):?> required<? endif;?> placeholder="<?= ucfirst( \Shared\Helpers\Helpers::lang( 'kod-pocztowy' ) );?><? if ( in_array( $this -> transport_method['id'], [ 1, 2, 3, 9] ) ):?> (<?= \Shared\Helpers\Helpers::lang( 'opcjonalnie' );?>)<? endif;?>" " value="<?= htmlspecialchars( $address_current['postal_code'] );?>">
</div>
<div class="col-12 col-md-6">
<input type="text" id="city" name="city" class="form-control" <? if ( !in_array( $this -> transport_method['id'], [ 1, 2, 3, 9] ) ):?> required<? endif;?> placeholder="<?= ucfirst( \Shared\Helpers\Helpers::lang( 'miasto' ) );?><? if ( in_array( $this -> transport_method['id'], [ 1, 2, 3, 9] ) ):?> (<?= \Shared\Helpers\Helpers::lang( 'opcjonalnie' );?>)<? endif;?>" " value="<?= htmlspecialchars( $address_current['city'] );?>">
</div>
</div>
</div>
<div class="form-group">
<div class="form-control form-control-phone" tooltip="Wprowadź numer w formacie: 123456789">
<div class="form-control-phone-code">
<img src="/images/system/lang_pl.png" alt="">
<span>+48</span>
</div>
<input type="tel" id="phone" name="phone" class="form-control form-control-input" required placeholder="<?= ucfirst(\Shared\Helpers\Helpers::lang('telefon')); ?>" value="<?= htmlspecialchars($address_current['phone']); ?>" pattern="[0-9]{9}">
</div>
</div>
<div class="form-group">
<div class="row">
<div class="col-12" id="fvat">
<input type="checkbox" name="fvat">
<?= \Shared\Helpers\Helpers::lang( 'faktura-vat' );?>
</div>
</div>
</div>
<div class="fvat-data">
<div class="form-group">
<div class="row">
<div class="col-12">
<input type="text" id="firm_name" name="firm_name" class="form-control" placeholder="<?= ucfirst( \Shared\Helpers\Helpers::lang( 'nazwa-firmy' ) );?>" value="">
</div>
</div>
</div>
<div class="form-group">
<div class="row">
<div class="col-12">
<input type="text" id="firm_street" name="firm_street" class="form-control" placeholder="<?= ucfirst( \Shared\Helpers\Helpers::lang( 'ulica-i-nr-domu' ) );?>" value="">
</div>
</div>
</div>
<div class="form-group">
<div class="row">
<div class="col-12 col-md-6">
<input type="text" id="firm_postal_code" name="firm_postal_code" pattern="[0-9]{2}-[0-9]{3}" title="Format xx-xxx" class="form-control" placeholder="<?= ucfirst( \Shared\Helpers\Helpers::lang( 'kod-pocztowy' ) );?>" value="">
</div>
<div class="col-12 col-md-6">
<input type="text" id="firm_city" name="firm_city" class="form-control" placeholder="<?= ucfirst( \Shared\Helpers\Helpers::lang( 'miasto' ) );?>" value="">
</div>
</div>
</div>
<div class="form-group">
<div class="row">
<div class="col-12">
<input type="text" id="firm_nip" name="firm_nip" class="form-control" placeholder="<?= ucfirst( \Shared\Helpers\Helpers::lang( 'nip' ) );?>" value="">
</div>
</div>
</div>
</div>
<div class="form-group">
<div class="row">
<div class="col-12" id="agreement">
<input type="checkbox" name="agreement" required="">
<?= \Shared\Helpers\Helpers::lang( 'przeczytalem-i-akceptuje-polityke-prywatnosci-i-regulamin' );?>
</div>
</div>
</div>
<div class="form-group">
<div class="row">
<div class="col-12">
<button type="submit" class="btn btn-success" id="order-send"><span class="text"><?= ucfirst( \Shared\Helpers\Helpers::lang( 'zamawiam-z-obowiazkiem-zaplaty' ) );?></span></button>
</div>
</div>
</div>
<? if ( $this -> client ):?>
</div>
</div>
<? endif;?>
</form>
<? if ( $this -> client ):?></div><? endif;?>
</div>
<script class="footer">
$(document).ready(function () {
function validatePhone() {
var phone = $('#phone');
var phonePattern = /^[0-9]{9}$/;
if (!phone.val() || !phonePattern.test(phone.val())) {
$('#order-send').prop('disabled', true);
} else {
$('#order-send').prop('disabled', false);
}
}
$('#phone').on('input', function () {
validatePhone();
});
validatePhone();
});
$( function()
{
$( 'body' ).on( 'change', 'input[name="fvat"]', function() {
if ( $( this ).is( ':checked' ) ) {
$( '.fvat-data input' ).prop( 'required', true );
$( '.fvat-data' ).slideDown();
} else {
$( '.fvat-data' ).slideUp();
$( '.fvat-data input' ).prop( 'required', false ).val( '' );
}
});
$( 'body' ).on( click_event, '.addresses .address .btn-select', function(e)
{
e.preventDefault();
var address_id = $( this ).attr( 'address' );
$.ajax(
{
type: 'POST',
cache: false,
url: '/shopClient/mark_address_as_current',
data:
{
address_id: address_id
}
});
$( '#address-' + address_id + ' span' ).each( function()
{
var field = $( this ).attr( 'field' );
var value = $( this ).html();
$( '.basket-address-form form #' + field ).val( value );
});
$( '.addresses .address' ).removeClass( 'active' );
$( '#address-' + address_id ).addClass( 'active' );
});
});
</script>
Reference in New Issue View Git Blame Copy Permalink