У меня действительно странная вещь, которую я не могу воспроизвести из своего сценария, но все же, если у кого-то есть идеи, как это решить.
Поэтому я добавляю токен в скрипт, чтобы избежать двойной отправки формы.
У меня есть довольно простая функция, которая устанавливает сессию и возвращает токен:
function generate_token() {
$token = sha1(mt_rand());
$_SESSION['token'] = array($token => 1);
print_r($_SESSION);
return $token;
}
print_r здесь показывает это (именно так, как и должно быть):
Array
(
[token] => Array
(
[1a1c5cbdbe9d85dcb0b55a712ff8bf187ae795cb] => 1
)
)
и я так называю сценарий (ничего особенного)
$token = generate_token();
но если я напечатаю_r сразу после этого вне функции, я получу это
Array
(
[token] => 1a1c5cbdbe9d85dcb0b55a712ff8bf187ae795cb
)
и если вместо
$token = generate_token();
Я просто звоню
generate_token();
работает как надо.
Я попробовал это из своего скрипта на тестовой странице, и ничего странного не случилось.
Я могу показать вам остальную часть моего кода, если нужно, но вокруг этого, он генерирует только HTML.
как кто то видел это раньше?
это повредило мой мозг, поэтому любая помощь будет оценена.
Приветствия
EDIT:
Как я и просил, я поставил здесь полный код, странность происходит вокруг строки 304.
здесь я поместил функцию, которая обычно вызывается из include, которая ничего не меняет в моем случае. (код обрезается в конце из-за ограничений числа символов SO)
<?php
require('includes/application_top.php');
require('includes/functions/scrambled_order_num.php');
$quantity_left = isset($_POST['labels_qty']) ? $_POST['labels_qty']: 1;
if (isset($_SESSION['quantity_needed'])) {
$quantity_left = $_SESSION['quantity_needed'];
unset($_SESSION['quantity_needed']);
}
$action = isset($_GET['action']) ? $_GET['action'] : '';
$order_id = isset($_GET['order_id']) ? tep_db_input($_GET['order_id']) : '';
$order_num = isset($_POST['order_num']) ? tep_db_input(trim($_POST['order_num'])) : '';
$weight = isset($_POST['weight']) ? tep_db_input($_POST['weight']) : '';
$label_type = isset($_POST['label_type']) ? tep_db_input($_POST['label_type']) : '';
$CN23 = isset($_POST['CN23']) ? $_POST['CN23'] : '';
$addressee = isset($_POST['addressee']) ? $_POST['addressee'] : '';
$comments = isset($_POST['comments']) ? $_POST['comments'] : '';
// update products infos
if (!empty($CN23)) {
foreach($CN23 as $pID => $values) {
if (is_numeric($pID)) {
$qry = "UPDATE products
SET origin_country_id = '" . (int)$values['originCountry'] . "'
WHERE products_id = '" . (int)$pID . "'";
tep_db_query($qry);
$qry = "UPDATE products_stock_location
SET weight = '" . $values['weight'] . "'
WHERE products_id = '" . (int)$pID . "'";
tep_db_query($qry);
}
}
}
if (isset($_POST['deposit_date']) && empty($_POST['deposit_date'])) {
$today = new DateTime();
$deposit_date = $today->format("Y-m-d");
} else if (isset($_POST['deposit_date'])) {
$format = "d/m/Y";
$date_object = DateTime::createFromFormat($format, tep_db_input($_POST['deposit_date']));
$deposit_date = $date_object->format("Y-m-d");
}
switch ($action) {
case 'get_infos':
if (empty($order_id)){
$order_id = derandomise_order_num($order_num);
}
// check actual shipping status
$qry = "SELECT o.shipping_status, o.is_partial, o.orders_language, o.shipping_method
FROM orders AS o
WHERE o.orders_id = '" . $order_id . "'";
$status_query = tep_db_query($qry);
$status = tep_db_fetch_array($status_query);
if ($status['shipping_status'] == SHIPPING_STATUS_READY_TO_SHIP) {
$messageStack->add_session(TEXT_NOT_READY_TO_SHIP);
tep_redirect(tep_href_link(FILENAME_SHIPPING_LABEL));
}
if ($status['shipping_method'] == 'Chronopost') {
$messageStack->add_session('chronopost');
tep_redirect(tep_href_link(FILENAME_SHIPPING_LABEL));
}
case 'get_label':
case 'relai_lookup':
$qry = "SELECT shipping_method
FROM " . TABLE_ORDERS . "
WHERE orders_id = " . $order_id;
$shipping_query = tep_db_query($qry);
$shipping_result = tep_db_fetch_array($shipping_query);
if ($shipping_result['shipping_method'] == 'Colissimo' || $shipping_result['shipping_method'] == 'So Colissimo' || $shipping_result['shipping_method'] == 'Colissimo free') {
$module = 'socolissimo';
} else if ($shipping_result['shipping_method'] == 'Chronopost') {
$module = 'chronopost';
}
include_once(DIR_FS_CATALOG_MODULES . 'shipping/' . $module . ".php");
$shipping = new $module;
break;
default:
break;
}
if ($action == "relai_lookup") {
$relai_id = $_POST['relai_id'];
echo json_encode($shipping->get_relais_by_id($relai_id));
die();
}
if ($action == 'get_label' ) {
if (is_valid_token($_POST['token'])) {
$label = $shipping->get_label( $order_id, $addressee, $label_type, $deposit_date, $weight, $CN23);
if ($label->messages->id != 0) {
$messageStack->add_session($label->messages->messageContent);
$error_code = $label->messages->id;
tep_redirect(tep_href_link(FILENAME_SHIPPING_LABEL,'action=get_infos&order_id=' . $order_id . '&error_code=' . $error_code));
} else {
$email_url_param = 'order_id';
$qry = "SELECT osh.billing_status_id
FROM " . TABLE_ORDERS_STATUS_HISTORY . " AS osh
WHERE osh.orders_id = " . (int)$order_id . "
ORDER BY osh.orders_status_history_id
LIMIT 1";
$query = tep_db_query($qry);
$result = tep_db_fetch_array($query);
$parcel_number = tep_db_input($label->labelResponse->parcelNumber);
$comments = str_replace('[TN]', $parcel_number, $comments);
// send mail
$qry = "SELECT customers_name, customers_email_address, billing_status, orders_language, date_purchased
FROM orders
WHERE orders_id = '" . (int)$order_id . "'";
$order_qry = tep_db_query($qry);
$order_info = tep_db_fetch_array($order_qry);
$billing_status = $order_info['billing_status'];
$order_lang = $order_info['orders_language'];
$scrambled_order_num = randomise_order_num($order_id);
$languages = tep_get_languages();
$base_lang = '';
foreach ($languages as $lang) {
if ($lang['id'] == $order_lang && ($base_lang == '' || $base_lang == $order_lang)) {
$dir = $lang['directory'];
$base_lang = $order_lang;
}
}
require_once(DIR_WS_LANGUAGES . $dir . '/orders_auto_email.php');
require(DIR_FS_CATALOG . 'includes/classes/' . FILENAME_TRACKING_MODULE);
include(DIR_FS_CATALOG_LANGUAGES . $language . '/' . FILENAME_TRACKING_MODULE);
if (isset($_POST['partial'])){
$shipping_status = SHIPPING_STATUS_PARTIALLY_SHIPPED;
$email_comment = EMAIL_TEXT_PARTIALLY_SHIPPED;
$soon = EMAIL_TEXT_CONTACT_SOON;
} else {
$shipping_status = SHIPPING_STATUS_SHIPPED;
$email_comment = EMAIL_TEXT_SHIPPED;
$soon = '';
}
$tracking = new tracking_module();
$tracking->suffix = $shipping->suffix;
$tracking->tracking_id = $parcel_number;
$tracking->fill_comment();
$email_comment .= $tracking->shipping_name . ".\n" . EMAIL_TEXT_RECEPTION . $tracking->delay . "\n" . $soon . EMAIL_TEXT_THX;
if (!empty($comments)) {
$email_comment = $comments;
}
$email = sprintf(EMAIL_TEXT_ORDER_NUMBER . ' ' . $scrambled_order_num . "\n" .
EMAIL_TEXT_DATE_ORDERED . ' ' . email_date_long($order_info['date_purchased'], $order_lang) . "\n\n" .
$email_comment . "\n\n" .
$tracking->email_add_tracking() . "\n\n" .
EMAIL_TEXT_INVOICE_URL . ' ' . tep_catalog_href_link(FILENAME_CATALOG_ACCOUNT_HISTORY_INFO, $email_url_param . '=' . $scrambled_order_num, 'SSL', false) . "\n\n" ) . EMAIL_TEXT_REPLY_TO . "\n";
// send mail to aide for now
//$order_info['customers_email_address']
tep_mail($order_info['customers_name'], $order_info['customers_email_address'], EMAIL_TEXT_SUBJECT, $email, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
// start update
if ($quantity_left != 1) {
$shipping_status = SHIPPING_STATUS_READY_TO_SHIP;
}
$qry = "UPDATE orders
SET shipping_status = '" . $shipping_status . "',
picked = 0, is_partial = 0,
last_modified = NOW()
WHERE orders_id ='" . (int)$order_id . "'";
tep_db_query($qry);
$qry = "INSERT INTO " . TABLE_ORDERS_STATUS_HISTORY . "
(orders_id, shipping_status_id, billing_status_id, date_added, customer_notified, comments, tracking_id)
VALUES
('" . (int)$order_id . "', '" . (int)$shipping_status . "', '" . (int)$result['billing_status_id'] . "', now(), 1, '" . tep_db_input($email_comment) . "', '" . tep_db_input($parcel_number . "|" . $shipping->suffix) . "')";
tep_db_query($qry);
$qry = "INSERT INTO " . TABLE_BORDEREAU . "
(parcel_number, parcel_type, order_id, customers_name, customers_address, zipcode, city, country_code, weight)
VALUES
('" . tep_db_input($parcel_number) . "', '" . tep_db_input($label_type) . "', '" . tep_db_input($order_id) . "', '" . tep_db_input($addressee['lastName']) . "', '" . tep_db_input($addressee['line2']) . "', '" . tep_db_input($addressee['zipCode']) . "', '" . tep_db_input($addressee['city']) . "', '" . tep_db_input($addressee['countryCode']) . "', '" . tep_db_input($weight) . "')";
tep_db_query($qry);
// prep data to print
$_SESSION['tmp_label_filename'] = tempnam(sys_get_temp_dir(), 'zpl');
$handle = fopen($_SESSION['tmp_label_filename'], 'w');
fwrite($handle, $label->labelResponse->label);
fclose($handle);
if (isset($label->labelResponse->cn23)) {
$_SESSION['tmp_pdf_filename'] = tempnam(sys_get_temp_dir(), "pdf");
$handle = fopen($_SESSION['tmp_pdf_filename'], "w");
fwrite($handle,$label->labelResponse->cn23);
fclose($handle);
}
if ( $quantity_left > 1) {
$_SESSION['quantity_needed'] = $quantity_left;
tep_redirect(tep_href_link(FILENAME_SHIPPING_LABEL,'action=get_infos&print=true&order_id=' . $order_id));
} else {
tep_redirect(tep_href_link(FILENAME_SHIPPING_LABEL,'print=true&order_id=' . $order_id));
}
}
} else {
$messageStack->add_session(TEXT_ERROR_ALREADY_PROCESSED . '<a href="' . tep_href_link(FILENAME_ORDERS, 'oID=' . $order_id . '&action=edit') . '"> ' . randomise_order_num($order_id) . '</a>');
tep_redirect(tep_href_link(FILENAME_SHIPPING_LABEL));
}
}
?>
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN">
<html <?php echo HTML_PARAMS; ?>>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=<?php echo CHARSET; ?>">
<title><?php echo HEADING_TITLE; ?></title>
<link rel="stylesheet" type="text/css" href="includes/stylesheet.css">
<script language="javascript" src="includes/general.js" type="text/javascript"></script>
<script language="JavaScript" src="js/jquery-3.3.1.min.js" type="text/javascript"></script>
<?php
if (isset($_GET['action']) && $_GET['action'] == 'get_infos') {
?>
<script src="js/orders.js" type="text/javascript"></script>
<script type="text/javascript">
$(document).ready( function() {
<?php
if (isset($_GET['error_code'])) {
switch ($_GET['error_code']) {
case '30221':
echo '$(\'input[name="addressee\\[mobileNumber\\]"]\').focus();';
}
}
?>
$('input[name="addressee\\[firstName\\]"]').attr("id", "cbname");
$('input[name="addressee[pickupLocationId]"]').keyup(function(){
let val = $(this).val();
$.ajax({
type: "POST",
url: "shipping_label.php?action=relai_lookup&order_id=<?php echo $order_id; ?>",
data: {
"relai_id": val,
},
success: function(data) {
let obj = $.parseJSON(data);
$("input[name='addressee[line2]']").val(obj['entry_street_address']);
$("input[name='addressee[zipCode]']").val(obj['entry_postcode']);
$("input[name='addressee[city]']").val(obj['entry_city']);
if (obj['entry_street_address'].toLowerCase().indexOf('poste') >=0 ) {
$("select#label_type option[value='BPR']").prop('selected', true);
} else {
$("select#label_type option[value='A2P']").prop('selected', true);
}
}
})
})
});
</script>
<?php
}
if (isset($_GET['print']) && $_GET['print'] == 'true') {
?>
<script type="text/javascript">
window.open('print_shipping_label.php?label=<?php echo $_SESSION['tmp_label_filename']; ?>', '_blank');
<?php
if (isset($_SESSION['tmp_pdf_filename'])) {
?>
window.open('print_shipping_label.php?pdf=<?php echo $_SESSION['tmp_pdf_filename']; ?>', '_blank');
window.open('invoice.php?qty=3&oID=<?php echo $order_id; ?>', '_blank');
<?php
}
?>
</script>
<?php
}
if ($action === "get_infos"){
echo '<link href="includes/datepicker.css" rel="stylesheet" type=" text / css ">';
echo '<script type="text/javascript" src="includes/datepicker.js"></script>';
}
?>
</head>
<body bgcolor="#FFFFFF" >
<!-- header //-->
<?php require(DIR_WS_INCLUDES . 'header.php'); ?>
<!-- header_eof //-->
<!-- body //-->
<table border="0" width="100%" cellspacing="2" cellpadding="2">
<tr>
<td width="<?php echo BOX_WIDTH; ?>" valign="top"><table border="0" width="<?php echo BOX_WIDTH; ?>" cellspacing="1" cellpadding="1" class="columnLeft">
<!-- left_navigation //-->
<?php require(DIR_WS_INCLUDES . 'column_left.php'); ?>
<!-- left_navigation_eof //-->
</table></td>
<!-- body_text //-->
<td width="100%" valign="top"><table border="0" width="100%" cellspacing="0" cellpadding="2">
<tr>
<td class="pageHeading" colspan="2">
<?php echo HEADING_TITLE; ?>
</td>
</tr>
<tr>
<td>
<?php
function tep_generate_token() {
$token = sha1(mt_rand());
$_SESSION['token'] = array($token => 1);
print_r($_SESSION);
return $token;
}
switch ($action) {
case 'get_infos':
echo tep_draw_form('colis', 'shipping_label.php?action=get_label&order_id=' . $order_id, '', 'post');
print_r($_SESSION);
$token = tep_generate_token();
echo tep_draw_hidden_field('token', $token);
print_r($_SESSION);
?>
<table>
<tr>
<td>
<?php
?>
<label for="weight"><?php echo LABEL_WEIGHT; ?></label>
</td>
<td>
<?php
echo tep_draw_input_field('weight', '', 'id="weight" autofocus') . '<br>';
?>
</td>
</tr>
<tr>
<td>
<label for="partial"><?php echo LABEL_PARTIAL; ?></label>
</td>
<td>
<?php
echo tep_draw_checkbox_field('partial', '', $status['is_partial'], "partial") . '<br>';
?>
</td>
</tr>
<tr>
<td>
<label for="labels_qty"><?php echo LABEL_NEEDED; ?></label>
</td>
<td>
<?php
for ($i=1; $i < 9; $i++) {
$dropdown_values[] = array("id" => $i, "text" => $i);
}
$default_labels = $quantity_left - 1;
echo tep_draw_pull_down_menu('labels_qty', $dropdown_values, $default_labels, 'id="labels_qty"') . '<br>';
echo tep_draw_hidden_field('order_id', $order_id);
$date_format = 'class="dateformat-d-sl-m-sl-Y range-low-today" size="10"';
?>
</td>
</tr>
<tr>
<td>
<label for="deposit_date"><?php echo LABEL_DEPOSIT_DATE; ?></label>
</td>
<td>
<?php
echo tep_draw_input_field("deposit_date", $value = '', $parameters = $date_format) . '<br>';
?>
</td>
</tr>
<tr>
<td>
<label for="relai_id"><?php echo LABEL_RELAI_ID; ?></label>
</td>
<td>
<?php
$addressee = $shipping->get_addressee($order_id);
$relai_id = '';
$default_product = 'DOM';
$CN23_needed = false;
if (!empty($addressee['address']['pickupLocationId'])) {
preg_match("#.*(\d{6})\/.+#", $addressee['address']['pickupLocationId'], $matches);
$relai_id = $matches[1];
if (strpos(strtolower($addressee['address']['line2']), 'poste') == false) {
$default_product = 'A2P';
} else {
$default_product = 'BPR';
}
} else if ($addressee['address']['countryCode'] == 'FD') {
$CN23_needed = true;
$addressee['address']['countryCode'] = 'FR';
$default_product = 'COM';
}
unset($addressee['address']['pickupLocationId']);
echo tep_draw_input_field("addressee[pickupLocationId]", $relai_id) . '<br>';
foreach ($addressee['address'] as $field => $value) {
if ($field == 'orders_language') continue;
?>
<tr>
<td>
<label for="<?php echo $field ?>"><?php echo constant(LABEL_ . strtoupper($field)); ?></label>
</td>
<td>
<?php
echo tep_draw_input_field("addressee[" . $field . "]", $value, 'style="width: 300px"') . '<br>';
?>
</td>
</tr>
<?php
}
?>
<tr>
<td>
<label for="comment"><?php echo LABEL_COMMENT; ?></label>
</td>
<td>
<?php
$languages = tep_get_languages();
foreach ($languages as $lang) {
if ($lang['id'] == $addressee['address']['orders_language']) {
echo tep_draw_hidden_field('cblang', $lang['code'], 'id="cblang"');
$order_language = $lang['code'];
}
}
echo tep_draw_hidden_field('cbshipping', $module, 'id="cbshipping"');
echo tep_draw_hidden_field('cborder', $order_num, 'id="cborder"');
echo tep_draw_hidden_field('cbnotify', '', 'id="cbnotify" checked="checked"');
echo tep_draw_textarea_field('comments', 'virtual', '60', '5');
// TODO create a premier second ... array
if ($orders_language == 'en') {
$parcel_dropdown_options = array(array('id' => '1', 'text' => 'first'),
array('id' => '2', 'text' => 'second'),
array('id' => '3', 'text' => 'third'),
array('id' => '4', 'text' => 'fourth'),
array('id' => '5', 'text' => 'fith'));
} else {
$parcel_dropdown_options = array(array('id' => '1', 'text' => 'premier'),
array('id' => '2', 'text' => 'deuxième'),
array('id' => '3', 'text' => 'troisième'),
array('id' => '4', 'text' => 'quatrième'),
array('id' => '5', 'text' => 'cinquième'));
}
?>
<br>
<?php
echo tep_draw_pull_down_menu('parcel_number', $parcel_dropdown_options, '', 'id="parcel_number"');
?>
<input type="button" value="nd track nb" onclick="preloadnewshippingnumbercomment('Tatiana', true);">
</td>
</tr>
<tr>
<td>
<label for="delivery_comment"><?php echo LABEL_DELIVERY_COMMENT; ?></label>
</td>
<td>
<?php
$delivery_comment = '';
$qry = "SELECT comments
FROM orders_status_history
WHERE orders_id = '" . $order_id . "'
AND packing_slip = 1";
$query = tep_db_query($qry);
while ($rslt = tep_db_fetch_array($query)) {
$delivery_comment .= $rslt['comments'] . "\n";
}
echo tep_draw_textarea_field('addressee[delivery_comment]', 'virtual', '60', '5', $delivery_comment);
?>
</td>
</tr>
<?php
if ($shipping->need_CN23($addressee['address']['countryCode']) || $CN23_needed) {
$dropdown_none = array('id' => '', 'text' => TEXT_NONE);
$origin_country_array = array_merge(array($dropdown_none), tep_get_countries('', null, true));
$qry = "SELECT op.products_id, op.products_name AS description, op.products_quantity AS quantity, psl.weight AS weight, ROUND(op.products_price, 2) AS value, p.origin_country_id,
(SELECT REPLACE(ROUND(ot.value, 2), '.', '')
FROM orders_total AS ot
WHERE ot.orders_id = '" . tep_db_input($order_id) . "'
AND ot.class = 'ot_shipping') AS totalAmount
FROM orders_products AS op
LEFT JOIN products AS p
ON op.products_id = p.products_id
LEFT JOIN products_stock_location AS psl
ON p.products_id = psl.products_id
AND (psl.option_id IN (SELECT opa.products_options_values_id
FROM orders_products_attributes AS opa
WHERE opa.orders_id = '" . tep_db_input($order_id) . "'
AND op.orders_products_id = opa.orders_products_id)
OR psl.option_id IS NULL)
WHERE op.orders_id = '" . tep_db_input($order_id) . "'";
$query = tep_db_query($qry);
echo '<tr><td><label for="cn23_categories">' . TEXT_LABEL_CN23_CATEGORIES . '</td>';
$CN23_categories_array = $shipping->get_CN23_categories();
$CN23_product_families_array = $shipping->get_CN23_product_families();
echo '<td>' . tep_draw_pull_down_menu('CN23[category]', $CN23_categories_array, 3) . '</td></tr>';
echo '<tr><td colspan=2><table>';
echo '<tr>';
echo '<th>' . TABLE_HEADING_DESCRIPTION . '</th>';
echo '<th>' . TABLE_HEADING_QUANTITY . '</th>';
echo '<th id="weight_title">' . TABLE_HEADING_WEIGHT . '</th>';
echo '<th>' . TABLE_HEADING_VALUE . '</th>';
echo '<th>' . TABLE_HEADING_FAMILY . '</th>';
echo '<th>' . TABLE_HEADING_ORIGIN_COUNTRY . '</th>';
echo '</tr>';
while ($result = tep_db_fetch_array($query)) {
echo tep_draw_hidden_field('CN23[totalAmount]', $result['totalAmount']);
echo '<tr>';
echo '<td>' . tep_draw_input_field('CN23[' . $result['products_id'] . '][description]', $result['description']) . '</td>';
echo '<td>' . tep_draw_input_field('CN23[' . $result['products_id'] . '][quantity]', $result['quantity']) . '</td>';
echo '<td>' . tep_draw_input_field('CN23[' . $result['products_id'] . '][weight]', $result['weight'], 'class="js_weight"') . '</td>';
echo '<td>' . tep_draw_input_field('CN23[' . $result['products_id'] . '][value]', $result['value']) . '</td>';
echo '<td>' . tep_draw_pull_down_menu('CN23[' . $result['products_id'] . '][hsCode]', $CN23_product_families_array) . '</td>';
echo '<td>' . tep_draw_pull_down_menu('CN23[' . $result['products_id'] . '][originCountry]', $origin_country_array, $result['origin_country_id']) . '</td>';
echo '</tr>';
}
echo '</table></td></tr>';
}
?>
<tr>
<td>
<?php
echo '<a href="' . tep_href_link(FILENAME_SHIPPING_LABEL) . '">' . tep_css_button(BUTTON_BACK, false) . '</a>';
echo tep_css_button(BUTTON_SUBMIT, true);
break;
case 'get_label':
// echo '<div class="hidden">' . $label . '</div>';
// }
break;
default:
echo tep_draw_form('colis', 'shipping_label.php?action=get_infos', '', 'post');
?>
<label for="order_num"><?php echo LABEL_ORDER; ?></label>
<?php
echo tep_draw_input_field('order_num', '', 'id="order_num" autofocus');
echo tep_css_button(BUTTON_SUBMIT, true);
break;
}
?>