shop v2.7.3SQLע©

⴦©ܹҪĹ magic_quotes_gpc = Off ֱӿ ļ flow.php PHP 1234567891011 elseif ( $_REQUEST [ 'step' ] == 'update_cart' ) { if ( isset ( $_POST [ 'goods_number' ] ) is_array ( $_POST [ 'goods_number' ] ) )



⴦©ܹҪĹ
 magic_quotes_gpc = Off
 
ֱӿ
 
ļ flow.php
 
 PHP 
 
 
elseif ($_REQUEST['step'] == 'update_cart')
 {
     if (isset($_POST['goods_number']) && is_array($_POST['goods_number'])) //˴ûй
     {
         flow_update_cart($_POST['goods_number']);
     }
  
     show_message($_LANG['update_cart_notice'], $_LANG['back_to_cart'], 'flow.php');
     exit;
  
 
ٿflow_update_cart
 
 PHP 
 
 
function flow_update_cart($arr)
 {
     /*  */
     foreach ($arr AS $key => $val)
     {
         $val = intval(make_semiangle($val));
         if ($val <= 0 && !is_numeric($key)) //طҸоĳԱʱðɣоǰ || д && .//www.hake.cc
         {
             continue;
         }
  
         //ѯ
         $sql = "SELECT `goods_id`, `goods_attr_id`, `product_id`, `extension_code` FROM" .$GLOBALS['ecs']->table('cart').
                " WHERE rec_id='$key' AND session_id='" . SESS_ID . "'";
         $goods = $GLOBALS['db']->getRow($sql);
  
         $sql = "SELECT g.goods_name, g.goods_number ".
                 "FROM " .$GLOBALS['ecs']->table('goods'). " AS g, ".
                     $GLOBALS['ecs']->table('cart'). " AS c ".
                 "WHERE g.goods_id = c.goods_id AND c.rec_id = '$key'";
         $row = $GLOBALS['db']->getRow($sql);
  
         //ѯϵͳ˿棬ƷǷЧ
         if (intval($GLOBALS['_CFG']['use_storage']) > 0 && $goods['extension_code'] != 'package_buy')
         {
             if ($row['goods_number'] < $val)
             {
                 show_message(sprintf($GLOBALS['_LANG']['stock_insufficiency'], $row['goods_name'],
                 $row['goods_number'], $row['goods_number']));
                 exit;
             }
             /* ǻƷ */
             $goods['product_id'] = trim($goods['product_id']);