Fixes
This commit is contained in:
parent
e3186701d7
commit
532248c01b
@ -39,7 +39,7 @@ server {
|
||||
add_header Access-Control-Expose-Headers Access-Control-Allow-Origin always;
|
||||
add_header Referrer-Policy "strict-origin" always;
|
||||
add_header X-Content-Type-Options nosniff always;
|
||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||
#add_header X-Frame-Options "SAMEORIGIN" always;
|
||||
add_header X-XSS-Protection "1; mode=block" always;
|
||||
add_header Content-Security-Policy "default-src https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'; worker-src blob:; img-src https: blob: data:" always;
|
||||
fastcgi_temp_path /tmp/fastcgi 1 2;
|
||||
|
||||
@ -1,2 +1,3 @@
|
||||
; overriding defaults
|
||||
ession.cookie_secure=On
|
||||
session.cookie_secure=On
|
||||
session.cookie_samesite=Lax
|
||||
|
||||
@ -7,4 +7,6 @@ class MediaItem
|
||||
public string $name;
|
||||
|
||||
public string $description;
|
||||
|
||||
public string $media;
|
||||
}
|
||||
|
||||
@ -119,7 +119,7 @@ class Bootstrap extends Zend_Application_Bootstrap_Bootstrap
|
||||
if (isset($_POST['ARTID'])) {
|
||||
Zend_Registry::get('log')->debug($_POST['ARTID']);
|
||||
try {
|
||||
Zend_Session::setId($_POST['ARTID']);
|
||||
//Zend_Session::setId($_POST['ARTID']);
|
||||
} catch (Exception $e) {
|
||||
Zend_Registry::get('log')->debug($e->getMessage());
|
||||
}
|
||||
|
||||
@ -24,34 +24,31 @@ $filesOptions =$this->article['basketarticle']->getFiles();
|
||||
<?php else: ?>
|
||||
<strong><?php echo $this->layouter()->getTitle($this->article['basketarticle']->getLayouterId()); ?></strong><br />
|
||||
<?php endif; ?>
|
||||
|
||||
<?php if(($this->article['options'])): ?>
|
||||
<ul>
|
||||
<?php foreach ($this->article['options'] as $key => $option): ?>
|
||||
<?php
|
||||
|
||||
if(stripos($option, 'Auflage') === 0) {
|
||||
$count = str_replace('Auflage: ', '', $option);
|
||||
}else{
|
||||
?>
|
||||
<li><?php echo $option ?></li>
|
||||
<?php } ?>
|
||||
<?php endforeach; ?>
|
||||
|
||||
<ul id="options_<?= $basketArticle['uuid'] ?>">
|
||||
<li>Lade Optionen</li>
|
||||
</ul>
|
||||
<script>
|
||||
$(function () {
|
||||
|
||||
loadDetails($("#options_<?= $basketArticle['uuid'] ?>"), '<?= json_encode(['test' => false, 'product' => $basketArticle['uuid'], 'values' => $this->article['basketarticle']->getOptions()]) ?>');
|
||||
|
||||
})
|
||||
|
||||
</script>
|
||||
<ul>
|
||||
<?php foreach ($filesOptions as $key => $option): ?>
|
||||
<li><b><a href="/uploads/<?php echo $this->shop->uid ?>/article/<?php echo $option['value'] ?>" target="_blank"><?php echo $option['name'] ?></a></b></li>
|
||||
<?php endforeach; ?>
|
||||
</ul>
|
||||
<?php endif; ?>
|
||||
<?php if($this->shop->basketposfield1 != ""): ?><?php echo $this->shop->basketposfield1 ?>
|
||||
<?php if($this->shop->basketposfield1 != "" && !$this->finish): ?><?php echo $this->shop->basketposfield1 ?>
|
||||
<form enctype="multipart/form-data" method="post">
|
||||
<div><input type="text" class="span3" style="margin-bottom: 0;" name="ref_<?php echo $this->article['uuid'] ?>" value="<?php echo $this->article['basketarticle']->getRef(); ?>"/>
|
||||
<input type="submit" class="btn vouchersubmit" style="" value="<?php echo $this->translate('übernehmen')?>"/></div>
|
||||
</form>
|
||||
<?php endif; ?>
|
||||
<?php if($this->shop->basketposfield2 != ""): ?><?php echo $this->shop->basketposfield2 ?>
|
||||
<?php if($this->shop->basketposfield2 != "" && !$this->finish): ?><?php echo $this->shop->basketposfield2 ?>
|
||||
<form enctype="multipart/form-data" method="post">
|
||||
<div><input type="text" class="span3" style="margin-bottom: 0;" name="kst_<?php echo $this->article['uuid'] ?>" value="<?php echo $this->article['basketarticle']->getKst(); ?>"/>
|
||||
<input type="submit" class="btn vouchersubmit" style="" value="<?php echo $this->translate('übernehmen')?>"/></div>
|
||||
|
||||
@ -1,3 +1,7 @@
|
||||
<?php
|
||||
$this->headScript()->prependFile('/scripts/underscore.js');
|
||||
$this->headScript()->prependFile('/' . $this->designPath . '/basket/index.js');
|
||||
?>
|
||||
<style>
|
||||
ul.breadcrumb {
|
||||
display: none;
|
||||
@ -122,56 +126,9 @@
|
||||
|
||||
|
||||
<div class="clearfix"></div>
|
||||
<?php foreach ($this->basket_articles_complete as $barticle) : ?>
|
||||
<div class="col-lg-12 <?php echo $this->cycle(array("even", "odd"))->next() ?>">
|
||||
<div class="col-sm-4">
|
||||
|
||||
<?php if (($barticle['article']['a6_org_article'] == 0 || $barticle['article']['a6_org_article'] == "") && ($barticle['basketarticle']->getLayouterId() == "" || $barticle['basketarticle']->getLayouterId() == false)) : ?>
|
||||
<?php echo $this->image()->thumbnailImage($barticle['article']['title'], 'articlelist', $barticle['article']['file']); ?>
|
||||
<?php else : ?>
|
||||
<?php $articleObj = new market_article(); ?>
|
||||
<?= $articleObj->generatePreview($barticle['article']['id'], $barticle['basketarticle']->getLayouterId(), 'articlelist'); ?>
|
||||
<?php endif; ?>
|
||||
|
||||
</div>
|
||||
<div class="col-sm-4"><strong>Anzahl: <?php echo $barticle['basketarticle']->getAuflage() ?></strong><br /><br />
|
||||
<?php if (($barticle['basketarticle']->getLayouterId() == "" || $barticle['basketarticle']->getLayouterId() == false)) : ?>
|
||||
<?php echo $barticle['article']['title'] ?>
|
||||
<?php else : ?>
|
||||
<?php echo $this->layouter()->getTitle($barticle['basketarticle']->getLayouterId()); ?>
|
||||
<?php endif; ?>
|
||||
|
||||
|
||||
<?php if (($barticle['options'])) : ?>
|
||||
<ul>
|
||||
<?php foreach ($barticle['options'] as $key => $option) : ?>
|
||||
<?php
|
||||
|
||||
if (stripos($option, 'Auflage') === 0) {
|
||||
$count = str_replace('Auflage: ', '', $option);
|
||||
} else {
|
||||
?>
|
||||
<li><?php echo $option ?>, </li>
|
||||
<?php } ?>
|
||||
<?php endforeach; ?>
|
||||
|
||||
</ul>
|
||||
<?php endif; ?>
|
||||
|
||||
</div>
|
||||
<div class="col-sm-4">
|
||||
<?php if(!$this->designsettings()->get('display_no_price')) { ?><label class="mobilelabel">Preis: <small><?php if ($this->withTax) : ?>
|
||||
<label style="font-weight:100;"><?php echo $this->currency->toCurrency($barticle['basketarticle']->getNetto() * $barticle['basketarticle']->getCount()) ?></label><label style="font-size:14px; font-weight:100;width: 45px;"><?php echo $this->translate('(Netto)')?></label><br /><?php echo $this->currency->toCurrency($barticle['basketarticle']->getBrutto() * $barticle['basketarticle']->getCount()) ?> <label style="font-size:14px; font-weight:100;"><?php echo $this->translate('(Brutto inkl. '.$barticle['article']['mwert'].'% MwSt.)') ?></label>
|
||||
<?php else : ?>
|
||||
<label class="nomobilehead" style="display: block;width: 100%;text-align: right;font-weight:100;"><?php echo $this->currency->toCurrency($barticle['basketarticle']->getNetto() * $barticle['basketarticle']->getCount()) ?><label style="font-size:14px; font-weight:100;width: 45px;"><?php echo $this->translate('(Netto)')?></label><br /><?php echo $this->currency->toCurrency($barticle['basketarticle']->getBrutto() * $barticle['basketarticle']->getCount()) ?> <label style="font-size:14px; font-weight:100;"><?php echo $this->translate('(Brutto inkl. '.$barticle['article']['mwert'].'% MwSt.)') ?></label>
|
||||
<?php endif; ?></small></label>
|
||||
<label class="nomobilehead" style="display: block;width: 100%;text-align: right;"><?php if ($this->withTax) : ?>
|
||||
<label style="font-weight:100;"><?php echo $this->currency->toCurrency($barticle['basketarticle']->getNetto() * $barticle['basketarticle']->getCount()) ?></label><label style="font-size:14px; font-weight:100;width: 45px;"><?php echo $this->translate('(Netto)')?></label><br /><?php echo $this->currency->toCurrency($barticle['basketarticle']->getBrutto() * $barticle['basketarticle']->getCount()) ?> <label style="font-size:14px; font-weight:100;"><?php echo $this->translate('(Brutto inkl. '.$barticle['article']['mwert'].'% MwSt.)') ?></label>
|
||||
<?php else : ?>
|
||||
<label class="nomobilehead" style="display: block;width: 100%;text-align: right;font-weight:100;"><?php echo $this->currency->toCurrency($barticle['basketarticle']->getNetto() * $barticle['basketarticle']->getCount()) ?><label style="font-size:14px; font-weight:100;width: 45px;"><?php echo $this->translate('(Netto)')?></label><br /><?php echo $this->currency->toCurrency($barticle['basketarticle']->getBrutto() * $barticle['basketarticle']->getCount()) ?> <label style="font-size:14px; font-weight:100;"><?php echo $this->translate('(Brutto inkl. '.$barticle['article']['mwert'].'% MwSt.)') ?></label>
|
||||
<?php endif; ?></label><?php } ?>
|
||||
</div>
|
||||
<div class="clearfix"></div>
|
||||
<?php foreach ($this->basket_articles_complete as $article) : ?>
|
||||
<div class="col-lg-12 <?php echo $this->cycle(array("odd", "even"))->next() ?>">
|
||||
<?php echo $this->partial($article['article']->typ . '_basket_index.phtml', array('article' => $article, 'currency' => $this->currency, 'shop' => $this->shop, 'finish' => true)) ?>
|
||||
</div>
|
||||
<?php endforeach; ?>
|
||||
</div>
|
||||
|
||||
@ -1,4 +1,8 @@
|
||||
<style>
|
||||
<?php
|
||||
$this->headScript()->prependFile('/scripts/underscore.js');
|
||||
$this->headScript()->prependFile('/' . $this->designPath . '/basket/index.js');
|
||||
?>
|
||||
<style>
|
||||
ul.breadcrumb {
|
||||
display: none;
|
||||
}
|
||||
@ -45,7 +49,7 @@
|
||||
<div class="basketborder">
|
||||
<?php foreach ($this->articles as $article) : ?>
|
||||
<div class="col-lg-12 <?php echo $this->cycle(array("odd", "even"))->next() ?>">
|
||||
<?php echo $this->partial($article['article']->typ . '_basket_index.phtml', array('article' => $article, 'currency' => $this->currency, 'shop' => $this->shop)) ?>
|
||||
<?php echo $this->partial($article['article']->typ . '_basket_index.phtml', array('article' => $article, 'currency' => $this->currency, 'shop' => $this->shop, 'finish' => false)) ?>
|
||||
</div>
|
||||
<?php endforeach; ?>
|
||||
</div>
|
||||
@ -264,7 +268,7 @@
|
||||
</div>
|
||||
</div>
|
||||
<div class="control-group clearfix">
|
||||
<?php if((isset($_POST["gutscheincode"]) AND $_POST["gutscheincode"] != "") AND $this->gutscheincode == "") { ?>
|
||||
<?php if((isset($_POST["gutscheincode"]) and $_POST["gutscheincode"] != "") and $this->gutscheincode == "") { ?>
|
||||
<strong class="danger">Gutscheincode ungültig</strong>
|
||||
<?php } ?>
|
||||
<div class="controls pull-right">
|
||||
|
||||
@ -3696,13 +3696,14 @@ class UserController extends TP_Controller_Action
|
||||
public function xmlloginAction() {
|
||||
|
||||
if ($this->_request->getParam('contact', false)) {
|
||||
if('nsWXSoLmx8TNEjdE8fbn' != $this->_request->getParam('apikey')) {
|
||||
$vars = explode("-", $this->_request->getParam('contact',false));
|
||||
if('nsWXSoLmx8TNEjdE8fbn' != $vars[1]) {
|
||||
die("Not allowed");
|
||||
}
|
||||
|
||||
$_authAdapter = new TP_Plugin_AuthAdapter (); // put this in a constructor?
|
||||
$_authAdapter->setApiLogin(true);
|
||||
$_authAdapter->setIdentity($this->_getParam('contact', false));
|
||||
$_authAdapter->setIdentity($vars[0]);
|
||||
$result = Zend_Auth::getInstance()->authenticate($_authAdapter);
|
||||
|
||||
if ($result->isValid()) {
|
||||
@ -3716,23 +3717,26 @@ class UserController extends TP_Controller_Action
|
||||
if ($this->_request->isPost()) {
|
||||
$formData = $this->_request->getPost();
|
||||
$xml = simplexml_load_string(file_get_contents("php://input"));
|
||||
$basepath = 'http://' . $_SERVER["SERVER_NAME"];
|
||||
$basepath = 'https://' . $_SERVER["SERVER_NAME"];
|
||||
|
||||
if ((isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on')) {
|
||||
$basepath = 'https://' . $_SERVER["SERVER_NAME"];
|
||||
}
|
||||
|
||||
$contact = Doctrine_Query::create()->from('Contact as c')->where('c.self_email = ? AND c.enable = 1 AND c.install_id = ?', array((string)$xml->Request->PunchOutSetupRequest->Extrinsic[1], $this->install->id))->fetchOne();
|
||||
$contact = Doctrine_Query::create()->from('Contact as c')->where('c.self_email = ? AND c.enable = 1', array((string)$xml->Request->PunchOutSetupRequest->Extrinsic[1]))->fetchOne();
|
||||
|
||||
$payloadId = $xml['payloadID'];
|
||||
$timestamp = $xml['timestamp'];
|
||||
|
||||
if($contact) {
|
||||
echo '<?xml version="1.0"?>' .
|
||||
'<!DOCTYPE cXML SYSTEM "http://xml.cxml.org/schemas/cXML/1.1.007/cXML.dtd">' .
|
||||
'<cXML xml:lang="en" payloadID="7213656@Supplier.com" timestamp="2002-01-01T08:46:00-07:00">' .
|
||||
'<!DOCTYPE cXML SYSTEM "http://xml.cxml.org/schemas/cXML/1.2.014/cXML.dtd">' .
|
||||
'<cXML xml:lang="de" payloadID="'.$payloadId.'" timestamp="'.$timestamp.'">' .
|
||||
'<Response>' .
|
||||
'<Status code="200" text="success"/>' .
|
||||
'<PunchOutSetupResponse>' .
|
||||
'<StartPage>' .
|
||||
'<URL>'.$basepath.'/user/xmllogin?contact='.$contact->id.'&apikey=nsWXSoLmx8TNEjdE8fbn</URL>' .
|
||||
'<URL>'.$basepath.'/user/xmllogin?contact='.$contact->id.'-nsWXSoLmx8TNEjdE8fbn</URL>' .
|
||||
'</StartPage>' .
|
||||
'</PunchOutSetupResponse>' .
|
||||
'</Response>' .
|
||||
|
||||
@ -225,11 +225,9 @@ class Zend_Session extends Zend_Session_Abstract
|
||||
if (!self::$_sessionStarted) {
|
||||
ini_set("session.$userOptionName", $userOptionValue);
|
||||
}
|
||||
}
|
||||
elseif (isset(self::$_localOptions[$userOptionName])) {
|
||||
} elseif (isset(self::$_localOptions[$userOptionName])) {
|
||||
self::${self::$_localOptions[$userOptionName]} = $userOptionValue;
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
/** @see Zend_Session_Exception */
|
||||
require_once 'Zend/Session/Exception.php';
|
||||
throw new Zend_Session_Exception("Unknown option: $userOptionName = $userOptionValue");
|
||||
@ -547,9 +545,12 @@ class Zend_Session extends Zend_Session_Abstract
|
||||
}
|
||||
$pattern = '';
|
||||
switch ($hashBitsPerChar) {
|
||||
case 4: $pattern = '^[0-9a-f]*$'; break;
|
||||
case 5: $pattern = '^[0-9a-v]*$'; break;
|
||||
case 6: $pattern = '^[0-9a-zA-Z-,]*$'; break;
|
||||
case 4: $pattern = '^[0-9a-f]*$';
|
||||
break;
|
||||
case 5: $pattern = '^[0-9a-v]*$';
|
||||
break;
|
||||
case 6: $pattern = '^[0-9a-zA-Z-,]*$';
|
||||
break;
|
||||
}
|
||||
return preg_match('#'.$pattern.'#', $id);
|
||||
}
|
||||
@ -823,7 +824,7 @@ class Zend_Session extends Zend_Session_Abstract
|
||||
require_once 'Zend/Loader.php';
|
||||
Zend_Loader::loadClass($validator_name);
|
||||
}
|
||||
$validator = new $validator_name;
|
||||
$validator = new $validator_name();
|
||||
if ($validator->validate() === false) {
|
||||
/** @see Zend_Session_Validator_Exception */
|
||||
require_once 'Zend/Session/Validator/Exception.php';
|
||||
|
||||
@ -0,0 +1,19 @@
|
||||
|
||||
function loadDetails(optionsList, data) {
|
||||
$.ajax({
|
||||
url: "/apps/api/plugin/system/psc/xmlcalc/price",
|
||||
contentType: "application/json",
|
||||
dataType: 'json',
|
||||
method: 'post',
|
||||
data: data,
|
||||
success: function(result){
|
||||
optionsList.html('');
|
||||
$(result.elements).each(function(i, elm) {
|
||||
if(elm.valid && elm.htmlType != 'hidden' && elm.htmlType != 'text') {
|
||||
optionsList.append('<li>' + elm.name + ": " + elm.value + '</li>');
|
||||
}
|
||||
})
|
||||
}
|
||||
});
|
||||
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user