Security fix for customer information and fixed issue #762
This commit is contained in:
parent
8af43eb5cc
commit
1d372621ce
|
|
@ -70,7 +70,7 @@ class AddressController extends Controller
|
|||
public function store()
|
||||
{
|
||||
request()->merge(['address1' => implode(PHP_EOL, array_filter(request()->input('address1')))]);
|
||||
|
||||
|
||||
$data = collect(request()->input())->except('_token')->toArray();
|
||||
|
||||
$this->validate(request(), [
|
||||
|
|
@ -107,9 +107,15 @@ class AddressController extends Controller
|
|||
*/
|
||||
public function edit($id)
|
||||
{
|
||||
$address = $this->address->find($id);
|
||||
$addresses = $this->customer->addresses;
|
||||
|
||||
return view($this->_config['view'], compact('address'));
|
||||
foreach($addresses as $address) {
|
||||
if($id == $address->id) {
|
||||
return view($this->_config['view'], compact('address'));
|
||||
}
|
||||
}
|
||||
|
||||
return redirect()->route('customer.address.index');
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
@ -133,9 +139,19 @@ class AddressController extends Controller
|
|||
|
||||
$data = collect(request()->input())->except('_token')->toArray();
|
||||
|
||||
$this->address->update($data, $id);
|
||||
$addresses = $this->customer->addresses;
|
||||
|
||||
session()->flash('success', trans('shop::app.customer.account.address.edit.success'));
|
||||
foreach($addresses as $address) {
|
||||
if($id == $address->id) {
|
||||
session()->flash('success', trans('shop::app.customer.account.address.edit.success'));
|
||||
|
||||
$this->address->update($data, $id);
|
||||
|
||||
return redirect()->route('customer.address.index');
|
||||
}
|
||||
}
|
||||
|
||||
session()->flash('success', trans('shop::app.security-warning'));
|
||||
|
||||
return redirect()->route('customer.address.index');
|
||||
}
|
||||
|
|
@ -169,10 +185,16 @@ class AddressController extends Controller
|
|||
*/
|
||||
public function destroy($id)
|
||||
{
|
||||
$this->address->delete($id);
|
||||
if (request()->is('customer/*') || request()->is('admin/*')) {
|
||||
$this->address->delete($id);
|
||||
|
||||
session()->flash('success', trans('shop::app.customer.account.address.delete.success'));
|
||||
session()->flash('success', trans('shop::app.customer.account.address.delete.success'));
|
||||
|
||||
return redirect()->back();
|
||||
return redirect()->back();
|
||||
} else {
|
||||
session()->flash('warning', trans('shop::app.security-warning'));
|
||||
|
||||
return redirect()->route('customer.address.index');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -34,6 +34,7 @@ class OrderDataGrid extends DataGrid
|
|||
'type' => 'number',
|
||||
'searchable' => false,
|
||||
'sortable' => true,
|
||||
'filterable' => true
|
||||
]);
|
||||
|
||||
$this->addColumn([
|
||||
|
|
@ -42,6 +43,7 @@ class OrderDataGrid extends DataGrid
|
|||
'type' => 'datetime',
|
||||
'searchable' => true,
|
||||
'sortable' => true,
|
||||
'filterable' => true
|
||||
]);
|
||||
|
||||
$this->addColumn([
|
||||
|
|
@ -50,6 +52,7 @@ class OrderDataGrid extends DataGrid
|
|||
'type' => 'price',
|
||||
'searchable' => true,
|
||||
'sortable' => true,
|
||||
'filterable' => true
|
||||
]);
|
||||
|
||||
$this->addColumn([
|
||||
|
|
@ -74,7 +77,8 @@ class OrderDataGrid extends DataGrid
|
|||
return '<span class="badge badge-md badge-warning">Pending Payment</span>';
|
||||
else if ($value->status == "fraud")
|
||||
return '<span class="badge badge-md badge-danger">Fraud</span>';
|
||||
}
|
||||
},
|
||||
'filterable' => true
|
||||
]);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,8 @@
|
|||
<?php
|
||||
|
||||
return [
|
||||
'security-warning' => 'Suspicious Activity Found!!!',
|
||||
|
||||
'layouts' => [
|
||||
'my-account' => 'My Account',
|
||||
'profile' => 'Profile',
|
||||
|
|
|
|||
Loading…
Reference in New Issue