From b10fad081d02b1f0acf8a560a6cfe4ffed96bb54 Mon Sep 17 00:00:00 2001 From: Kentaro Ohkouchi Date: Mon, 16 Dec 2024 17:19:39 +0900 Subject: [PATCH 1/7] =?UTF-8?q?=E5=AD=98=E5=9C=A8=E3=81=97=E3=81=AA?= =?UTF-8?q?=E3=81=84=E3=83=86=E3=83=BC=E3=83=96=E3=83=AB=E3=82=92=E5=89=8A?= =?UTF-8?q?=E9=99=A4?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- html/install/sql/drop_table.sql | 3 --- 1 file changed, 3 deletions(-) diff --git a/html/install/sql/drop_table.sql b/html/install/sql/drop_table.sql index 8d8166a684..0a0c8b795d 100644 --- a/html/install/sql/drop_table.sql +++ b/html/install/sql/drop_table.sql @@ -20,7 +20,6 @@ DROP TABLE dtb_recommend_products; DROP TABLE dtb_review; DROP TABLE dtb_category_count; DROP TABLE dtb_category_total_count; -DROP TABLE dtb_customer_reading; DROP TABLE mtb_customer_status; DROP TABLE dtb_news; DROP TABLE dtb_best_products; @@ -70,8 +69,6 @@ DROP TABLE mtb_disp; DROP TABLE mtb_disable_logout; DROP TABLE mtb_delivery_date; DROP TABLE mtb_db; -DROP TABLE mtb_convenience; -DROP TABLE mtb_conveni_message; DROP TABLE mtb_constants; DROP TABLE mtb_authority; DROP TABLE mtb_allowed_tag; From 222e64b841d7eaf927e6129d1d8b337c23358144 Mon Sep 17 00:00:00 2001 From: Kentaro Ohkouchi Date: Mon, 16 Dec 2024 17:20:27 +0900 Subject: [PATCH 2/7] =?UTF-8?q?MySQL8=20=E5=88=A9=E7=94=A8=E6=99=82?= =?UTF-8?q?=E3=81=AB=E6=97=A2=E5=AD=98=E3=83=86=E3=83=BC=E3=83=96=E3=83=AB?= =?UTF-8?q?=E3=81=AE=E5=89=8A=E9=99=A4=E3=81=8C=E3=81=A7=E3=81=8D=E3=81=AA?= =?UTF-8?q?=E3=81=84=E3=81=AE=E3=82=92=E4=BF=AE=E6=AD=A3?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- html/install/index.php | 6 +++++- html/install/templates/install_frame.tpl | 6 ------ 2 files changed, 5 insertions(+), 7 deletions(-) diff --git a/html/install/index.php b/html/install/index.php index 609034fd53..353e645bcb 100644 --- a/html/install/index.php +++ b/html/install/index.php @@ -867,7 +867,11 @@ function lfExecuteSQL($filepath, $arrDsn, $disp_err = true) $dbFactory = SC_DB_DBFactory_Ex::getInstance($arrDsn['phptype']); $val = $dbFactory->sfChangeReservedWords($val); } - $ret = $objDB->query($val); + try { + $ret = $objDB->query($val); + } catch (Exception $e) { + $ret = new MDB2_Error(); + } if (PEAR::isError($ret) && $disp_err) { $arrErr['all'] = '>> ' . $ret->message . '
'; // エラー文を取得する diff --git a/html/install/templates/install_frame.tpl b/html/install/templates/install_frame.tpl index 0e79287b1f..f5e99a6fb4 100644 --- a/html/install/templates/install_frame.tpl +++ b/html/install/templates/install_frame.tpl @@ -26,12 +26,6 @@ - - - - ', $default_pattern], - ['test', $default_pattern], - ['test', $default_pattern], - ['test', $default_pattern], - ['', $default_pattern], - ['', $default_pattern], - ['', $default_pattern], - ['\"onclick=\"alert(1)\"', $default_pattern], - ['

test

', $default_pattern], - ['

test

', $default_pattern], - ['

test

', $default_pattern], - ['', '//'], // HTMLPurifier によって完全に削除される - ['', $default_pattern], - ['', $default_pattern], - ['', $default_pattern], - ['
', $default_pattern], - ['
javascript:test()
', $default_pattern], - ['', $default_pattern], - ['', $default_pattern], - ['', $default_pattern], - ['
', $default_pattern], - ['', $default_pattern], - ['', $default_pattern], - ['', $default_pattern], - ['', '//'], // HTMLPurifier によって完全に削除される - ['
', $default_pattern], + [''], + ['test'], + ['test'], + ['test'], + [''], + [''], + [''], + ['\"onclick=\"alert(1)\"'], + ['

test

'], + ['

test

'], + ['

test

'], + [''], + [''], + [''], + [''], + ['
'], + ['
javascript:test()
'], + [''], + [''], + [''], + [''], + [''], + [''], + [''], + [''], + ['
'], ]; } public function scriptNoEscapeProvider() { return [ - ['

test

', '

test

'], - ['', ''], // 許可タグではないのでHTMLPurifier によって完全に削除される - ['

onclick

', '

onclick

'], - ['
test
', '
test
'], - ['', 'onclick="alert(1)";'], // 許可タグではないのでHTMLPurifierによって textarea タグが削除される - ['

onclick="\ntest();"

', '

onclick="\ntest();"

'], - ['test

'], + [''], + ['

onclick

'], + ['
test
'], + [''], + ['

onclick="\ntest();"

'], + ['assertMatchesRegularExpression($pattern, $ret); } /** * @dataProvider scriptNoEscapeProvider */ - public function testメールテンプレートエスケープされない($value, $actual) + public function testメールテンプレートエスケープされない($value) { $ret = smarty_modifier_script_escape($value); $pattern = '/#script escaped#/'; $this->assertDoesNotMatchRegularExpression($pattern, $ret); - $this->assertSame($ret, $actual); } } From a534fd6786d63fca139b094d1ee95be648b72a4c Mon Sep 17 00:00:00 2001 From: Kentaro Ohkouchi Date: Wed, 25 Dec 2024 14:47:22 +0900 Subject: [PATCH 6/7] Fix warning --- data/class/helper/SC_Helper_DB.php | 11 +++++----- data/class/helper/SC_Helper_Delivery.php | 5 ++++- data/class/helper/SC_Helper_FileManager.php | 2 +- .../pages/admin/basis/LC_Page_Admin_Basis.php | 6 +++--- .../basis/LC_Page_Admin_Basis_ZipInstall.php | 2 +- ...LC_Page_Admin_Contents_RecommendSearch.php | 2 +- .../admin/design/LC_Page_Admin_Design.php | 2 +- .../admin/mail/LC_Page_Admin_Mail_History.php | 2 +- .../admin/order/LC_Page_Admin_Order_Disp.php | 16 +++++++-------- .../admin/order/LC_Page_Admin_Order_Edit.php | 4 ++-- .../admin/order/LC_Page_Admin_Order_Mail.php | 2 +- .../order/LC_Page_Admin_Order_MailView.php | 2 +- .../admin/order/LC_Page_Admin_Order_Pdf.php | 2 +- .../LC_Page_Admin_Products_Product.php | 20 +++++++++---------- .../LC_Page_Admin_Products_UploadCSV.php | 2 +- ..._Page_Admin_Products_UploadCSVCategory.php | 2 +- .../mypage/LC_Page_Mypage_DeliveryAddr.php | 4 ++-- .../SC_Helper_Purchase_getShippingsTest.php | 2 +- ...per_Purchase_registerOrderCompleteTest.php | 2 +- .../SC_Utils/SC_Utils_sfArrKeyValueTest.php | 2 +- 20 files changed, 47 insertions(+), 45 deletions(-) diff --git a/data/class/helper/SC_Helper_DB.php b/data/class/helper/SC_Helper_DB.php index 21ef6390ba..4eaf355a23 100644 --- a/data/class/helper/SC_Helper_DB.php +++ b/data/class/helper/SC_Helper_DB.php @@ -337,12 +337,11 @@ public function sfGetRootId() public static function sfGetRollbackPoint($order_id, $use_point, $add_point, $order_status) { $objQuery = SC_Query_Ex::getSingletonInstance(); - $arrRet = $objQuery->select('customer_id', 'dtb_order', 'order_id = ?', [$order_id]); - $customer_id = $arrRet[0]['customer_id']; - if ($customer_id != '' && $customer_id >= 1) { - $arrRet = $objQuery->select('point', 'dtb_customer', 'customer_id = ?', [$customer_id]); - $point = $arrRet[0]['point']; - $rollback_point = $arrRet[0]['point']; + $arrRet = $objQuery->getRow('customer_id', 'dtb_order', 'order_id = ?', [$order_id]); + if (isset($arrRet['customer_id']) && $arrRet['customer_id'] >= 1) { + $arrRet = $objQuery->getRow('point', 'dtb_customer', 'customer_id = ?', [$arrRet['customer_id']]); + $point = $arrRet['point']; + $rollback_point = $arrRet['point']; // 対応状況がポイント利用対象の場合、使用ポイント分を戻す if (SC_Helper_Purchase_Ex::isUsePoint($order_status)) { diff --git a/data/class/helper/SC_Helper_Delivery.php b/data/class/helper/SC_Helper_Delivery.php index 358f0cffe9..6483bbe9f2 100644 --- a/data/class/helper/SC_Helper_Delivery.php +++ b/data/class/helper/SC_Helper_Delivery.php @@ -262,7 +262,10 @@ public function rankDown($deliv_id) public function checkExist($arrDeliv) { $objDb = new SC_Helper_DB_Ex(); - if ($arrDeliv['deliv_id'] == '') { + if (!isset($arrDeliv['deliv_id'])) { + if (!isset($arrDeliv['service_name'])) { + return false; + } $ret = $objDb->sfIsRecord('dtb_deliv', 'service_name', [$arrDeliv['service_name']]); } else { $objQuery = SC_Query_Ex::getSingletonInstance(); diff --git a/data/class/helper/SC_Helper_FileManager.php b/data/class/helper/SC_Helper_FileManager.php index 0dce690169..47fade5484 100644 --- a/data/class/helper/SC_Helper_FileManager.php +++ b/data/class/helper/SC_Helper_FileManager.php @@ -154,7 +154,7 @@ public function sfGetFileTree($dir, $tree_status) $arrTree[$cnt]['rank'] = 0; $arrTree[$cnt]['count'] = $cnt; // 初期表示はオープン - if ($_POST['mode'] != '') { + if (isset($_POST['mode'])) { $arrTree[$cnt]['open'] = $this->lfIsFileOpen($dir, $tree_status); } else { $arrTree[$cnt]['open'] = true; diff --git a/data/class/pages/admin/basis/LC_Page_Admin_Basis.php b/data/class/pages/admin/basis/LC_Page_Admin_Basis.php index 476042405b..c6f0572d1f 100644 --- a/data/class/pages/admin/basis/LC_Page_Admin_Basis.php +++ b/data/class/pages/admin/basis/LC_Page_Admin_Basis.php @@ -178,10 +178,10 @@ public function lfInitParam(&$objFormParam, $post) $objFormParam->addParam('取扱商品', 'good_traded', LLTEXT_LEN, '', ['MAX_LENGTH_CHECK']); $objFormParam->addParam('メッセージ', 'message', LLTEXT_LEN, '', ['MAX_LENGTH_CHECK']); - if (!isset($post['downloadable_days_unlimited']) && $post['downloadable_days_unlimited'] != '1') { - $objFormParam->addParam('ダウンロード可能日数', 'downloadable_days', DOWNLOAD_DAYS_LEN, 'n', ['EXIST_CHECK', 'ZERO_CHECK', 'NUM_CHECK', 'MAX_LENGTH_CHECK']); - } else { + if (isset($post['downloadable_days_unlimited']) && $post['downloadable_days_unlimited'] == '1') { $objFormParam->addParam('ダウンロード無制限', 'downloadable_days_unlimited', ['EXIST_CHECK']); + } else { + $objFormParam->addParam('ダウンロード可能日数', 'downloadable_days', DOWNLOAD_DAYS_LEN, 'n', ['EXIST_CHECK', 'ZERO_CHECK', 'NUM_CHECK', 'MAX_LENGTH_CHECK']); } $objFormParam->addParam('緯度', 'latitude', STEXT_LEN, '', ['MAX_LENGTH_CHECK', 'NUM_POINT_CHECK']); $objFormParam->addParam('軽度', 'longitude', STEXT_LEN, '', ['MAX_LENGTH_CHECK', 'NUM_POINT_CHECK']); diff --git a/data/class/pages/admin/basis/LC_Page_Admin_Basis_ZipInstall.php b/data/class/pages/admin/basis/LC_Page_Admin_Basis_ZipInstall.php index c8852cfc1c..573c115eb9 100644 --- a/data/class/pages/admin/basis/LC_Page_Admin_Basis_ZipInstall.php +++ b/data/class/pages/admin/basis/LC_Page_Admin_Basis_ZipInstall.php @@ -76,7 +76,7 @@ public function init() $this->tpl_mainno = 'basis'; $this->tpl_mode = $this->getMode(); - $this->exec = (bool) $_GET['exec']; + $this->exec = (bool) ($_GET['exec'] ?? 0); $this->zip_csv_temp_realfile = DATA_REALDIR.'downloads/tmp/ken_all.zip'; } diff --git a/data/class/pages/admin/contents/LC_Page_Admin_Contents_RecommendSearch.php b/data/class/pages/admin/contents/LC_Page_Admin_Contents_RecommendSearch.php index 2b22c93adc..ef6748f875 100644 --- a/data/class/pages/admin/contents/LC_Page_Admin_Contents_RecommendSearch.php +++ b/data/class/pages/admin/contents/LC_Page_Admin_Contents_RecommendSearch.php @@ -71,7 +71,7 @@ public function action() $objFormParam->setParam($_POST); $objFormParam->convParam(); - $rank = (int) $_GET['rank']; + $rank = (int) ($_GET['rank'] ?? 0); switch ($this->getMode()) { case 'search': diff --git a/data/class/pages/admin/design/LC_Page_Admin_Design.php b/data/class/pages/admin/design/LC_Page_Admin_Design.php index a35f29c6de..38bee5246e 100644 --- a/data/class/pages/admin/design/LC_Page_Admin_Design.php +++ b/data/class/pages/admin/design/LC_Page_Admin_Design.php @@ -71,7 +71,7 @@ public function action() { $objLayout = new SC_Helper_PageLayout_Ex(); $objFormParam = new SC_FormParam_Ex(); - $this->lfInitParam($objFormParam, (int) $_REQUEST['bloc_cnt']); + $this->lfInitParam($objFormParam, (int) ($_REQUEST['bloc_cnt'] ?? 0)); $objFormParam->setParam($_REQUEST); $this->device_type_id = $objFormParam->getValue('device_type_id', DEVICE_TYPE_PC); diff --git a/data/class/pages/admin/mail/LC_Page_Admin_Mail_History.php b/data/class/pages/admin/mail/LC_Page_Admin_Mail_History.php index b1c926d4eb..9d2d2138aa 100644 --- a/data/class/pages/admin/mail/LC_Page_Admin_Mail_History.php +++ b/data/class/pages/admin/mail/LC_Page_Admin_Mail_History.php @@ -80,7 +80,7 @@ public function action() break; } - list($this->tpl_linemax, $this->arrDataList, $this->arrPagenavi) = $this->lfDoSearch($_POST['search_pageno']); + list($this->tpl_linemax, $this->arrDataList, $this->arrPagenavi) = $this->lfDoSearch($_POST['search_pageno'] ?? 1); } /** diff --git a/data/class/pages/admin/order/LC_Page_Admin_Order_Disp.php b/data/class/pages/admin/order/LC_Page_Admin_Order_Disp.php index 7928e54792..6b1d066bdf 100644 --- a/data/class/pages/admin/order/LC_Page_Admin_Order_Disp.php +++ b/data/class/pages/admin/order/LC_Page_Admin_Order_Disp.php @@ -321,26 +321,26 @@ public function setOrderToFormParam(&$objFormParam, $order_id) $arrOrder = $objPurchase->getOrder($order_id); // 生年月日の処理 - if (!SC_Utils_Ex::isBlank($arrOrder['order_birth'])) { - $order_birth = substr($arrOrder['order_birth'], 0, 10); - $arrOrderBirth = explode('-', $order_birth); - $arrOrder['order_birth_year'] = (int) $arrOrderBirth[0]; - $arrOrder['order_birth_month'] = (int) $arrOrderBirth[1]; - $arrOrder['order_birth_day'] = (int) $arrOrderBirth[2]; + if (isset($arrOrder['order_birth'])) { + $orderBirth = new DateTimeImmutable($arrOrder['order_birth']); + $arrOrder['order_birth_year'] = (int) $orderBirth->format('Y'); + $arrOrder['order_birth_month'] = (int) $orderBirth->format('n'); + $arrOrder['order_birth_day'] = (int) $orderBirth->format('j'); } $objFormParam->setParam($arrOrder); // ポイントを設定 list($db_point, $rollback_point) = SC_Helper_DB_Ex::sfGetRollbackPoint( - $order_id, $arrOrder['use_point'], $arrOrder['add_point'], $arrOrder['status'] + $order_id, + $arrOrder['use_point'] ?? 0, $arrOrder['add_point'] ?? 0, $arrOrder['status'] ?? null ); $objFormParam->setValue('total_point', $db_point); $objFormParam->setValue('point', $rollback_point); if (!SC_Utils_Ex::isBlank($objFormParam->getValue('customer_id'))) { $arrCustomer = SC_Helper_Customer_Ex::sfGetCustomerDataFromId($objFormParam->getValue('customer_id')); - $objFormParam->setValue('customer_point', $arrCustomer['point']); + $objFormParam->setValue('customer_point', $arrCustomer['point'] ?? 0); } } } diff --git a/data/class/pages/admin/order/LC_Page_Admin_Order_Edit.php b/data/class/pages/admin/order/LC_Page_Admin_Order_Edit.php index fd4da9ac63..525428e494 100644 --- a/data/class/pages/admin/order/LC_Page_Admin_Order_Edit.php +++ b/data/class/pages/admin/order/LC_Page_Admin_Order_Edit.php @@ -184,10 +184,10 @@ public function action() if (!SC_Utils_Ex::isBlank($objFormParam->getValue('customer_id'))) { $customer_id = $objFormParam->getValue('customer_id'); $arrCustomer = SC_Helper_Customer_Ex::sfGetCustomerDataFromId($customer_id); - $objFormParam->setValue('customer_point', $arrCustomer['point']); + $objFormParam->setValue('customer_point', $arrCustomer['point'] ?? 0); // 新規受注登録で、ポイント利用できるように現在ポイントを設定 - $objFormParam->setValue('point', $arrCustomer['point']); + $objFormParam->setValue('point', $arrCustomer['point'] ?? 0); } } diff --git a/data/class/pages/admin/order/LC_Page_Admin_Order_Mail.php b/data/class/pages/admin/order/LC_Page_Admin_Order_Mail.php index 4b974e5837..379de99afc 100644 --- a/data/class/pages/admin/order/LC_Page_Admin_Order_Mail.php +++ b/data/class/pages/admin/order/LC_Page_Admin_Order_Mail.php @@ -81,7 +81,7 @@ public function action() if (array_key_exists('mail_order_id', $post) && $post['mode'] == 'mail_select') { $post['order_id_array'] = implode(',', $post['mail_order_id']); } elseif (!array_key_exists('order_id_array', $post)) { - $post['order_id_array'] = $post['order_id']; + $post['order_id_array'] = $post['order_id'] ?? null; } // 一括送信処理変数チェック(ここですべきかは課題) diff --git a/data/class/pages/admin/order/LC_Page_Admin_Order_MailView.php b/data/class/pages/admin/order/LC_Page_Admin_Order_MailView.php index aa1bccc39f..55af20f3d7 100644 --- a/data/class/pages/admin/order/LC_Page_Admin_Order_MailView.php +++ b/data/class/pages/admin/order/LC_Page_Admin_Order_MailView.php @@ -61,7 +61,7 @@ public function process() */ public function action() { - $send_id = $_GET['send_id']; + $send_id = $_GET['send_id'] ?? null; if (SC_Utils_Ex::sfIsInt($send_id)) { $mailHistory = $this->getMailHistory($send_id); $this->tpl_subject = $mailHistory[0]['subject']; diff --git a/data/class/pages/admin/order/LC_Page_Admin_Order_Pdf.php b/data/class/pages/admin/order/LC_Page_Admin_Order_Pdf.php index c9184af353..06e712c89e 100644 --- a/data/class/pages/admin/order/LC_Page_Admin_Order_Pdf.php +++ b/data/class/pages/admin/order/LC_Page_Admin_Order_Pdf.php @@ -108,7 +108,7 @@ public function action() } break; default: - $this->arrForm = $this->createFromValues($_GET['order_id'], $_POST['pdf_order_id']); + $this->arrForm = $this->createFromValues($_GET['order_id'] ?? null, $_POST['pdf_order_id'] ?? null); break; } $this->setTemplate($this->tpl_mainpage); diff --git a/data/class/pages/admin/products/LC_Page_Admin_Products_Product.php b/data/class/pages/admin/products/LC_Page_Admin_Products_Product.php index f1c3e17208..8d633b05b7 100644 --- a/data/class/pages/admin/products/LC_Page_Admin_Products_Product.php +++ b/data/class/pages/admin/products/LC_Page_Admin_Products_Product.php @@ -610,10 +610,10 @@ public function lfSetViewParam_InputPage(&$objUpFile, &$objDownFile, &$arrForm) $arrForm['category_id'] = SC_Utils_Ex::jsonDecode($arrForm['category_id']); } $this->tpl_json_category_id = !empty($arrForm['category_id']) ? SC_Utils_Ex::jsonEncode($arrForm['category_id']) : SC_Utils_Ex::jsonEncode([]); - if ($arrForm['status'] == '') { + if (!isset($arrForm['status']) || $arrForm['status'] == '') { $arrForm['status'] = DEFAULT_PRODUCT_DISP; } - if ($arrForm['product_type_id'] == '') { + if (!isset($arrForm['product_type_id']) || $arrForm['product_type_id'] == '') { $arrForm['product_type_id'] = DEFAULT_PRODUCT_DOWN; } if (OPTION_PRODUCT_TAX_RULE) { @@ -1381,14 +1381,14 @@ public function hasSubProductData($arrSubProductData) for ($i = 1; $i <= PRODUCTSUB_MAX; $i++) { if ( - SC_Utils_Ex::isBlank($arrSubProductData['sub_title'.$i]) == false - || SC_Utils_Ex::isBlank($arrSubProductData['sub_comment'.$i]) == false - || SC_Utils_Ex::isBlank($arrSubProductData['sub_image'.$i]) == false - || SC_Utils_Ex::isBlank($arrSubProductData['sub_large_image'.$i]) == false - || SC_Utils_Ex::isBlank($arrSubProductData['temp_sub_image'.$i]) == false - || SC_Utils_Ex::isBlank($arrSubProductData['temp_sub_large_image'.$i]) == false - || $arrSubProductData['image_key'] == 'sub_image'.$i - || $arrSubProductData['image_key'] == 'sub_large_image'.$i + isset($arrSubProductData['sub_title'.$i]) && SC_Utils_Ex::isBlank($arrSubProductData['sub_title'.$i]) == false + || isset($arrSubProductData['sub_comment'.$i]) && SC_Utils_Ex::isBlank($arrSubProductData['sub_comment'.$i]) == false + || isset($arrSubProductData['sub_image'.$i]) && SC_Utils_Ex::isBlank($arrSubProductData['sub_image'.$i]) == false + || isset($arrSubProductData['sub_large_image'.$i]) && SC_Utils_Ex::isBlank($arrSubProductData['sub_large_image'.$i]) == false + || isset($arrSubProductData['temp_sub_image'.$i]) && SC_Utils_Ex::isBlank($arrSubProductData['temp_sub_image'.$i]) == false + || isset($arrSubProductData['temp_sub_large_image'.$i]) && SC_Utils_Ex::isBlank($arrSubProductData['temp_sub_large_image'.$i]) == false + || isset($arrSubProductData['image_key']) && $arrSubProductData['image_key'] == 'sub_image'.$i + || isset($arrSubProductData['image_key']) && $arrSubProductData['image_key'] == 'sub_large_image'.$i ) { $has_subproduct_data = true; break; diff --git a/data/class/pages/admin/products/LC_Page_Admin_Products_UploadCSV.php b/data/class/pages/admin/products/LC_Page_Admin_Products_UploadCSV.php index 20d424dd46..6d154816b2 100644 --- a/data/class/pages/admin/products/LC_Page_Admin_Products_UploadCSV.php +++ b/data/class/pages/admin/products/LC_Page_Admin_Products_UploadCSV.php @@ -355,7 +355,7 @@ public function lfInitParam(&$objFormParam, &$arrCSVFrame) defined($item['size_const_type']) ? constant($item['size_const_type']) : $item['size_const_type'], $item['mb_convert_kana_option'], $arrErrorCheckTypes, - $item['default'], + $item['default'] ?? null, $item['rw_flg'] != CSV_COLUMN_RW_FLG_READ_ONLY ); } diff --git a/data/class/pages/admin/products/LC_Page_Admin_Products_UploadCSVCategory.php b/data/class/pages/admin/products/LC_Page_Admin_Products_UploadCSVCategory.php index 716062134f..d68e012992 100644 --- a/data/class/pages/admin/products/LC_Page_Admin_Products_UploadCSVCategory.php +++ b/data/class/pages/admin/products/LC_Page_Admin_Products_UploadCSVCategory.php @@ -314,7 +314,7 @@ public function lfInitParam(SC_FormParam &$objFormParam, &$arrCSVFrame) defined($item['size_const_type']) ? constant($item['size_const_type']) : $item['size_const_type'], $item['mb_convert_kana_option'], $arrErrorCheckTypes, - $item['default'], + $item['default'] ?? null, $item['rw_flg'] != CSV_COLUMN_RW_FLG_READ_ONLY ); } diff --git a/data/class/pages/mypage/LC_Page_Mypage_DeliveryAddr.php b/data/class/pages/mypage/LC_Page_Mypage_DeliveryAddr.php index 24a7a3dc6f..cb9a0096ad 100644 --- a/data/class/pages/mypage/LC_Page_Mypage_DeliveryAddr.php +++ b/data/class/pages/mypage/LC_Page_Mypage_DeliveryAddr.php @@ -106,7 +106,7 @@ public function action() } // other_deliv_id のあるなしで追加か編集か判定しているらしい - $_SESSION['other_deliv_id'] = $_REQUEST['other_deliv_id']; + $_SESSION['other_deliv_id'] = $_REQUEST['other_deliv_id'] ?? ''; // パラメーター管理クラス,パラメーター情報の初期化 $objFormParam = new SC_FormParam_Ex(); @@ -143,7 +143,7 @@ public function action() // 複数配送先用 break; default: - if ($_GET['other_deliv_id'] != '') { + if (isset($_GET['other_deliv_id']) && $_GET['other_deliv_id'] != '') { $arrOtherDeliv = $objAddress->getAddress($_SESSION['other_deliv_id'], $objCustomer->getValue('customer_id')); // 不正アクセス判定 diff --git a/tests/class/helper/SC_Helper_Purchase/SC_Helper_Purchase_getShippingsTest.php b/tests/class/helper/SC_Helper_Purchase/SC_Helper_Purchase_getShippingsTest.php index 7261d688d0..193f8e7f95 100644 --- a/tests/class/helper/SC_Helper_Purchase/SC_Helper_Purchase_getShippingsTest.php +++ b/tests/class/helper/SC_Helper_Purchase/SC_Helper_Purchase_getShippingsTest.php @@ -108,7 +108,7 @@ public function testGetShippings商品取得フラグをOFFにした場合結果 $this->actual['first'] = Test_Utils::mapArray($result[0], [ 'order_id', 'shipping_id', 'shipping_name01', 'shipping_date', ]); - $this->actual['shipment_item_count'] = is_array($result['1']['shipment_item']) ? count($result['1']['shipment_item']) : 0; + $this->actual['shipment_item_count'] = isset($result['1']) && is_array($result['1']['shipment_item']) ? count($result['1']['shipment_item']) : 0; $this->verify('配送情報'); } diff --git a/tests/class/helper/SC_Helper_Purchase/SC_Helper_Purchase_registerOrderCompleteTest.php b/tests/class/helper/SC_Helper_Purchase/SC_Helper_Purchase_registerOrderCompleteTest.php index 412860357f..a6cd058dff 100644 --- a/tests/class/helper/SC_Helper_Purchase/SC_Helper_Purchase_registerOrderCompleteTest.php +++ b/tests/class/helper/SC_Helper_Purchase/SC_Helper_Purchase_registerOrderCompleteTest.php @@ -143,7 +143,7 @@ public static function registerOrder($order_id, $params) $_SESSION['testResult']['registerOrder'] = [ 'order_id' => $order_id, 'status' => $params['status'], - 'mailmaga_flg' => $params['mailmaga_flg'], + 'mailmaga_flg' => $params['mailmaga_flg'] ?? 0, ]; } diff --git a/tests/class/util/SC_Utils/SC_Utils_sfArrKeyValueTest.php b/tests/class/util/SC_Utils/SC_Utils_sfArrKeyValueTest.php index fbcde121a7..8c2227e93e 100644 --- a/tests/class/util/SC_Utils/SC_Utils_sfArrKeyValueTest.php +++ b/tests/class/util/SC_Utils/SC_Utils_sfArrKeyValueTest.php @@ -79,7 +79,7 @@ public function testSfArrKeyValue最大長が指定されていない場合全 '3033' => '2003', '4044' => '2004', ]; - $this->actual = SC_Utils::sfArrKeyValue($this->arrList, $this->keyname, $this->valuename, $len_max); + $this->actual = SC_Utils::sfArrKeyValue($this->arrList, $this->keyname, $this->valuename); $this->verify(); } From 84d0402a1bf4413d64ddedec8dff0ae4de5a11d4 Mon Sep 17 00:00:00 2001 From: Kentaro Ohkouchi Date: Wed, 25 Dec 2024 15:02:33 +0900 Subject: [PATCH 7/7] Check empty string --- data/class/helper/SC_Helper_Customer.php | 4 ++-- data/class/helper/SC_Helper_Purchase.php | 15 ++++++++------- 2 files changed, 10 insertions(+), 9 deletions(-) diff --git a/data/class/helper/SC_Helper_Customer.php b/data/class/helper/SC_Helper_Customer.php index a6b8da7592..2295046796 100644 --- a/data/class/helper/SC_Helper_Customer.php +++ b/data/class/helper/SC_Helper_Customer.php @@ -61,7 +61,7 @@ public static function sfEditCustomerData($arrData, $customer_id = null) } $is_password_updated = false; // -- パスワードの更新がある場合は暗号化 - if (!isset($arrData['password']) || $arrData['password'] == DEFAULT_PASSWORD) { + if (!isset($arrData['password']) || $arrData['password'] == '' || $arrData['password'] == DEFAULT_PASSWORD) { // 更新しない unset($arrData['password']); } else { @@ -75,7 +75,7 @@ public static function sfEditCustomerData($arrData, $customer_id = null) $arrData['password'] = SC_Utils_Ex::sfGetHashString($arrData['password'], $salt); } // -- 秘密の質問の更新がある場合は暗号化 - if (!isset($arrData['reminder_answer']) || $arrData['reminder_answer'] == DEFAULT_PASSWORD) { + if (!isset($arrData['reminder_answer']) || $arrData['reminder_answer'] == '' || $arrData['reminder_answer'] == DEFAULT_PASSWORD) { // 更新しない unset($arrData['reminder_answer']); diff --git a/data/class/helper/SC_Helper_Purchase.php b/data/class/helper/SC_Helper_Purchase.php index 1f3e6d66da..a3ca132f92 100644 --- a/data/class/helper/SC_Helper_Purchase.php +++ b/data/class/helper/SC_Helper_Purchase.php @@ -754,6 +754,7 @@ public static function registerShipping($order_id, $arrParams, $convert_shipping // 配送日付を timestamp に変換 if ( isset($arrValues['shipping_date']) + && $arrValues['shipping_date'] != '' && $convert_shipping_date ) { $d = mb_strcut($arrValues['shipping_date'], 0, 10); @@ -810,27 +811,27 @@ public static function registerShipmentItem($order_id, $shipping_id, $arrParams) $objProduct = new SC_Product_Ex(); foreach ($arrParams as $arrValues) { - if (!isset($arrValues['product_class_id'])) { + if (!isset($arrValues['product_class_id']) || $arrValues['product_class_id'] == '') { continue; } $d = $objProduct->getDetailAndProductsClass($arrValues['product_class_id']); - $name = !isset($arrValues['product_name']) + $name = !isset($arrValues['product_name']) || $arrValues['product_name'] == '' ? $d['name'] : $arrValues['product_name']; - $code = !isset($arrValues['product_code']) + $code = !isset($arrValues['product_code']) || $arrValues['product_code'] == '' ? $d['product_code'] : $arrValues['product_code']; - $cname1 = !isset($arrValues['classcategory_name1']) + $cname1 = !isset($arrValues['classcategory_name1']) || $arrValues['classcategory_name1'] == '' ? $d['classcategory_name1'] : $arrValues['classcategory_name1']; - $cname2 = !isset($arrValues['classcategory_name2']) + $cname2 = !isset($arrValues['classcategory_name2']) || $arrValues['classcategory_name2'] == '' ? $d['classcategory_name2'] : $arrValues['classcategory_name2']; - $price = !isset($arrValues['price']) + $price = !isset($arrValues['price']) || $arrValues['price'] == '' ? ($d['price'] ?? null) : $arrValues['price']; @@ -879,7 +880,7 @@ public function registerOrderComplete($orderParams, &$objCartSession, $cartKey) } // 対応状況の指定が無い場合は新規受付 - if (!isset($orderParams['status'])) { + if (!isset($orderParams['status']) || $orderParams['status'] == '') { $orderParams['status'] = ORDER_NEW; }