因为ecshop模板执行PHP,可以挂马,所以官方在新版本中加入了禁止模板中执行PHP。近期改了很多模板,发现这些模板开发商把禁止执行PHP给屏蔽了,很不安全,模板书写也很混乱,在给客户定制过程中,多变PHP服务中心经过改造,已经完美实现了模板与PHP分离。
我们都真的,ecshop首页楼层商品是通过assign_cat_goods函数和cat_goods.lbi来控制首页楼层展示的。特别贴出我们重写过的assign_cat_goods函数,供大家参考。
/**
* 获得指定分类下的商品
*
* @access public
* @param integer $cat_id 分类ID
* @param integer $num 数量
* @param string $from 来自web/wap的调用
* @param string $order_rule 指定商品排序规则
* @return array
*/
function assign_cat_goods($cat_id, $num = 0, $from = 'web', $order_rule = '')
{
$children = get_children($cat_id);
$sql = 'SELECT g.goods_id, g.goods_name, g.market_price, g.shop_price AS org_price, ' .
"IFNULL(mp.user_price, g.shop_price * '$_SESSION[discount]') AS shop_price, ".
'g.promote_price, promote_start_date, promote_end_date, g.goods_brief, g.goods_thumb, g.goods_img ' .
"FROM " . $GLOBALS['ecs']->table('goods') . ' AS g '.
"LEFT JOIN " . $GLOBALS['ecs']->table('member_price') . " AS mp ".
"ON mp.goods_id = g.goods_id AND mp.user_rank = '$_SESSION[user_rank]' ".
'WHERE g.is_on_sale = 1 AND g.is_alone_sale = 1 AND '.
'g.is_delete = 0 AND (' . $children . 'OR ' . get_extension_goods($children) . ') ';
$order_rule = empty($order_rule) ? 'ORDER BY g.sort_order, g.goods_id DESC' : $order_rule;
$sql .= $order_rule;
if ($num > 0)
{
$sql .= ' LIMIT ' . $num;
}
$res = $GLOBALS['db']->getAll($sql);
$goods = array();
foreach ($res AS $idx => $row)
{
if ($row['promote_price'] > 0)
{
$promote_price = bargain_price($row['promote_price'], $row['promote_start_date'], $row['promote_end_date']);
$goods[$idx]['promote_price'] = $promote_price > 0 ? price_format($promote_price) : '';
}
else
{
$goods[$idx]['promote_price'] = '';
}
$goods[$idx]['id'] = $row['goods_id'];
$goods[$idx]['name'] = $row['goods_name'];
$goods[$idx]['brief'] = $row['goods_brief'];
$goods[$idx]['market_price'] = price_format($row['market_price']);
$goods[$idx]['short_name'] = $GLOBALS['_CFG']['goods_name_length'] > 0 ? sub_str($row['goods_name'], $GLOBALS['_CFG']['goods_name_length']) : $row['goods_name'];
$goods[$idx]['shop_price'] = price_format($row['shop_price']);
$goods[$idx]['thumb'] = get_image_path($row['goods_id'], $row['goods_thumb'], true);
$goods[$idx]['goods_img'] = get_image_path($row['goods_id'], $row['goods_img']);
$goods[$idx]['url'] = build_uri('goods', array('gid' => $row['goods_id']), $row['goods_name']);
}
if ($from == 'web')
{
$GLOBALS['smarty']->assign('cat_goods_' . $cat_id, $goods);
}
elseif ($from == 'wap')
{
$cat['goods'] = $goods;
}
/* 分类信息 */
$sql = 'SELECT cat_name, cat_desc FROM ' . $GLOBALS['ecs']->table('category') . " WHERE cat_id = $cat_id";
$cat = $GLOBALS['db']->getRow($sql);
$cat['cat_name'] = $cat['cat_name'];
$cat['cat_desc'] = $cat['cat_desc'];
$cat['sort_order'] = $GLOBALS['db']->getOne("SELECT sort_order FROM " . $GLOBALS['ecs']->table('template') . " WHERE filename = 'index' AND type = 1 AND remarks ='' AND id = $cat_id "); // 解决楼层序号问题
$cat['url'] = build_uri('category', array('cid' => $cat_id), $cat['name']);
$cat['cat_clild'] = cat_list($cat_id, 0 , false); // 获取子分类
// 获取分类下品牌
$sql = "SELECT b.brand_id, b.brand_name, brand_logo , COUNT(*) AS goods_num ".
"FROM " . $GLOBALS['ecs']->table('brand') . "AS b, ".
$GLOBALS['ecs']->table('goods') . " AS g LEFT JOIN ". $GLOBALS['ecs']->table('goods_cat') . " AS gc ON g.goods_id = gc.goods_id " .
"WHERE g.brand_id = b.brand_id AND ($children OR " . 'gc.cat_id ' . db_create_in(array_unique(array_merge(array($cat_id), array_keys(cat_list($cat_id, 0, false))))) . ") AND b.is_show = 1 " .
" AND g.is_on_sale = 1 AND g.is_alone_sale = 1 AND g.is_delete = 0 ".
"GROUP BY b.brand_id HAVING goods_num > 0 ORDER BY b.sort_order, b.brand_id ASC LIMIT 3";
$brands = $GLOBALS['db']->getAll($sql);
foreach ($brands AS $key => $val)
{
$brands[$key]['brand_name'] = $val['brand_name'];
$brands[$key]['brand_url'] = build_uri('brand', array('bid' => $val['brand_id']), $val['brand_name']);
$brands[$key]['logo'] = 'data/brandlogo/'.$val['brand_logo'];
}
$cat['brands'] = $brands;
return $cat;
}
要显示楼层序号,请务必在后台模板设置设置上序号即可。
模板直接接受数据即可。
最终效果
本文地址:https://www.phpicu.com/article.php?id=65