diff --git a/app/appfront/modules/Catalog/controllers/FavoriteproductController.php b/app/appfront/modules/Catalog/controllers/FavoriteproductController.php index ccebd0a8d..47708ba15 100644 --- a/app/appfront/modules/Catalog/controllers/FavoriteproductController.php +++ b/app/appfront/modules/Catalog/controllers/FavoriteproductController.php @@ -17,6 +17,7 @@ */ class FavoriteproductController extends AppfrontController { + public $enableCsrfValidation = true; // 增加收藏 public function actionAdd() { diff --git a/app/appfront/modules/Catalog/controllers/ReviewproductController.php b/app/appfront/modules/Catalog/controllers/ReviewproductController.php index 518f0ccb5..cc0d1f802 100644 --- a/app/appfront/modules/Catalog/controllers/ReviewproductController.php +++ b/app/appfront/modules/Catalog/controllers/ReviewproductController.php @@ -18,6 +18,8 @@ */ class ReviewproductController extends AppfrontController { + public $enableCsrfValidation = true; + public function init() { parent::init(); @@ -37,14 +39,14 @@ public function actionAdd() return Yii::$service->url->redirectByUrlKey('customer/account/login'); } $editForm = Yii::$app->request->post('editForm'); - $editForm = \Yii::$service->helper->htmlEncode($editForm); + $editForm = Yii::$service->helper->htmlEncode($editForm); if (!empty($editForm) && is_array($editForm)) { $saveStatus = $this->getBlock()->saveReview($editForm); if ($saveStatus) { $spu = Yii::$app->request->get('spu'); $_id = Yii::$app->request->get('_id'); - $spu = \Yii::$service->helper->htmlEncode($spu); - $_id = \Yii::$service->helper->htmlEncode($_id); + $spu = Yii::$service->helper->htmlEncode($spu); + $_id = Yii::$service->helper->htmlEncode($_id); if ($spu && $_id) { $url = Yii::$service->url->getUrl('catalog/reviewproduct/lists', ['spu' => $spu, '_id'=>$_id]); return $this->redirect($url); @@ -52,7 +54,6 @@ public function actionAdd() } } } - //echo 1;exit; $data = $this->getBlock()->getLastData($editForm); return $this->render($this->action->id, $data);