summaryrefslogtreecommitdiffstats
path: root/system/libraries/Cart.php
diff options
context:
space:
mode:
Diffstat (limited to 'system/libraries/Cart.php')
-rw-r--r--system/libraries/Cart.php28
1 files changed, 23 insertions, 5 deletions
diff --git a/system/libraries/Cart.php b/system/libraries/Cart.php
index a0e1bb91e..13485a3ee 100644
--- a/system/libraries/Cart.php
+++ b/system/libraries/Cart.php
@@ -41,6 +41,7 @@ class CI_Cart {
// These are the regular expression rules that we use to validate the product ID and product name
var $product_id_rules = '\.a-z0-9_-'; // alpha-numeric, dashes, underscores, or periods
var $product_name_rules = '\.\:\-_ a-z0-9'; // alpha-numeric, dashes, underscores, colons or periods
+ var $product_name_safe = true; // only allow safe product names
// Private variables. Do not change!
var $CI;
@@ -195,10 +196,13 @@ class CI_Cart {
// Validate the product name. It can only be alpha-numeric, dashes, underscores, colons or periods.
// Note: These can be user-specified by setting the $this->product_name_rules variable.
- if ( ! preg_match("/^[".$this->product_name_rules."]+$/i", $items['name']))
+ if($this->product_name_safe)
{
- log_message('error', 'An invalid name was submitted as the product name: '.$items['name'].' The name can only contain alpha-numeric characters, dashes, underscores, colons, and spaces');
- return FALSE;
+ if ( ! preg_match("/^[".$this->product_name_rules."]+$/i", $items['name']))
+ {
+ log_message('error', 'An invalid name was submitted as the product name: '.$items['name'].' The name can only contain alpha-numeric characters, dashes, underscores, colons, and spaces');
+ return FALSE;
+ }
}
// --------------------------------------------------------------------
@@ -242,7 +246,18 @@ class CI_Cart {
// --------------------------------------------------------------------
// Now that we have our unique "row ID", we'll add our cart items to the master array
-
+ // grab quantity if it's already there and add it on
+ if(isset($this->_cart_contents[$rowid]['qty']))
+ {
+ // set our old quantity
+ $old_quantity = (int)$this->_cart_contents[$rowid]['qty'];
+ }
+ else
+ {
+ // we have no old quantity but - we don't want to throw an error
+ $old_quantity = 0;
+ }
+
// let's unset this first, just to make sure our index contains only the data from this submission
unset($this->_cart_contents[$rowid]);
@@ -254,7 +269,10 @@ class CI_Cart {
{
$this->_cart_contents[$rowid][$key] = $val;
}
-
+
+ // add old quantity back in
+ $this->_cart_contents[$rowid]['qty'] = ($this->_cart_contents[$rowid]['qty'] + $old_quantity);
+
// Woot!
return $rowid;
}