先上代碼:數據庫
1. ShoppingCartService 類
using System; using System.Collections.Generic; using System.Linq; using LinFx; using LinFx.Data; using LinFx.Security; using LinFx.Web; using YLSPay.Data.Entity; namespace YLSPay.Data.Service { public class ShoppingCartService : IShoppingCartService { private readonly IWorkContext _context; private readonly IRepository<ShoppingCart> _repository; public ShoppingCartService( IWorkContext context, IRepository<ShoppingCart> repository) { _context = context; _repository = repository; } /// <summary> /// 加入購物車 /// </summary> /// <param name="user">用戶</param> /// <param name="productVariant">商品</param> /// <param name="qty">數量</param> /// <param name="attributes">屬性</param> public void AddToShoppingCart(IUser user, ProductVariant productVariant, int qty, string attributes) { if (productVariant == null) throw new ArgumentNullException("productVariant"); //購物車保存至數據庫 ShoppingCart cartItem; var query = _repository.Table.Where(p => p.ProductVariantId == productVariant.Id && p.Attributes == attributes); if (user == null) { var recordId = GetRecordId(null); cartItem = query.SingleOrDefault(p => p.RecordId == recordId) ?? CreateShoppingCart(recordId); } else { cartItem = query.SingleOrDefault(p => p.UserId == user.Id) ?? CreateShoppingCart(null, user); } cartItem.Attributes = attributes; cartItem.ProductVariantId = productVariant.Id; cartItem.Quantity += qty; cartItem.UpdateTime = DateTime.Now; _repository.Save(); } public string GetRecordId(string username) { const string name = "recordId"; //if (_context.HttpContext.Response.Cookies[name] == null) //{ // var cookie = new System.Web.HttpCookie(name) // { // Expires = DateTime.Now.AddMinutes(30), // Value = _context.User != null ? _context.User.UserName : Guid.NewGuid().ToString() // }; // _context.HttpContext.Response.Cookies.Add(cookie); // return cookie.Value; //} //return _context.HttpContext.Response.Cookies[name].Value; if (_context.HttpContext.Session[name] == null) { if(string.IsNullOrEmpty(username)) _context.HttpContext.Session[name] = Guid.NewGuid().ToString(); else _context.HttpContext.Session[name] = username; } return _context.HttpContext.Session[name].ToString(); } } }
2. IWorkContextbootstrap
using System.Web; using LinFx.Security; namespace LinFx.Web { public interface IWorkContext { IUser User { get; set; } HttpContextBase HttpContext { get; } } }
using System.Web; using LinFx.Security; namespace LinFx.Web { public class WorkContext : IWorkContext { public IUser User { get; set; } //private readonly HttpContextBase _httpContext = new HttpContextWrapper(System.Web.HttpContext.Current); public HttpContextBase HttpContext { get { return new HttpContextWrapper(System.Web.HttpContext.Current); } } //public WorkContext(HttpContextBase contextBase) //{ // _httpContext = contextBase; //} //public HttpContextBase HttpContext //{ // get { return _httpContext; } //} } }
3. Ninject 注入cookie
using LinFx.Caching; using LinFx.Data; using LinFx.Index; using LinFx.Plugin.Search.Services; using LinFx.Security; using LinFx.Web; using YLSPay.Data; using YLSPay.Data.Service; [assembly: WebActivator.PreApplicationStartMethod(typeof(YLSPay.App_Start.NinjectWebCommon), "Start")] [assembly: WebActivator.ApplicationShutdownMethodAttribute(typeof(YLSPay.App_Start.NinjectWebCommon), "Stop")] namespace YLSPay.App_Start { using System; using System.Web; using Microsoft.Web.Infrastructure.DynamicModuleHelper; using Ninject; using Ninject.Web.Common; using System.Data.Entity; public static class NinjectWebCommon { static readonly Bootstrapper bootstrapper = new Bootstrapper(); /// <summary> /// Starts the application /// </summary> public static void Start() { DynamicModuleUtility.RegisterModule(typeof(OnePerRequestHttpModule)); DynamicModuleUtility.RegisterModule(typeof(NinjectHttpModule)); bootstrapper.Initialize(CreateKernel); } /// <summary> /// Stops the application. /// </summary> public static void Stop() { bootstrapper.ShutDown(); } /// <summary> /// Creates the kernel that will manage your application. /// </summary> /// <returns>The created kernel.</returns> private static IKernel CreateKernel() { var kernel = new StandardKernel(); kernel.Bind<Func<IKernel>>().ToMethod(ctx => () => new Bootstrapper().Kernel); kernel.Bind<IHttpModule>().To<HttpApplicationInitializationHttpModule>(); RegisterServices(kernel); return kernel; } /// <summary> /// Load your modules or register your services here! /// </summary> /// <param name="kernel">The kernel.</param> private static void RegisterServices(IKernel kernel) { kernel.Bind<HttpContext>().ToMethod(ctx => HttpContext.Current).InRequestScope(); kernel.Bind<HttpContextBase>().ToMethod(ctx => new HttpContextWrapper(HttpContext.Current)).InRequestScope(); kernel.Bind<IWorkContext>().To<WorkContext>().InSingletonScope(); kernel.Bind(typeof(IRepository<>)).To(typeof(Repository<>)).InRequestScope(); } } }
問題: app
一。若是實現 方步 GetRecordId() 從 cooike 取 ?ui
二。_context.HttpContext 是會每次都新生成?spa
每次 new blog
ShoppingCartService 時就 new 一個 httpcontext ?
各位兄弟,有漏洞嗎get