diff --git a/app/Support/BackUrl.php b/app/Support/BackUrl.php index 85cea38..846aebe 100644 --- a/app/Support/BackUrl.php +++ b/app/Support/BackUrl.php @@ -33,4 +33,39 @@ class BackUrl return $incomingBack; } + + /** + * 安全版“保留当前 query 并覆盖字段”的站内相对链接构造器。 + * + * 典型用途:列表页里的各种「统计卡/治理入口/快捷链接」需要: + * - 保留当前筛选条件 + * - 覆盖指定字段 + * - 强制清空 page + * - 并且 back 只能保留通过 sanitizeForLinks 的安全值(否则移除) + */ + public static function currentPathWithQuery(array $overrides = [], string $safeBackForLinks = ''): string + { + $q = request()->query(); + + if ($safeBackForLinks !== '') { + $q['back'] = $safeBackForLinks; + } else { + unset($q['back']); + } + + foreach ($overrides as $k => $v) { + if ($v === null) { + unset($q[$k]); + } else { + $q[$k] = $v; + } + } + + $url = '/' . ltrim(request()->path(), '/'); + if (count($q) > 0) { + $url .= '?' . \Illuminate\Support\Arr::query($q); + } + + return $url; + } } diff --git a/resources/views/admin/platform_orders/index.blade.php b/resources/views/admin/platform_orders/index.blade.php index 763247e..3f12de7 100644 --- a/resources/views/admin/platform_orders/index.blade.php +++ b/resources/views/admin/platform_orders/index.blade.php @@ -36,33 +36,13 @@ }; // 安全版“保留当前 query 并覆盖字段”的链接构造器: - // - 强制使用站内相对路径(不包含域名) - // - back 仅保留安全值(否则移除),避免 `{!! !!}` 输出时发生属性注入 + // 统一抽到 Support\BackUrl,避免 Blade 内闭包口径漂移 + // 注意:该构造器会自动按安全口径保留/移除 back。 $safeFullUrlWithQuery = function (array $overrides = []) use ($safeBackForLinks) { - $q = request()->query(); - - if ($safeBackForLinks !== '') { - $q['back'] = $safeBackForLinks; - } else { - unset($q['back']); - } - - foreach ($overrides as $k => $v) { - if ($v === null) { - unset($q[$k]); - } else { - $q[$k] = $v; - } - } - - $url = '/' . ltrim(request()->path(), '/'); - if (count($q) > 0) { - $url .= '?' . \Illuminate\Support\Arr::query($q); - } - - return $url; + return \App\Support\BackUrl::currentPathWithQuery($overrides, $safeBackForLinks); }; + // 线索上下文(从开通线索跳转而来):用于提示“当前范围已锁定线索”,以及生成一键清除入口 $incomingLeadId = (int) request()->query('lead_id', 0);