saasshop/resources/views/admin/plans/form.blade.php

@extends('admin.layouts.app')

@section('title', $plan->exists ? '编辑套餐' : '新建套餐')
@section('page_title', $plan->exists ? '编辑套餐' : '新建套餐')

@section('content')
<div class="page-header mb-20" data-page="admin.plans.form">
    <div class="page-header-main">
        <div>
            <div class="page-header-title">{{ $plan->exists ? '编辑套餐' : '新建套餐' }}</div>
            <div class="page-header-subtitle">套餐是平台授权与收费的基础单位，这里维护套餐的基本信息与售卖口径。当前阶段先提交套餐主数据，后续再补授权项、配额与订阅联动。</div>
        </div>
    </div>
</div>

<form method="post" action="{{ $formAction }}" class="card form-grid" data-action="disable-on-submit">
    @csrf

    @php
        $incomingBack = (string) ($back ?? '');
        // back 安全护栏（全页通用）：
        // - 仅允许站内相对路径（/ 开头）
        // - 拒绝引号/尖括号
        // - 拒绝 nested back=（避免 URL 膨胀/绕过）
        $safeBackForLinks = \App\Support\BackUrl::sanitizeForLinks($incomingBack);
    @endphp
    @if($safeBackForLinks !== '')
        <input type="hidden" name="back" value="{{ $safeBackForLinks }}">
    @endif

    <label>
        <span>套餐名称</span>
        <input name="name" value="{{ old('name', $plan->name) }}" required>
    </label>

    <label>
        <span>套餐编码</span>
        <input name="code" value="{{ old('code', $plan->code) }}" required>
        <small class="muted">仅限字母、数字、短横线和下划线，用于接口/内部引用。</small>
    </label>

    <label>
        <span>计费周期</span>
        <select name="billing_cycle" required>
            @foreach($billingCycleLabels as $value => $label)
                <option value="{{ $value }}" @selected(old('billing_cycle', $plan->billing_cycle) === $value)>{{ $label }}</option>
            @endforeach
        </select>
    </label>

    <label>
        <span>售价</span>
        <input type="number" step="0.01" min="0" name="price" value="{{ old('price', $plan->price) }}" required>
    </label>

    <label>
        <span>划线价</span>
        <input type="number" step="0.01" min="0" name="list_price" value="{{ old('list_price', $plan->list_price) }}">
    </label>

    <label>
        <span>状态</span>
        <select name="status" required>
            @foreach($statusLabels as $value => $label)
                <option value="{{ $value }}" @selected(old('status', $plan->status) === $value)>{{ $label }}</option>
            @endforeach
        </select>
    </label>

    <label>
        <span>排序</span>
        <input type="number" min="0" name="sort" value="{{ old('sort', $plan->sort ?? 0) }}">
    </label>

    <label class="full">
        <span>发布时间</span>
        <input type="datetime-local" name="published_at" value="{{ old('published_at', optional($plan->published_at)->format('Y-m-d\TH:i')) }}">
    </label>

    <label class="full">
        <span>套餐说明</span>
        <textarea name="description" rows="4" placeholder="可描述套餐包含的能力与适用场景">{{ old('description', $plan->description) }}</textarea>
    </label>

    @php
        $backUrl = $safeBackForLinks !== '' ? $safeBackForLinks : '/admin/plans';
    @endphp
    <div class="form-actions actions gap-10">
        {{-- back 可能包含 query（含 &），此处需原样输出，避免 Blade escape 成 &amp; 导致回退上下文丢失。--}}
        <a href="{!! $backUrl !!}" class="btn btn-secondary btn-sm">返回</a>
        <button type="submit" class="btn btn-sm">保存套餐</button>
    </div>
</form>
@endsection