1. SeatSkuService: Fix regex in getExistingSpecBaseIds()
(\d+)排(\d+)座 → (\d+)排(\d)座
The original regex incorrectly captures 2 digit groups in "A排10座",
causing seatId parse failure for column >= 10.
2. ticket_detail.html: Fix specBaseIdMap access in submit()
(obj||{}).spec_base_id → direct numeric value
PHP returns integers (not objects), so drop the .spec_base_id accessor.
关联:Issue #9
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- renderSeatMap(): add data-row-label + data-col-num attrs for specBaseIdMap key format
- toggleSeat(): change seatKey from "0_0" (numeric) to "A_1" (label_colNum) to match specBaseIdMap
- removeSeat(): use [data-row-label][data-col-num] selector
- submit(): refactor from 1 goods_params (zone-level) to N entries (seat-level, stock=1)
- Plan B fallback: if specBaseIdMap[key] missing, use sessionSpecId
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
P0-1: issueTicket() now checks for existing tickets by (order_id, spec_base_id)
before inserting. Prevents duplicate tickets on HTTP retry/multi-instance.
P0-3: Removed |raw from simple_desc and content in ticket_detail.html.
Prevents stored XSS via malicious admin content injection.
P0-4: getQrSecret() now throws exception if VR_TICKET_QR_SECRET is unset,
instead of falling back to insecure default key.
Council