Food/food_server
3
0
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases Wiki Activity

【类 型】:factor

Browse Source 
【原  因】:后端校验防止 前端异常提交 恶意提交等
【过  程】:提交订单 中运费 打包费校验 (与商铺表里面的缺省值比较)
【影  响】:
This commit is contained in:
sszdot 2024-12-12 16:02:34 +08:00
parent bce0f82f7d
commit 4433d18c8a
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
FlyCube/Api/Controller/CheckController.class.php
View File

@ -104,7 +104,16 @@ class CheckController extends PublicController
//后台校验总价格 和 前端总价格 //后台校验总价格 和 前端总价格
if ($total_price != $_REQUEST['total']) { if ($total_price != $_REQUEST['total']) {
echo json_encode(array('status' => 1, 'msg' => '价格不符!')); echo json_encode(array('status' => 0, 'msg' => '价格不符!'));
exit(); //有问题跳出
}
//后台校验 运费 打包费 和 前端提交值 ps:目前和商铺表 里的运费 打包费进行比较 后续可能要根据比如运输距离 商户根据订单单独修改的值 进行对比
$shopDb = D('shop');
$whereShop['shop_id'] = $_REQUEST['shop_id'];
$shop = $shopDb->where($whereShop)->find();
if ($_REQUEST['default_transport_price'] != $shop['default_transport_price'] || $_REQUEST['default_pack_price'] != $shop['default_pack_price']) {
echo json_encode(array('status' => 0, 'msg' => '运费和打包费不符!'));
exit(); //有问题跳出 exit(); //有问题跳出
} }