diff --git a/FlyCube/MpApi/Controller/PlaneController.class.php b/FlyCube/MpApi/Controller/PlaneController.class.php index 7f9eb90..05ee6a6 100644 --- a/FlyCube/MpApi/Controller/PlaneController.class.php +++ b/FlyCube/MpApi/Controller/PlaneController.class.php @@ -542,33 +542,38 @@ class PlaneController extends PublicController echo json_encode(array('status' => 1, 'msg' => '访问成功', "questList" => $questList)); } /** - * @description: 改变订单 quest字段 改变为接单状态 + * @description: 改变订单状态或退款字段 不处理 已取消 未付款 交易关闭的订单 */ public function questAss() { if ($this->tokenShop_id != C('powerId')) { //非总管理员 $where['shop_id'] = $this->tokenShop_id; } - + //前端提交数据校验 if ($_REQUEST['id'] && $_REQUEST['state'] && $_REQUEST['val']) { $where['id'] = $_REQUEST['id']; $orderDb = D('order'); - if ($_REQUEST['state'] == 'status') { - $data['status'] = $_REQUEST['val']; //改变订单状态 - } elseif ($_REQUEST['state'] == 'back') { - if ($_REQUEST['val'] == 'zero') { - $data['back'] = '0'; //改变退货状态 - } else { - $data['back'] = '1'; //改变退货状态 - } - } - if ($orderDb->where($where)->save($data)) { - echo json_encode(array('status' => 1, 'msg' => '订单修改成功')); - } else { - echo json_encode(array('status' => 0, 'msg' => '订单修改失败')); + $field = array('status'); + $order = $orderDb->where($where)->field($field)->find(); + //不处理订单状态处于 已取消 未付款 交易关闭的情况 + if ($order['status'] == 'canceled' || $order['status'] == 'unpaid' || $order['status'] == 'closed') { + echo json_encode(array('status' => 0, 'msg' => '参数有误')); + exit(); } } else { echo json_encode(array('status' => 0, 'msg' => '参数有误')); + exit(); + } + //操作数据库 + if ($_REQUEST['state'] == 'status') { + $data['status'] = $_REQUEST['val']; //改变订单状态 + } elseif ($_REQUEST['state'] == 'back') { + $data['back'] = $_REQUEST['val']; //改变订单状态 + } + if ($orderDb->where($where)->save($data)) { + echo json_encode(array('status' => 1, 'msg' => '订单修改成功')); + } else { + echo json_encode(array('status' => 0, 'msg' => '订单修改失败')); } } }