From d19851ce236b39cd1f119307bc9a35009ff1baa0 Mon Sep 17 00:00:00 2001 From: wangwei01 Date: Fri, 29 Mar 2019 17:50:30 +0800 Subject: [PATCH] 1 --- webapp/controller/TeamController.class.php | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/webapp/controller/TeamController.class.php b/webapp/controller/TeamController.class.php index be4cd6c..7ff30d2 100644 --- a/webapp/controller/TeamController.class.php +++ b/webapp/controller/TeamController.class.php @@ -43,6 +43,7 @@ class teamController{ public function teamInfo() { + $team_uuid = $_REQUEST['team_uuid']; $r = $this->getRedis($team_uuid); if(!$r){ @@ -50,7 +51,6 @@ class teamController{ }else{ $accountid = $_REQUEST['account_id']; $sessionid = $_REQUEST['session_id']; - $team_uuid = $_REQUEST['team_uuid']; $user_db_str = $r->get(TEAMID_KEY . $team_uuid); if (empty($user_db_str)) { phpcommon\sendError(ERR_USER_BASE + 1,'session失效1'); @@ -235,6 +235,7 @@ class teamController{ echo 'is null'; }else{ $user_db_str = $r->get(TEAMID_KEY . $team_uuid); + if (empty($user_db_str)){ phpcommon\sendError(ERR_USER_BASE + 1,'session失效1'); return; @@ -244,6 +245,14 @@ class teamController{ phpcommon\sendError(ERR_USER_BASE + 1,'session失效2'); return; } + foreach ($user_db['member_list'] as $member) { + if ($member['account_id'] == $_REQUEST['account_id']){ + if($member['idx'] != 1){ + phpcommon\sendError(ERR_USER_BASE + 4,'你不是队长'); + return; + } + } + } $user_db['auto_fill'] = $_REQUEST['auto_fill']; $r->set(TEAMID_KEY . $team_uuid, json_encode($user_db)); $r->pexpire(TEAMID_KEY . $team_uuid, 1000 * 3600);