From c59db09ed96782ef67a7a7583180a2b64f742269 Mon Sep 17 00:00:00 2001
From: yangduo <yangduo@kingsome.cn>
Date: Tue, 14 Jan 2025 14:19:23 +0800
Subject: [PATCH] adjust

---
 .../controller/RechargeController.class.php   | 27 ++++++++++++++-----
 1 file changed, 21 insertions(+), 6 deletions(-)

diff --git a/webapp/controller/RechargeController.class.php b/webapp/controller/RechargeController.class.php
index e737bcb..01fe7c1 100644
--- a/webapp/controller/RechargeController.class.php
+++ b/webapp/controller/RechargeController.class.php
@@ -346,7 +346,7 @@ class RechargeController
             ':' + $_REQUEST['timestamp'] + 'NrN3zkVOzXF1vRzUc9eJM9ZKRO5eLooD';
         // $sign = phpcommon\md5Sign($params, 'NrN3zkVOzXF1vRzUc9eJM9ZKRO5eLooD', $_REQUEST['timestamp']);
         $sign = md5($oristr);
-        error_log($sign + '|' + $_REQUEST['sign']);
+        error_log('src:'.$oristr.'|'.$sign.'|'.$_REQUEST['sign']);
         if ($sign != $_REQUEST['sign']) {
             error_log('game2004api payNotify sign error:' + $sign + '|' + json_encode($_REQUEST));
             echo json_encode(array(
@@ -391,8 +391,23 @@ class RechargeController
             }
         }
 
-        $nowtime = time();
         $conn = $this->getMysql($_REQUEST['account_id']);
+
+        $orderRow = $conn->execQueryOne(
+            'SELECT * FROM orderinfo WHERE orderid=:orderid',
+            array(
+                ':orderid' => $_REQUEST['orderid']
+            )
+        );
+        if (!$orderRow) {
+            echo json_encode(array(
+                'errcode' => 0,
+                'errmsg' => ''
+            ));
+            die();
+        }
+
+        $nowtime = time();
         $this->insertNewOrder($conn, $nowtime);
         $this->updateUserTable($conn);
         $this->addToBuyHis($conn, $nowtime);
@@ -551,7 +566,7 @@ class RechargeController
         $ret = $conn->execScript(
             'INSERT INTO orderinfo(accountid, orderid, goodsid, price, ' .
                 '                      create_time, modify_time)' .
-                'VALUES(:accountid, :orderid, :goodsid, :price, ' .
+                ' VALUES(:accountid, :orderid, :goodsid, :price, ' .
                 '       :create_time, :modify_time);',
             array(
                 ':accountid' => $_REQUEST['account_id'],
@@ -574,7 +589,7 @@ class RechargeController
     private function updateUserTable($conn)
     {
         $ret = $conn->execScript(
-            'UPDATE user SET recharge_times_total=recharge_times_total + 1, ' .
+            'UPDATE user SET recharge_times_total=recharge_times_total + 1 ' .
                 '                WHERE accountid=:accountid;',
             array(
                 ':accountid' => $_REQUEST['account_id'],
@@ -588,9 +603,9 @@ class RechargeController
         $conn->execScript(
             'INSERT INTO buy_his(accountid, goodsid, sum_times, today_times, ' .
                 '                    last_buy_time, create_time, modify_time)' .
-                'VALUES(:accountid, :goodsid, 1, 1, ' .
+                ' VALUES(:accountid, :goodsid, 1, 1, ' .
                 '       :last_buy_time, :create_time, :modify_time)' .
-                'ON DUPLICATE KEY UPDATE sum_times=sum_times + 1, ' .
+                ' ON DUPLICATE KEY UPDATE sum_times=sum_times + 1, ' .
                 '       modify_time=:modify_time, last_buy_time=:last_buy_time,' .
                 '       today_times=' .
                 "       CASE WHEN last_buy_time < $dayseconds THEN 1 ELSE today_times + 1 END;",