diff --git a/webapp/classes/AddReward.php b/webapp/classes/AddReward.php index 96f7258..cdaec2b 100644 --- a/webapp/classes/AddReward.php +++ b/webapp/classes/AddReward.php @@ -412,12 +412,12 @@ class AddReward { } //添加道具 - protected function addItem($item_id, $time, $accountid, $price, $t) + protected function addItem($itemid, $hourtime, $accountid, $price, $t) { $item_list = array(); $item_num = 1; - $item_id = $item_id; - $time = $time; + $item_id = intval($itemid); + $time = intval($hourtime); $conn = $this->getMysql($accountid); if (!$conn) { phpcommon\sendError(ERR_USER_BASE + 1, '没有这个玩家'); @@ -586,7 +586,7 @@ class AddReward { ':accountid' => $accountid, ':id' => $id, )); - if ($row['status'] != 0 || !$row) { + if (!$row || $row['status'] != 0) { continue; } $status = 2; diff --git a/webapp/controller/BagController.class.php b/webapp/controller/BagController.class.php index 3d7c625..276e0a9 100644 --- a/webapp/controller/BagController.class.php +++ b/webapp/controller/BagController.class.php @@ -139,6 +139,9 @@ class BagController{ if ($b['fuction'] != 5 && $b['fuction'] != 6) { foreach ($bag_meta_table as $bag_info) { $id = $bag_info['id']; + if ($id == $item_id) { + continue; + } $bag = $this->getBag($id); if ($bag['fuction'] != $b['fuction']) { continue; @@ -148,7 +151,7 @@ class BagController{ ':accountid' => $account_id, ':id' => $id, )); - if ($row['status'] != 0 || !$row) { + if (!$row || $row['status'] != 0) { continue; } $status = 2; @@ -175,7 +178,7 @@ class BagController{ ':accountid' => $account_id, ':id' => $item_id, )); - if (!$row) { + if (!$row || $row['status'] != 1 || $row['active_time'] < time()) { phpcommon\sendError(ERR_USER_BASE + 2, '没有这个道具'); return; } @@ -223,7 +226,7 @@ class BagController{ ':accountid' => $account_id, ':id' => $item_id, )); - if (!$row) { + if (!$row || $row['status'] != 0) { phpcommon\sendError(ERR_USER_BASE + 2, '没有这个道具'); return; }