diff --git a/webapp/controller/MallController.class.php b/webapp/controller/MallController.class.php
index 0fde6f9c..e9347b69 100644
--- a/webapp/controller/MallController.class.php
+++ b/webapp/controller/MallController.class.php
@@ -165,6 +165,18 @@ class MallController extends BaseAuthedController {
     {
         $goodsUuid = getReqVal('goods_uuid', '');
         $price = getReqVal('price', '');
+        if (empty($price)) {
+            $this->_rspErr(1, 'price not found');
+            return;
+        }
+        if ($price <= 0) {
+            $this->_rspErr(1, 'price must > 0');
+            return;
+        }
+        if (!is_numeric($price)) {
+            $this->_rspErr(1, 'price must be number');
+            return;
+        }
         $goodsDb = Mall::findByGoodsUuid($goodsUuid);
         if (!$goodsDb) {
             myself()->_rspErr(1, 'goods not found');