diff --git a/webapp/controller/CallbackController.class.php b/webapp/controller/CallbackController.class.php index 28849c4a..e961fadb 100644 --- a/webapp/controller/CallbackController.class.php +++ b/webapp/controller/CallbackController.class.php @@ -160,7 +160,8 @@ class CallbackController extends BaseController { myself()->_rspErr(1, 'param error'); return; } - $tranDb= Transaction::find($transId); + error_log('Transaction:'.$transId); + $tranDb= Transaction::findByAccountId($this->accountId,$transId); if (!$tranDb){ myself()->_rspErr(1, 'param error'); return; @@ -250,7 +251,7 @@ class CallbackController extends BaseController { myself()->_rspErr(1, 'param error'); return; } - $tranDb= Transaction::find($transId); + $tranDb= Transaction::findByAccountId($this->accountId,$transId); if (!$tranDb){ myself()->_rspErr(1, 'param error'); return; @@ -337,7 +338,7 @@ class CallbackController extends BaseController { return; } - $tranDb= Transaction::find($transId); + $tranDb= Transaction::findByAccountId($this->accountId,$transId); if (!$tranDb){ myself()->_rspErr(1, 'param error'); return; diff --git a/webapp/models/Transaction.php b/webapp/models/Transaction.php index 67ffd1da..843f1061 100644 --- a/webapp/models/Transaction.php +++ b/webapp/models/Transaction.php @@ -46,6 +46,19 @@ class Transaction extends BaseModel { return $row; } + public static function findByAccountId($accountId,$transId) + { + $row = SqlHelper::ormSelectOne( + myself()->_getMysql($accountId), + 't_transaction', + array( + 'account_id' => myself()->_getAccountId(), + 'trans_id' => $transId, + ) + ); + return $row; + } + public static function add($transId, $action, $tokenId, $tokenType, $itemUniId, $itemId, $result) { SqlHelper::insert(