diff --git a/webapp/controller/ShopController.class.php b/webapp/controller/ShopController.class.php index 54ff9a3d..da8260bc 100644 --- a/webapp/controller/ShopController.class.php +++ b/webapp/controller/ShopController.class.php @@ -844,10 +844,10 @@ class ShopController extends BaseAuthedController public function buyGoodsNormal() { $address = $this->_getAddress(); - // if (empty($address)) { - // $this->_rspErr(4, 'address is empty'); - // return; - // } + if (empty($address)) { + $this->_rspErr(4, 'address is empty'); + return; + } $id = getReqVal('id', 0); $token_type = getReqVal('token_type', ''); $goods_num = getReqVal('goods_num', 0); @@ -1170,14 +1170,23 @@ class ShopController extends BaseAuthedController public function buyGoodsDS() { $idx = getReqVal('idx', 0); - $grid = getReqVal('grid', 0); - $count = getReqVal('count', 0); + if ($idx <= 0) { + $this->_rspErr(2, 'idx is invalid'); + return; + } + $grid = getReqVal('grid', 0); if ($grid < 1 || $grid > 6) { $this->_rspErr(2, 'grid is invalid'); return; } + $count = getReqVal('count', 0); + if ($count<=0) { + $this->_rspErr(2, 'count is invalid'); + return; + } + $conn = $this->_getMysql(''); $row = SqlHelper::selectOne(