From 77c90e34b5058cfae64a99a41750569b80b09c5f Mon Sep 17 00:00:00 2001
From: yangduo <yangduo@kingsome.cn>
Date: Tue, 7 Jan 2025 11:09:07 +0800
Subject: [PATCH] adjust

---
 server/payserver/api/v1/ingame/ingame.go | 24 +++++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/server/payserver/api/v1/ingame/ingame.go b/server/payserver/api/v1/ingame/ingame.go
index 023260c..b3bb0db 100644
--- a/server/payserver/api/v1/ingame/ingame.go
+++ b/server/payserver/api/v1/ingame/ingame.go
@@ -129,6 +129,13 @@ func (this *InGameApi) PayDone(c *gin.Context) {
 		return
 	}
 
+	sessionkey := q5.SafeToString(data["session_key"])
+	if len(sessionkey) == 0 {
+		f5.GetSysLog().Debug("empty sessionkey:%s", accountId)
+		f5.RspErr(c, 402, "invalid session 2")
+		return
+	}
+
 	sessionkeytime := q5.SafeToInt64(data["update_time"])
 	if service.Wxpay.CheckExpireCache(accountId, sessionkeytime) {
 		f5.RspErr(c, 402, "session expired")
@@ -147,7 +154,6 @@ func (this *InGameApi) PayDone(c *gin.Context) {
 	for status < 2 {
 		gameid := q5.SafeToInt64(strs[1])
 		openid := q5.SafeToString(data["openid"])
-		sessionkey := q5.SafeToString(data["session_key"])
 		userip := this.getIP(c)
 		balance, errcode, err := int64(0), int32(0), error(nil)
 		if status == 0 {
@@ -212,6 +218,13 @@ func (this *InGameApi) OrderInfo(c *gin.Context) {
 		return
 	}
 
+	sessionkey := q5.SafeToString(data["session_key"])
+	if len(sessionkey) == 0 {
+		f5.GetSysLog().Debug("empty sessionkey:%s", reqJson.AccountId)
+		f5.RspErr(c, 402, "invalid session 2")
+		return
+	}
+
 	sessionkeytime := q5.SafeToInt64(data["update_time"])
 	if service.Wxpay.CheckExpireCache(reqJson.AccountId, sessionkeytime) {
 		f5.RspErr(c, 402, "session expired")
@@ -248,7 +261,6 @@ func (this *InGameApi) OrderInfo(c *gin.Context) {
 	if orderModel.Status == 0 {
 		gameid := q5.SafeToInt64(strs[1])
 		openid := q5.SafeToString(data["openid"])
-		sessionkey := q5.SafeToString(data["session_key"])
 		userip := this.getIP(c)
 		balance, errcode, err := service.Wxpay.QueryBalance(openid, gameid, userip, sessionkey)
 		if err != nil {
@@ -310,6 +322,13 @@ func (this *InGameApi) OtherOrder(c *gin.Context) {
 		return
 	}
 
+	sessionkey := q5.SafeToString(data["session_key"])
+	if len(sessionkey) == 0 {
+		f5.GetSysLog().Debug("empty sessionkey:%s", reqJson.AccountId)
+		f5.RspErr(c, 402, "invalid session 2")
+		return
+	}
+
 	sessionkeytime := q5.SafeToInt64(data["update_time"])
 	if service.Wxpay.CheckExpireCache(reqJson.AccountId, sessionkeytime) {
 		f5.RspErr(c, 402, "session expired")
@@ -324,7 +343,6 @@ func (this *InGameApi) OtherOrder(c *gin.Context) {
 
 	gameid := q5.SafeToInt64(strs[1])
 	openid := q5.SafeToString(data["openid"])
-	sessionkey := q5.SafeToString(data["session_key"])
 	userip := this.getIP(c)
 	balance, errcode, err := service.Wxpay.QueryBalance(openid, gameid, userip, sessionkey)
 	if err != nil {