2 months ago · fbfe9a8fb8
--- a/addons/shop/controller/api/Goods.php
+++ b/addons/shop/controller/api/Goods.php
@@ -119,7 +119,8 @@ class Goods extends Base
 
				         }
			
 
				         $row->coupon = $couponList;
			
 
				 
			
 
				-        $row->visible(explode(',', 'id,title,subtitle,category_id,price,marketprice,sales,views,image,content,images,sku_spec,sku,comment,is_collect,guarantee,attributes,favor_rate,coupon'));
			
 
				+        $row->visible(explode(',', 'id,title,description,category_id,
			
 
				+        price,sales,views,image,content,images,sku_spec,sku,comment,is_collect,guarantee,attributes,favor_rate,coupon'));
			
 
				         $row = $row->toArray();
			
 
				         $row['content'] = \addons\shop\library\Service::formatTplToUniapp($row['content']);
			
 
				         $this->success('获取成功', $row);
			
@@ -131,6 +132,12 @@ class Goods extends Base
 
				         $param = $this->request->param();
			
 
				         $pageNum = (int)$this->request->param('pageNum', 10);
			
 
				         $orderby = $this->request->param('orderby', 'weigh');
			
 
				+        // 使用验证器 验证  orderby weigh：权重；sales：销量；price：价格；views：浏览数；comments：评论数
			
 
				+        $validate = new \addons\shop\validate\Goods();
			
 
				+        $validate->scene('lists')->check($param);
			
 
				+        if ($validate->getError()) {
			
 
				+            $this->error($validate->getError());
			
 
				+        }
			
 
				         $orderway = $this->request->param('orderway', 'desc');
			
 
				 
			
 
				         $list = GoodsModel::where(function ($query) use ($param) {
			
--- a/addons/shop/controller/api/Login.php
+++ b/addons/shop/controller/api/Login.php
@@ -11,6 +11,7 @@ use think\Validate;
 
				 use fast\Http;
			
 
				 use addons\third\library\Service;
			
 
				 use think\Config;
			
 
				+use think\Env;
			
 
				 use think\Session;
			
 
				 
			
 
				 class Login extends Base
			
@@ -131,8 +132,11 @@ class Login extends Base
 
				         if (!Validate::regex($mobile, "^1\d{10}$")) {
			
 
				             $this->error(__('Mobile is incorrect'));
			
 
				         }
			
 
				-        if (!Sms::check($mobile, $captcha, 'mobilelogin')) {
			
 
				-            $this->error(__('Captcha is incorrect'));
			
 
				+        // 这里需要处理 测试环境 env('app_debug') 为 true 时，不进行验证码验证 校验 验证码固定为env的配置 DEFAULT_SMSCODE: 123456
			
 
				+        if (!Env::get('app.app_debug') && $captcha != Env::get('app.DEFAULT_SMSCODE')) {
			
 
				+            if (!Sms::check($mobile, $captcha, 'mobilelogin')) {
			
 
				+                $this->error(__('Captcha is incorrect'));
			
 
				+            }
			
 
				         }
			
 
				         $user = \app\common\model\User::getByMobile($mobile);
			
 
				         if ($user) {
			
--- a/addons/shop/validate/Goods.php
+++ b/addons/shop/validate/Goods.php
@@ -0,0 +1,29 @@
 
				+<?php
			
 
				+
			
 
				+namespace addons\shop\validate;
			
 
				+
			
 
				+use think\Validate;
			
 
				+
			
 
				+class Goods extends Validate
			
 
				+{
			
 
				+    /**
			
 
				+     * 验证规则
			
 
				+     */
			
 
				+    protected $rule = [
			
 
				+        'orderby' => 'in:weigh,sales,price,views,comments',
			
 
				+    ];
			
 
				+
			
 
				+    /**
			
 
				+     * 提示消息
			
 
				+     */
			
 
				+    protected $message = [
			
 
				+        'orderby.in' => '排序字段只能是权重、销量、价格、浏览数或评论数',
			
 
				+    ];
			
 
				+
			
 
				+    /**
			
 
				+     * 验证场景
			
 
				+     */
			
 
				+    protected $scene = [
			
 
				+        'lists' => ['orderby'],
			
 
				+    ];
			
 
				+}