From 1b81b84edaeea9b200c622e4a34c49b4b1aaac92 Mon Sep 17 00:00:00 2001
From: Pu Zhibing <393733352@qq.com>
Date: 星期四, 06 三月 2025 15:28:19 +0800
Subject: [PATCH] 修改bug和漏洞修复

---
 ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/controller/TVipController.java |   40 ++++++++++++++++++++++++++++------------
 1 files changed, 28 insertions(+), 12 deletions(-)

diff --git a/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/controller/TVipController.java b/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/controller/TVipController.java
index 02c2d68..e6d49d2 100644
--- a/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/controller/TVipController.java
+++ b/ruoyi-service/ruoyi-other/src/main/java/com/ruoyi/other/controller/TVipController.java
@@ -121,6 +121,10 @@
     public R<TVip> getInfo1(@RequestParam("id")Integer id) {
         return R.ok(vipService.getById(id));
     }
+    @PostMapping("/getAllVip")
+    R<List<TVip>> getAllVip() {
+        return R.ok(vipService.list());
+    }
     
     
     
@@ -340,17 +344,29 @@
     @ApiOperation(value = "购买会员", tags = {"小程序-个人中心"})
     @GetMapping("/vipInfo/pay")
     public Object vipInfoPay(@RequestParam("vipId")Integer vipId,@RequestParam("buyType") Integer buyType,
-        @RequestParam("payType") Integer payType
-    ) {
-
+        @RequestParam("payType") Integer payType) {
+    
+        LocalDateTime now = LocalDateTime.now();
         TVip byId = vipService.getById(vipId);
         if (byId==null){
             return R.ok("当前会员不存在，请刷新后重试。");
         }
+        if(byId.getReveal() == 0){
+            return R.ok("无效的会员");
+        }
+        if(1 == buyType && byId.getMonthlyCardDiscountReveal() == 0){
+            return R.ok("无效的会员");
+        }
+        if(2 == buyType && byId.getSeasonCardDiscountReveal() == 0){
+            return R.ok("无效的会员");
+        }
+        if(3 == buyType && byId.getAnnualCardReveal() == 0){
+            return R.ok("无效的会员");
+        }
+        
         BigDecimal payMoney = BigDecimal.ZERO;
         BigDecimal discountMoney = BigDecimal.ZERO;
         BigDecimal discount = BigDecimal.ZERO;
-        LocalDateTime now = LocalDateTime.now();
         switch (buyType){
             case 1:
                 if (byId.getMonthlyCardDiscountStart()!=null&&(now.isAfter(byId.getMonthlyCardDiscountStart())&&now.isBefore(byId.getMonthlyCardDiscountEnd()))){
@@ -361,14 +377,14 @@
                     payMoney = byId.getMonthlyCard();
                 }
                 break;
-                case 2:
-                    if (byId.getSeasonCardDiscountStart()!=null&&(now.isAfter(byId.getSeasonCardDiscountStart())&&now.isBefore(byId.getSeasonCardDiscountEnd()))){
-                        payMoney = byId.getSeasonCard().multiply(byId.getSeasonCardDiscount().divide(new BigDecimal(10)));
-                        discountMoney = byId.getSeasonCard().subtract(payMoney);
-                        discount = byId.getSeasonCardDiscount();
-                    }else {
-                        payMoney = byId.getSeasonCard();
-                    }
+            case 2:
+                if (byId.getSeasonCardDiscountStart()!=null&&(now.isAfter(byId.getSeasonCardDiscountStart())&&now.isBefore(byId.getSeasonCardDiscountEnd()))){
+                    payMoney = byId.getSeasonCard().multiply(byId.getSeasonCardDiscount().divide(new BigDecimal(10)));
+                    discountMoney = byId.getSeasonCard().subtract(payMoney);
+                    discount = byId.getSeasonCardDiscount();
+                }else {
+                    payMoney = byId.getSeasonCard();
+                }
                 break;
             case 3:
                 if (byId.getAnnualCardDiscountStart()!=null&&(now.isAfter(byId.getAnnualCardDiscountStart())&&now.isBefore(byId.getAnnualCardDiscountEnd()))){

--
Gitblit v1.7.1