fe / yohobuy-node · Commits

Go to a project

Authored by shuaiguo
Commit 968cc86513e4acdc13c661260ef66b48a34e67f8 1 parent c401b311

fix(shop): 防止sql攻击 reviewed by yyq

Inline Side-by-side
Showing 1 changed file with 4 additions and 0 deletions
@@ -25,6 +25,10 @@ exports.index = (req, res, next) => { @@ -25,6 +25,10 @@ exports.index = (req, res, next) => {
25 _.isEmpty(req.query) ? null : req.query)); 25 _.isEmpty(req.query) ? null : req.query));
26 } 26 }
27 27
  28 + if (isNaN(+shopId)) {
  29 + return res.redirect(301, '/404');
  30 + }
  31 +
28 if (req.xhr && req.query._pjax && shopId) { 32 if (req.xhr && req.query._pjax && shopId) {
29 return req.ctx(shopModel).getShopGoodsData(shopId, req.yoho.channel, req.query).then(result => { 33 return req.ctx(shopModel).getShopGoodsData(shopId, req.yoho.channel, req.query).then(result => {
30 Object.assign(result, { 34 Object.assign(result, {