Merge branch 'test6.8.4' of http://git.yoho.cn/ufo/yohoufo-fore into test6.8.4
Showing
1 changed file
with
4 additions
and
0 deletions
| @@ -99,6 +99,10 @@ public class ExpressInfoServiceImpl implements IExpressInfoService { | @@ -99,6 +99,10 @@ public class ExpressInfoServiceImpl implements IExpressInfoService { | ||
| 99 | */ | 99 | */ |
| 100 | @Override | 100 | @Override |
| 101 | public void deliverToDepot(Integer sellerUid,Integer expressCompanyId, Long orderCode, String wayBillCode,Integer depotNum) { | 101 | public void deliverToDepot(Integer sellerUid,Integer expressCompanyId, Long orderCode, String wayBillCode,Integer depotNum) { |
| 102 | + //用户扫描二维码,防止注入信息 | ||
| 103 | + if(StringUtils.isBlank(wayBillCode)||wayBillCode.toLowerCase().contains("http")){ | ||
| 104 | + throw new UfoServiceException(400,"无效的快递单号"); | ||
| 105 | + } | ||
| 102 | //保存物流信息+更新订单状态; | 106 | //保存物流信息+更新订单状态; |
| 103 | //本阶段的物流类型和订单状态 | 107 | //本阶段的物流类型和订单状态 |
| 104 | final OrderStatus expectOrderStatus = OrderStatus.HAS_PAYED; | 108 | final OrderStatus expectOrderStatus = OrderStatus.HAS_PAYED; |
-
Please register or login to post a comment