知识付费sql注入问题修复

问题说明：知识付费存在sql注入问题

修改文件：application\admin\model\wechat\StoreService

修改方法：getChatUser()

public static function getChatUser($uid, $mer_id, $page, $limit)
    {
        $list = [];
        $count = 0;
//        $where = 'mer_id = ' . $mer_id . ' AND (uid = ' . $uid . ' OR to_uid=' . $uid . ')';
        $where = function ($query) use ($mer_id, $uid) {
            $query->where('mer_id', $mer_id)
                ->where(function ($subQuery) use ($uid) {
                    $subQuery->where('uid', $uid)->whereOr('to_uid', $uid);
                });
        };
        $chat_list = ServiceLogModel::field("uid,to_uid")->page($page,$limit)->where($where)->group("uid,to_uid")->select();
        if (!count($chat_list)) return compact('list', 'count');
        $arr_user = $arr_to_user = [];
        foreach ($chat_list as $key => $value) {
            array_push($arr_user, $value["uid"]);
            array_push($arr_to_user, $value["to_uid"]);
        }
        $uids = array_merge($arr_user, $arr_to_user);

        $data = User::field("uid,nickname,avatar")->where(array("uid" => array(array("in", $uids), array("neq", $uid))))->select();
        $data = count($data) > 0 ? $data->toArray() : [];
        foreach ($data as $index => $user) {
            $service = self::field("uid,nickname,avatar")->where(array("uid" => $user["uid"]))->find();
            if ($service) $data[$index] = $service;
        }
        $count = User::where(array("uid" => array(array("in", $uids), array("neq", $uid))))->count();
        return compact('data', 'count');
    }

修改文件：application\admin\model\wechat\StoreServiceLog

修改方法：setWhere()

    public static function setWhere($uid, $to_uid, $mer_id)
    {
        $model = new self;
//        $where = "mer_id = " . $mer_id . " AND ((uid = " . $uid . " AND to_uid = " . $to_uid . ") OR (uid = " . $to_uid . " AND to_uid = " . $uid . "))";
        $where = function ($query) use ($mer_id, $uid, $to_uid) {
            $query->where('mer_id', $mer_id)
                ->where(function ($subQuery) use ($uid, $to_uid) {
                    $subQuery->where([
                        'uid'=>$uid,
                        'to_uid'=>$to_uid,
                    ])->whereOr([
                        'uid'=>$to_uid,
                        'to_uid'=>$uid
                    ]);
                });
        };
        $model = $model->where($where)->order("add_time desc");
        return $model;
    }

修改文件：application\wap\controller\AuthApi

修改方法：get_user_brokerage_list()

    public function get_user_brokerage_list($uid = 0, $first = 0, $limit = 8)
    {
        if (!$uid) return JsonService::fail('用户不存在');
        $uid = (int)$uid;
        $list = UserBill::field('A.mark,A.add_time,A.number,A.pm')->alias('A')->limit($first, $limit)
            ->where('A.category', 'now_money')->where('A.type', 'brokerage')
            ->where('A.uid', $this->uid)
            ->join('__STORE_ORDER__ B', 'A.link_id = B.id')
            ->where('B.uid', $uid)
            ->select()->toArray();
        return JsonService::successful($list);
    }