Procházet zdrojové kódy

fixed: 添加防御代码,防止输入名称过短.

gwang před 4 roky
rodič
revize
bac331dec1
2 změnil soubory, kde provedl 14 přidání a 11 odebrání
  1. 1 0
      Gameserver/Amfphp/process/UserProc.php
  2. 13 11
      Gameserver/Amfphp/test.php

+ 1 - 0
Gameserver/Amfphp/process/UserProc.php

@@ -85,6 +85,7 @@ class UserProc {
      */
     static function SetUserNickname() {
         list($newname) = req()->paras;                                          # 参数: 新昵称, 头像
+        my_Assert(strlen($newname) >= 3, "名字太短了, 换个长点的吧!");                # 防御字符串长度太短.
         my_Assert(isset(glc()->User_SetNickname_Cost), "全局变量中未找到改名消耗钻石数量的配置字段");
         $amt = glc()->User_SetNickname_Cost;                                    # 改名需要消耗钻石
         $ok = req()->userInfo->game->base()->Consume_Cash($amt);                # 扣除钻石

+ 13 - 11
Gameserver/Amfphp/test.php

@@ -43,16 +43,18 @@ class A {
 
 $tabName = 'tab_guild';
 $ret = GuildProc::getMemUserGuildInfo("gw", 1);
-$keywords = "青";
-$sqlret = daoInst()->select()->from($tabName)
-                ->where("`zoneid`=$zoneid and (`guildId`='$keywords' OR `name` like '%$keywords%')")
-                ->limit(10)->fetchAll();
-//var_dump($sqlret);
-$startIndex = 8;
-$dbret = daoInst()->select()->from(GuildProc::tabGuild)
-        ->where('zoneid')->eq($zoneid)
-        ->limit("$startIndex ,20")
-        ->fetchAll();
-var_dump($dbret);
+$keywords = "";
+var_dump(strlen($keywords));
+//
+//$sqlret = daoInst()->select()->from($tabName)
+//                ->where("`zoneid`=$zoneid and (`guildId`='$keywords' OR `name` like '%$keywords%')")
+//                ->limit(10)->fetchAll();
+////var_dump($sqlret);
+//$startIndex = 8;
+//$dbret = daoInst()->select()->from(GuildProc::tabGuild)
+//        ->where('zoneid')->eq($zoneid)
+//        ->limit("$startIndex ,20")
+//        ->fetchAll();
+//var_dump($dbret);
 //Err(1005);
 //var_dump(Resp::err(3503, "时尚杂志opencv"));