安全更新
v1.0.21
影响版本:V1.0.0 ~ V1.0.21
更新说明:v1.0.21发布一处重要安全更新,请受影响的版本立即更新升级到最新版本,如果无法更新升级,请尝试手动进行修复。
修复方法:
1、找到/addons/zpwxsys/controller/v1/Job.php中的updateJob方法,大约在996行,将其中的:
public function updateJob()
{
if (request()->isPost()) {
$msg = $this->isLogin();
if($msg['error'] == 0) {
$param = input('post.');
$param['updatetime'] = time();
$job = new JobModel();
$data = $job->updateJob($param);
return $data;
}else{
return json_encode($msg);
}
}
public function updateJob()
{
if (request()->isPost()) {
$msg = $this->isLogin();
if($msg['error'] == 0) {
$param = input('post.');
$companyid = $msg['companyid'];
$map = [];
$map['id'] = $param['id'];
$map['companyid'] = $companyid;//修改此处归属问题
$jobinfo = JobModel::getOne($map);
if (!$jobinfo) {
return json_encode(['status'=>1,'msg'=>'请求数据不存在']);
}
$param['companyid'] = $companyid;
$param['updatetime'] = time();
$job = new JobModel();
$data = $job->updateJob($param);
return $data;
}else{
return json_encode($msg);
}
}
}2、找到/addons/zpwxsys/controller/v1/Company.php中的cancleJob方法,大约在1507行,将其中的:
public function cancleJob()
{
if (request()->isPost()) {
$param = input('post.');
$map['companyid'] = $param['companyid'];
$params['status'] = 1;
$params['id'] = $param['id'];
$JobModel = new JobModel();
$JobModel->updateJob($params);
$data = array('status' => 0, 'msg' => '下架成功');
return json_encode($data);
}
}
public function cancleJob()
{
if (request()->isPost()) {
$param = input('post.');
$msg = $this->isLogin();
if($msg['error'] == 0 ) {
$companyid = $msg['companyid'];
$map =[];
$map['id'] = $param['id'];
$map['companyid'] = $companyid;
$jobinfo = JobModel::getOne($map);
if(!$jobinfo)
{
$data = array('status' => 1, 'msg' => '请求数据不存在');
return json_encode($data);
}
$params['status'] = 0;
$params['companyid'] = $companyid;
$params['id'] = $param['id'];
$JobModel = new JobModel();
$JobModel->updateJob($params);
$data = array('status' => 0, 'msg' => '下架成功');
}else{
$data = array('status' => 1, 'msg' => 'Token异常');
}
return json_encode($data);
}
}3、找到/addons/zpwxsys/controller/v1/Company.php中的upJob方法,大约在1607行,将其中的:
public function upJob()
{
if (request()->isPost()) {
$param = input('post.');
$map['companyid'] = $param['companyid'];
$params['status'] = 0;
$params['id'] = $param['id'];
$JobModel = new JobModel();
$JobModel->updateJob($params);
$data = array('status' => 0, 'msg' => '上架成功');
return json_encode($data);
}
}
public function upJob()
{
if (request()->isPost()) {
$param = input('post.');
$msg = $this->isLogin();
if($msg['error'] == 0 ) {
$companyid = $msg['companyid'];
$map =[];
$map['id'] = $param['id'];
$map['companyid'] = $companyid;
$jobinfo = JobModel::getOne($map);
if(!$jobinfo)
{
$data = array('status' => 1, 'msg' => '请求数据不存在');
return json_encode($data);
}
$params['status'] = 1;
$params['companyid'] = $companyid;
$params['id'] = $param['id'];
$JobModel = new JobModel();
$JobModel->updateJob($params);
$data = array('status' => 0, 'msg' => '上架成功');
}else{
$data = array('status' => 1, 'msg' => 'Token异常');
}
return json_encode($data);
}
}文档最后更新时间:2025-03-10 10:53:00
著作权归应用插件开发者所有,未经许可,禁止转载、复制此文档的任何内容。
← 常见问题
未解决你的问题?请到「问答社区」反馈你遇到的问题