6/14 解决了精度问题和购物车金额数据可能被前端篡改的问题

2023-06-14 21:42:07 +08:00 · 2023-06-14 21:42:07 +08:00 · c407d63f2f
commit c407d63f2f
parent df5e2b7b43
2 changed files with 17 additions and 1 deletions
--- a/renren-admin/src/main/java/io/renren/modules/front/controller/AlipayController.java
+++ b/renren-admin/src/main/java/io/renren/modules/front/controller/AlipayController.java
@ -14,6 +14,7 @@ import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;

 import java.math.BigDecimal;
+import java.math.RoundingMode;

 /**
 * @author : 张宇轩
@ -45,7 +46,7 @@ public class AlipayController {
        //商户订单号，商家自定义，保持唯一性
        bizContent.put("out_trade_no", out_trade_no);
        //支付金额，最小值0.01元
-        bizContent.put("total_amount", total_amount);
+        bizContent.put("total_amount", total_amount.divide(BigDecimal.valueOf(100),2, RoundingMode.HALF_UP));
        //订单标题，不可使用特殊符号
        bizContent.put("subject", "美食元素订单支付");

--- a/renren-admin/src/main/java/io/renren/modules/front/service/impl/ShoppingCartServiceImpl.java
+++ b/renren-admin/src/main/java/io/renren/modules/front/service/impl/ShoppingCartServiceImpl.java
@ -2,12 +2,18 @@ package io.renren.modules.front.service.impl;

 import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
 import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
+import io.renren.modules.front.bean.Dish;
+import io.renren.modules.front.bean.Setmeal;
 import io.renren.modules.front.bean.ShoppingCart;
 import io.renren.modules.front.dao.ShoppingCartMapper;
+import io.renren.modules.front.service.DishService;
+import io.renren.modules.front.service.SetmealService;
 import io.renren.modules.front.service.ShoppingCartService;
 import io.renren.modules.front.utils.BaseContext;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;

+import java.math.BigDecimal;
 import java.time.LocalDateTime;

 /**
@ -18,6 +24,10 @@ import java.time.LocalDateTime;
 */
@Service(value = "shoppingCartServiceImplFront")
 public class ShoppingCartServiceImpl extends ServiceImpl<ShoppingCartMapper, ShoppingCart> implements ShoppingCartService {
+    @Autowired
+    DishService dishService;
+    @Autowired
+    SetmealService setmealService;
    @Override
    public ShoppingCart add(ShoppingCart shoppingCart) {
        //查询当前购物车的菜品/套餐是否在数据库存在
@ -28,8 +38,12 @@ public class ShoppingCartServiceImpl extends ServiceImpl<ShoppingCartMapper, Sho
        //1.2.判断查询的是菜品还是套餐
        Long dishId = shoppingCart.getDishId();
        if(dishId != null){
+            Dish dish = dishService.getById(dishId);
+            shoppingCart.setAmount(BigDecimal.valueOf(dish.getPrice()));
            lqw.eq(ShoppingCart::getDishId, dishId);
        } else {
+            Setmeal setmeal = setmealService.getById(shoppingCart.getSetmealId());
+            shoppingCart.setAmount(BigDecimal.valueOf(setmeal.getPrice()));
            lqw.eq(ShoppingCart::getSetmealId, shoppingCart.getSetmealId());
        }
        //1.3.执行查询
@ -39,6 +53,7 @@ public class ShoppingCartServiceImpl extends ServiceImpl<ShoppingCartMapper, Sho
            cart.setNumber(cart.getNumber()+1);
            this.updateById(cart);
        } else {
+
            //3 不存在，添加到购物车表中
            shoppingCart.setCreateDate(LocalDateTime.now());
            shoppingCart.setUserId(BaseContext.getCurrentId());