2 jaren geleden · e34a15c344
--- a/controller/account.js
+++ b/controller/account.js
@@ -31,7 +31,7 @@ async function login(userType = field.userType,account,passwd){
 
				     if (result.length < 1 ) {throw {rcode:codeMap.notFound,msg:'账号或者密码错误'}}
			
 
				     // 账号被冻结
			
 
				     if (result[0].state == field.userFreezeState ){throw {rcode:codeMap.permissionDenied,msg:'账号被冻结'}}
			
 
				-    return result[0].account;
			
 
				+    return result[0];
			
 
				 }
			
 
				 
			
 
				 /**
			
@@ -346,14 +346,15 @@ async function addOrder(account,flightId,travelIds){
 
				 /**
			
 
				  * 支付订单
			
 
				  * @param account 账户
			
 
				+ * @param passwd
			
 
				  * @param orderId 订单id
			
 
				  * @returns {Promise<boolean>}
			
 
				  */
			
 
				-async function payOrder(account,orderId){
			
 
				+async function payOrder(account,passwd,orderId){
			
 
				     let userId,order,flight,travels;
			
 
				-    order.travelIds = undefined;
			
 
				+    // order.travelIds = undefined;
			
 
				     // 根据账号查找id
			
 
				-    let [err,result] = await handle(info(userType,account));
			
 
				+    let [err,result] = await handle(login(userType,account,passwd));
			
 
				     if(err)throw err;
			
 
				     userId = result.id;
			
 
				     [err,result] = await handle(db_user.userOrderInfo(userId,orderId));
			
--- a/database/d_user.js
+++ b/database/d_user.js
@@ -387,7 +387,7 @@ function findOrder(userId,flightId,travelIds,createTime){
 
				  */
			
 
				 function payOrder(orderId){
			
 
				     let sql=``,values=[];
			
 
				-    sql+=`update orders set payState = ? where id = orderId`
			
 
				+    sql+=`update orders set payState = ? where id = ?`
			
 
				     values.push(fields.payState_pay,orderId);
			
 
				     return mysql.pq(sql,values);
			
 
				 }
			
@@ -437,7 +437,7 @@ function changeOrder(orderId,params){
 
				  */
			
 
				 function userOrderInfo(userId,orderId){
			
 
				     let sql=``,values=[];
			
 
				-    sql+=`select * from orders where userId = ? and orderId = ?`
			
 
				+    sql+=`select * from orders where userId = ? and id = ?`
			
 
				     values.push(userId,orderId);
			
 
				     return mysql.pq(sql,values);
			
 
				 }
			
--- a/routes/admin.js
+++ b/routes/admin.js
@@ -38,10 +38,10 @@ router.post('/login',
 
				             if (req.body.captcha.toLowerCase() != req.session.captcha) return res.json({...result, msg: `验证码错误,captcha error` });
			
 
				             let results = await c_user.login(field.adminType,req.body.account,req.body.passwd);
			
 
				             console.log(results);
			
 
				-            req.session[progress.adminSessionField] = results;
			
 
				+            req.session[progress.adminSessionField] = results.account;
			
 
				             res.json({
			
 
				                 rcode: code.ok,
			
 
				-                data: results
			
 
				+                data: results.account
			
 
				             })
			
 
				         }catch (error) {
			
 
				             if (error.rcode !== code.customError) {
			
--- a/routes/userApi.js
+++ b/routes/userApi.js
@@ -328,6 +328,39 @@ router.post(
 
				     }
			
 
				     )
			
 
				 
			
 
				+router.post(
			
 
				+    '/order/pay',
			
 
				+    checkLogin(fields.userType),
			
 
				+    checkParams({
			
 
				+        post:{
			
 
				+            orderId:{required:true},
			
 
				+            passwd:{required:true},
			
 
				+        }
			
 
				+    }),
			
 
				+    async (req,res)=>{
			
 
				+        try{
			
 
				+            let results = await c_user.payOrder(
			
 
				+                req.session[progress.userSessionField],
			
 
				+                req.body.passwd,
			
 
				+                req.body.orderId,
			
 
				+            );
			
 
				+            res.json({
			
 
				+                rcode: code.ok,
			
 
				+                data: results,
			
 
				+                total: results.length
			
 
				+            })
			
 
				+        }catch (error) {
			
 
				+            if (error.rcode !== code.customError) {
			
 
				+                console.log(error);
			
 
				+            }
			
 
				+            res.json({
			
 
				+                rcode: error.rcode || code.serverError,
			
 
				+                msg: error.msg || error.message
			
 
				+            });
			
 
				+        }
			
 
				+    }
			
 
				+)
			
 
				+
			
 
				 router.get(
			
 
				     '/orders',
			
 
				     checkLogin(fields.userType),
			
--- a/routes/users.js
+++ b/routes/users.js
@@ -66,11 +66,11 @@ router.post('/login',
 
				     async(req,res)=>{
			
 
				       try{
			
 
				         if (req.body.captcha.toLowerCase() != req.session.captcha) return res.json({rcode: code.customError, msg: `验证码错误,captcha error` });
			
 
				-        let results = await c_user.login(fields.userType,req.body.account,req.body.passwd);
			
 
				-        req.session[progress.userSessionField] = results;
			
 
				+        let result = await c_user.login(fields.userType,req.body.account,req.body.passwd);
			
 
				+        req.session[progress.userSessionField] = result.account;
			
 
				         res.json({
			
 
				           rcode: code.ok,
			
 
				-          data: results
			
 
				+          data: result.account
			
 
				         })
			
 
				       }catch (error) {
			
 
				         if (error.rcode !== code.customError) {