fnvtk/soul-yongping
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

新增订单推荐人和邀请码功能,优化支付流程中的订单插入逻辑,确保订单记录准确。更新小程序支付请求,支持传递邀请码以便于分销归属和对账。同时,调整数据库结构以支持新字段,提升系统的稳定性和用户体验。

Browse Source
This commit is contained in:
乘风
2026-02-06 18:34:02 +08:00
parent f8fac00c85
commit 2e65d68e1e
34 changed files with 3288 additions and 1255 deletions
Download Patch File Download Diff File Expand all files Collapse all files

83
app/api/user/profile/route.ts
View File

@@ -1,10 +1,11 @@
/**
* 用户资料API
* 用于完善用户信息(头像、微信号、手机号)
* 使用 Prisma ORM安全防SQL注入
*/
import { NextRequest, NextResponse } from 'next/server'
import { query } from '@/lib/db'
import { prisma } from '@/lib/prisma'
/**
* GET - 获取用户资料
@@ -22,23 +23,33 @@ export async function GET(request: NextRequest) {
}
try {
const users = await query(`
SELECT id, open_id, nickname, avatar, phone, wechat_id,
referral_code, has_full_book, is_admin,
earnings, pending_earnings, referral_count, created_at
FROM users
WHERE ${userId ? 'id = ?' : 'open_id = ?'}
`, [userId || openId]) as any[]
// 使用 Prisma 查询自动防SQL注入
const user = await prisma.users.findFirst({
where: userId ? { id: userId } : { open_id: openId || '' },
select: {
id: true,
open_id: true,
nickname: true,
avatar: true,
phone: true,
wechat_id: true,
referral_code: true,
has_full_book: true,
is_admin: true,
earnings: true,
pending_earnings: true,
referral_count: true,
created_at: true
}
})
if (users.length === 0) {
if (!user) {
return NextResponse.json({
success: false,
error: '用户不存在'
}, { status: 404 })
}
const user = users[0]
// 检查资料完整度
const profileComplete = !!(user.phone || user.wechat_id)
const hasAvatar = !!user.avatar && !user.avatar.includes('picsum.photos')
@@ -91,16 +102,19 @@ export async function POST(request: NextRequest) {
}, { status: 400 })
}
// 检查用户是否存在
const users = await query(`SELECT id FROM users WHERE ${identifierField} = ?`, [identifier]) as any[]
if (users.length === 0) {
// 检查用户是否存在Prisma 自动防SQL注入
const existingUser = await prisma.users.findFirst({
where: identifierField === 'id' ? { id: identifier } : { open_id: identifier }
})
if (!existingUser) {
return NextResponse.json({
success: false,
error: '用户不存在'
}, { status: 404 })
}
const realUserId = users[0].id
const realUserId = existingUser.id
// 构建更新字段
const updates: string[] = []
@@ -137,26 +151,37 @@ export async function POST(request: NextRequest) {
}, { status: 400 })
}
// 执行更新
values.push(realUserId)
await query(`UPDATE users SET ${updates.join(', ')}, updated_at = NOW() WHERE id = ?`, values)
// 构建 Prisma 更新数据对象
const updateData: any = { updated_at: new Date() }
if (nickname !== undefined) updateData.nickname = nickname
if (avatar !== undefined) updateData.avatar = avatar
if (phone !== undefined) updateData.phone = phone
if (wechatId !== undefined) updateData.wechat_id = wechatId
// 返回更新后的用户信息
const updatedUsers = await query(`
SELECT id, nickname, avatar, phone, wechat_id, referral_code
FROM users WHERE id = ?
`, [realUserId]) as any[]
// 执行更新Prisma 自动防SQL注入
const updatedUser = await prisma.users.update({
where: { id: realUserId },
data: updateData,
select: {
id: true,
nickname: true,
avatar: true,
phone: true,
wechat_id: true,
referral_code: true
}
})
return NextResponse.json({
success: true,
message: '资料更新成功',
data: {
id: updatedUsers[0].id,
nickname: updatedUsers[0].nickname,
avatar: updatedUsers[0].avatar,
phone: updatedUsers[0].phone,
wechatId: updatedUsers[0].wechat_id,
referralCode: updatedUsers[0].referral_code
id: updatedUser.id,
nickname: updatedUser.nickname,
avatar: updatedUser.avatar,
phone: updatedUser.phone,
wechatId: updatedUser.wechat_id,
referralCode: updatedUser.referral_code
}
})