linxianzhuang/saasshop
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: platform orders export require download=1 safety valve

Browse Source
This commit is contained in:
萝卜
2026-03-13 22:40:56 +00:00
parent 6a666b4c2a
commit 1f832477c0
11 changed files with 53 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
app/Http/Controllers/Admin/PlatformOrderController.php
View File

@@ -977,6 +977,11 @@ class PlatformOrderController extends Controller
{
$this->ensurePlatformAdmin($request);
// 安全阀:必须显式声明 download=1避免浏览器预取/误触发导致频繁导出
if ((string) $request->query('download', '') !== '1') {
abort(400, 'download=1 required');
}
$filters = [
'status' => trim((string) $request->query('status', '')),
'payment_status' => trim((string) $request->query('payment_status', '')),