添加安全检查

This commit is contained in:
wlx 2012-11-16 09:16:26 +00:00
parent 211e2ecf04
commit 45b607d632
1 changed files with 14 additions and 1 deletions

View File

@ -644,6 +644,19 @@ class HeiheController extends DataController
$this->jsonexit($data); $this->jsonexit($data);
return true; return true;
} }
//安全检查: uuid必须是当前用户且为新建数据
$sql="select * from geonetworkmetadata where uuid=? and uuid not in (select uuid from metadata) and owner=?";
$sth=$this->db->prepare($sql);
$sth->execute(array($uuid,$u_id));
$row=$sth->fetch();
if (empty($row))
{
$data = array(
'error'=>"参数错误"
);
$this->jsonexit($data);
return true;
}
//ftp 用户名 //ftp 用户名
$uname = 'heihe'.$u_id.'upload'; $uname = 'heihe'.$u_id.'upload';