jingrow/jcloud
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

修复域名注册时购买时长价格计算的漏洞

Browse Source
This commit is contained in:
jingrow 2025-10-02 16:29:50 +08:00
parent 5439435b1b
commit 2150575fb3
2 changed files with 26 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
dashboard/src2/pages/NewJsiteDomain.vue
View File

@ -166,27 +166,20 @@
</div> </div>
<label class="block text-sm font-medium text-gray-700 mb-2">购买时长</label> <label class="block text-sm font-medium text-gray-700 mb-2">购买时长</label>
<select v-model="period" class="w-full border rounded px-3 py-2"> <select v-model="period" @change="onPeriodChange" class="w-full border rounded px-3 py-2">
<option v-for="p in periods" :key="p.value" :value="p.value">{{ p.label }}</option> <option v-for="p in periods" :key="p.value" :value="p.value">{{ p.label }}</option>
</select> </select>
</div> </div>
<!-- 价格信息显示 --> <!-- 价格信息显示 -->
<div v-if="domainCheckResult && domainCheckResult.available && domainPrice" class="border-t border-gray-200 pt-4"> <div v-if="domainCheckResult && domainCheckResult.available && totalPrice" class="border-t border-gray-200 pt-4">
<div class="flex justify-between items-center"> <div class="flex justify-between items-center">
<div class="text-sm text-gray-600">年度费用</div>
<div class="font-medium">
¥ {{ domainPrice }}
<span class="text-gray-500 text-sm">(年付)</span>
</div>
</div>
<div class="flex justify-between items-center mt-2">
<div class="text-sm text-gray-600">购买时长</div> <div class="text-sm text-gray-600">购买时长</div>
<div class="font-medium">{{ period }} </div> <div class="font-medium">{{ period }} </div>
</div> </div>
<div class="flex justify-between items-center mt-2 text-lg font-bold"> <div class="flex justify-between items-center mt-2 text-lg font-bold">
<div>总计</div> <div>总计</div>
<div>¥ {{ getTotalAmount() }}</div> <div>¥ {{ totalPrice.toFixed(2) }}</div>
</div> </div>
</div> </div>
@ -391,6 +384,7 @@ export default {
error: null, error: null,
domainCheckResult: null, domainCheckResult: null,
domainPrice: null, domainPrice: null,
totalPrice: null, //
// //
order: null, order: null,
domain: null, domain: null,
@ -780,7 +774,10 @@ export default {
// //
if (response.available) { if (response.available) {
this.getDomainPrice(); this.$resources.getDomainPrice.submit({
domain: this.fullDomain,
year: this.period
});
} }
}, },
onError(error) { onError(error) {
@ -795,19 +792,19 @@ export default {
url: 'jcloud.api.domain_west.get_west_domain_price', url: 'jcloud.api.domain_west.get_west_domain_price',
onSuccess(response) { onSuccess(response) {
if (response.status === "Error") { if (response.status === "Error") {
this.domainPrice = null; this.totalPrice = null;
return; return;
} }
// // - 使
if (response.data && response.data.price) { if (response.data && response.data.price) {
this.domainPrice = response.data.price; this.totalPrice = response.data.price;
} else { } else {
this.domainPrice = 50; // this.totalPrice = 50; //
} }
}, },
onError(error) { onError(error) {
this.domainPrice = 50; // this.totalPrice = 50; //
} }
}; };
}, },
@ -1095,9 +1092,14 @@ export default {
// //
this.$resources.createDomainOwner.submit(formData); this.$resources.createDomainOwner.submit(formData);
}, },
getTotalAmount() { onPeriodChange() {
const yearlyPrice = this.domainPrice || 0; //
return (yearlyPrice * this.period).toFixed(2); if (this.domainCheckResult && this.domainCheckResult.available) {
this.$resources.getDomainPrice.submit({
domain: this.fullDomain,
year: this.period
});
}
}, },
selectSuffix(suffix) { selectSuffix(suffix) {
this.selectedSuffix = suffix; this.selectedSuffix = suffix;

11
jcloud/api/domain_west.py
View File

@ -1454,14 +1454,13 @@ def create_domain_order(domain, period=1, payment_method='balance', domain_owner
if not client: if not client:
return {"success": False, "message": "API客户端初始化失败"} return {"success": False, "message": "API客户端初始化失败"}
# 获取域名价格 - 使用统一的 get_west_domain_price 函数 # 获取域名价格 - 根据实际购买的年限
price_result = get_west_domain_price(domain, 1) price_result = get_west_domain_price(domain, period)
if price_result.get("status") == "error": if price_result.get("status") == "error":
return {"success": False, "message": "获取域名价格失败"} return {"success": False, "message": "获取域名价格失败"}
# 计算总价格 - 使用与前端一致的价格字段 # 使用对应年限的总价
yearly_price = price_result.get("data", {}).get("price", 0) # 使用前端一致的价格字段 total_amount = price_result.get("data", {}).get("price", 0)
total_amount = yearly_price * period
# 生成订单号 # 生成订单号
order_id = f"{datetime.now().strftime('%Y%m%d%H%M%S%f')[:-3] + ''.join(random.choices('0123456789', k=6))}" order_id = f"{datetime.now().strftime('%Y%m%d%H%M%S%f')[:-3] + ''.join(random.choices('0123456789', k=6))}"
@ -1480,7 +1479,7 @@ def create_domain_order(domain, period=1, payment_method='balance', domain_owner
"domain": domain, "domain": domain,
"period": period, "period": period,
"domain_owner": domain_owner, "domain_owner": domain_owner,
"yearly_price": yearly_price, "total_price": total_amount,
"auto_renew": False, "auto_renew": False,
# 注册域名所需参数 # 注册域名所需参数
"regyear": period, "regyear": period,