From fec73caa165bc53fd38562875c5b53acae085455 Mon Sep 17 00:00:00 2001
From: Administrator <15274802129@163.com>
Date: Wed, 21 May 2025 14:54:16 +0800
Subject: [PATCH] fix:修复会员查询 SQL 注入漏洞

---
 src/main/java/cc/mrbird/febs/vip/service/impl/VipCommonServiceImpl.java |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/src/main/java/cc/mrbird/febs/vip/service/impl/VipCommonServiceImpl.java b/src/main/java/cc/mrbird/febs/vip/service/impl/VipCommonServiceImpl.java
index 1343f35..ffd0c68 100644
--- a/src/main/java/cc/mrbird/febs/vip/service/impl/VipCommonServiceImpl.java
+++ b/src/main/java/cc/mrbird/febs/vip/service/impl/VipCommonServiceImpl.java
@@ -279,7 +279,7 @@
                         .eq(MallMember::getAccountStatus, MallMember.ACCOUNT_STATUS_ENABLE)
                         .eq(MallMember::getAccountType, MallMember.ACCOUNT_TYPE_NORMAL)
                         .ne(MallMember::getStoreMaster, 0)
-                .orderByAsc(MallMember::getStoreMaster)
+                .orderByDesc(MallMember::getId)
                 .last("limit 1")
         );
         // 如果没有找到符合条件的团长，则记录日志并返回

--
Gitblit v1.9.1