|
|
@@ -4554,8 +4554,27 @@ router.route("/updateRaceUser").all((req, res, next) => {
|
|
|
});
|
|
|
//查询用户信息
|
|
|
router.route("/selectUser").all((req, res, next) => {
|
|
|
+ // var json = queryString(req.url);
|
|
|
+ // getmysql(req, res, "selectUser", json["userid"]);
|
|
|
var json = queryString(req.url);
|
|
|
- getmysql(req, res, "selectUser", json["userid"]);
|
|
|
+ // 只有.cn域名才需要判断session,.hk和.com直接查询
|
|
|
+ if (req.headers.origin && req.headers.origin.includes(".cn")) {
|
|
|
+ if (req.session && req.session.userId) {
|
|
|
+ if (req.session.userId == json["userid"]) {
|
|
|
+ getmysql(req, res, "selectUser", json["userid"]);
|
|
|
+ } else {
|
|
|
+ // 不匹配则返回空数组
|
|
|
+ res.end(JSON.stringify([]));
|
|
|
+ }
|
|
|
+ } else {
|
|
|
+ res.end(JSON.stringify([]));
|
|
|
+ }
|
|
|
+ } else if(req.headers.origin){
|
|
|
+ // .hk和.com域名直接查询,不判断session
|
|
|
+ getmysql(req, res, "selectUser", json["userid"]);
|
|
|
+ } else {
|
|
|
+ res.end(JSON.stringify([]));
|
|
|
+ }
|
|
|
});
|
|
|
//查询用户信息
|
|
|
router.route("/selectUserSzdjg").all((req, res, next) => {
|
