From 20c176f57a616cb23bf03ca9181a905a31809dc0 Mon Sep 17 00:00:00 2001
From: wanghongjun <1445693971@qq.com>
Date: Fri, 4 Jul 2025 17:39:04 +0800
Subject: [PATCH] =?UTF-8?q?=E6=9C=8B=E5=8F=8B=E5=9C=88=E8=AF=84=E8=AE=BA?=
 =?UTF-8?q?=E4=B8=A5=E6=A0=BC=E9=99=90=E5=88=B6=E5=8F=82=E6=95=B0=E4=BC=A0?=
 =?UTF-8?q?=E8=BE=93?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/enterprise/controller/Posts.php | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/app/enterprise/controller/Posts.php b/app/enterprise/controller/Posts.php
index 1801a55..f918473 100644
--- a/app/enterprise/controller/Posts.php
+++ b/app/enterprise/controller/Posts.php
@@ -507,7 +507,15 @@ class Posts extends BaseController
         $pid = $this->request->param('pid', 0);
         $reply_user_id = 0;
         if (!empty($pid)) {
-            $reply_user_id = Comment::where('id', $pid)->value('user_id');
+            $reply_comment = Comment::where('id', $pid)->field('user_id,type,relevance_id')->find();
+            if ($reply_comment) {
+                $reply_user_id = $reply_comment['user_id'];
+                if ($reply_comment['type'] != 1 || $reply_comment['relevance_id'] != $posts_id) {
+                    return error(lang('system.fail'));
+                }
+            } else {
+                return error(lang('system.fail'));
+            }
         }
 
         $info = [