vr-shopxo-plugin/plan.md

# Plan — 安全审计：AdminGoodsSaveHandle 数据验证逻辑

> 版本：v1.0 | 日期：2026-04-20 | Agent：council/SecurityEngineer

---

## 任务概述

对 `AdminGoodsSaveHandle.php` 的数据验证逻辑进行安全审计，重点调查商品保存时报错 `Undefined array key "id"` 的根因，并分析所有可能导致数据异常或未定义行为的输入点。

---

## 审计任务清单

- [x] **Task 1**: 读取 `AdminGoodsSaveHandle.php` — 定位 "Undefined array key 'id'" 最可能出现的行
  - [Done: council/SecurityEngineer] → Primary: Line 77 `$r['id']`

- [x] **Task 2**: 分析 ShopXO `Db::name()` 表前缀行为 — `vr_seat_templates` vs `vrt_vr_seat_templates`
  - [Done: council/SecurityEngineer] → 等价，不存在问题

- [x] **Task 3**: 分析 `find($templateId)` 返回 null 时的处理逻辑
  - [Done: council/SecurityEngineer] → Secondary: Line 71 访问 `$template['seat_map']` 无空安全

- [x] **Task 4**: 分析 `$configs` JSON 解码后的类型安全性 — 数组访问下标验证
  - [Done: council/SecurityEngineer] → 部分安全，is_array 检查存在

- [x] **Task 5**: 分析 `selected_rooms` 数据结构与类型匹配问题
  - [Done: council/SecurityEngineer] → 类型匹配正确（均为字符串），但无空安全

- [x] **Task 6**: 审计 `SeatSkuService::BatchGenerate` 和 `$data['item_type']` 访问安全性
  - [Done: council/SecurityEngineer] → BatchGenerate 安全，item_type 有 ?? '' 兜底

- [x] **Task 7**: 汇总根因分析，输出修复建议 → `reviews/SecurityEngineer-AUDIT.md`
  - [Done: council/SecurityEngineer] → 报告已生成，含完整根因 + 修复代码

---

## 阶段划分

| 阶段 | 内容 |
|------|------|
| **Draft** | Task 1-6：逐文件、逐行读取代码，识别所有安全风险点 |
| **Review** | Task 7：汇总根因，输出结构化审计报告与修复建议 |
| **Finalize** | 提交审计报告到 main，标记完成 |

---

## 依赖

- 依赖 `docs/VR_GOODS_CONFIG_SPEC.md`（v3.0 JSON 格式说明）
- 不需要 BackendArchitect / DebugAgent 配合，可独立完成
-												council(draft): SecurityEngineer - add Round 1 plan for AdminGoodsSaveHandle security audit

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

											
										
										
											2026-04-20 01:45:33 +00:00
+								# Plan — 安全审计：AdminGoodsSaveHandle 数据验证逻辑
-												council(draft): SecurityEngineer - create plan.md with Phase 2 security research directions

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

											
										
										
											2026-04-15 05:53:39 +00:00
-												council(draft): SecurityEngineer - add Round 1 plan for AdminGoodsSaveHandle security audit

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

											
										
										
											2026-04-20 01:45:33 +00:00
+								> 版本：v1.0 | 日期：2026-04-20 | Agent：council/SecurityEngineer
 								---
 								## 任务概述
 								对 `AdminGoodsSaveHandle.php` 的数据验证逻辑进行安全审计，重点调查商品保存时报错 `Undefined array key "id"` 的根因，并分析所有可能导致数据异常或未定义行为的输入点。
 								---
 								## 审计任务清单
-												council(review): SecurityEngineer - Round 2 plan update: all tasks marked done

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

											
										
										
											2026-04-20 01:57:09 +00:00
+								- [x] **Task 1**: 读取 `AdminGoodsSaveHandle.php` — 定位 "Undefined array key 'id'" 最可能出现的行
 								  - [Done: council/SecurityEngineer] → Primary: Line 77 `$r['id']`
-												council(draft): SecurityEngineer - add Round 1 plan for AdminGoodsSaveHandle security audit

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

											
										
										
											2026-04-20 01:45:33 +00:00
-												council(review): SecurityEngineer - Round 2 plan update: all tasks marked done

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

											
										
										
											2026-04-20 01:57:09 +00:00
+								- [x] **Task 2**: 分析 ShopXO `Db::name()` 表前缀行为 — `vr_seat_templates` vs `vrt_vr_seat_templates`
 								  - [Done: council/SecurityEngineer] → 等价，不存在问题
-												council(draft): SecurityEngineer - add Round 1 plan for AdminGoodsSaveHandle security audit

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

											
										
										
											2026-04-20 01:45:33 +00:00
-												council(review): SecurityEngineer - Round 2 plan update: all tasks marked done

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

											
										
										
											2026-04-20 01:57:09 +00:00
+								- [x] **Task 3**: 分析 `find($templateId)` 返回 null 时的处理逻辑
 								  - [Done: council/SecurityEngineer] → Secondary: Line 71 访问 `$template['seat_map']` 无空安全
-												council(draft): SecurityEngineer - add Round 1 plan for AdminGoodsSaveHandle security audit

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

											
										
										
											2026-04-20 01:45:33 +00:00
-												council(review): SecurityEngineer - Round 2 plan update: all tasks marked done

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

											
										
										
											2026-04-20 01:57:09 +00:00
+								- [x] **Task 4**: 分析 `$configs` JSON 解码后的类型安全性 — 数组访问下标验证
 								  - [Done: council/SecurityEngineer] → 部分安全，is_array 检查存在
-												council(draft): SecurityEngineer - add Round 1 plan for AdminGoodsSaveHandle security audit

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

											
										
										
											2026-04-20 01:45:33 +00:00
-												council(review): SecurityEngineer - Round 2 plan update: all tasks marked done

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

											
										
										
											2026-04-20 01:57:09 +00:00
+								- [x] **Task 5**: 分析 `selected_rooms` 数据结构与类型匹配问题
 								  - [Done: council/SecurityEngineer] → 类型匹配正确（均为字符串），但无空安全
-												council(draft): SecurityEngineer - add Round 1 plan for AdminGoodsSaveHandle security audit

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

											
										
										
											2026-04-20 01:45:33 +00:00
-												council(review): SecurityEngineer - Round 2 plan update: all tasks marked done

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

											
										
										
											2026-04-20 01:57:09 +00:00
+								- [x] **Task 6**: 审计 `SeatSkuService::BatchGenerate` 和 `$data['item_type']` 访问安全性
 								  - [Done: council/SecurityEngineer] → BatchGenerate 安全，item_type 有 ?? '' 兜底
-												council(draft): SecurityEngineer - add Round 1 plan for AdminGoodsSaveHandle security audit

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

											
										
										
											2026-04-20 01:45:33 +00:00
-												council(review): SecurityEngineer - Round 2 plan update: all tasks marked done

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

											
										
										
											2026-04-20 01:57:09 +00:00
+								- [x] **Task 7**: 汇总根因分析，输出修复建议 → `reviews/SecurityEngineer-AUDIT.md`
 								  - [Done: council/SecurityEngineer] → 报告已生成，含完整根因 + 修复代码
-												council(draft): SecurityEngineer - add Round 1 plan for AdminGoodsSaveHandle security audit

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

											
										
										
											2026-04-20 01:45:33 +00:00
 								---
 								## 阶段划分
 								| 阶段 | 内容 |
 								|------|------|
 								| **Draft** | Task 1-6：逐文件、逐行读取代码，识别所有安全风险点 |
 								| **Review** | Task 7：汇总根因，输出结构化审计报告与修复建议 |
 								| **Finalize** | 提交审计报告到 main，标记完成 |
 								---
 								## 依赖
 								- 依赖 `docs/VR_GOODS_CONFIG_SPEC.md`（v3.0 JSON 格式说明）
 								- 不需要 BackendArchitect / DebugAgent 配合，可独立完成