sileya-ai
/
vr-shopxo-plugin
1
0
Fork 0
Code Issues 3 Pull Requests Packages Projects Releases Wiki Activity
211 Commits
9 Branches
0 Tags
29 MiB
Commit Graph

211 Commits (79f2fe2bd3bb770af912150b04575befd6cb411d)

Author SHA1 Message Date
Council 11fa6ccfdb council(draft): BackendArchitect - 输出 vr-shopxo-plugin 架构评审报告 
发现严重问题:
- onOrderPaid() 无幂等性(并发重复发票)
- verifyTicket() TOCTOU 竞态条件
- QR Secret 默认密钥硬编码
- |raw XSS 漏洞(goods.simple_desc)
- 购票参数无服务端验证

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-15 09:18:34 +08:00
Council 8efb090a00 Merge branch 'council/SecurityEngineer' into main 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-15 09:18:11 +08:00
Council 5497c11989 council(draft): SecurityEngineer - update plan.md with completed findings 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-15 09:17:42 +08:00
Council c16ab36080 Merge council/SecurityEngineer: security review report + updated plan 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-15 09:17:14 +08:00
Council 6664be6cc8 council(draft): SecurityEngineer - complete security review for vr-shopxo-plugin 
Findings: 1 critical (onOrderPaid race condition), 5 medium, 3 low, 4 suggestions

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-15 09:17:08 +08:00
Council 2ca5921b9d council(draft): 合并 SecurityEngineer + BackendArchitect 审议计划 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-15 09:15:16 +08:00
Council 529d3baafd council(draft): BackendArchitect - 创建 vr-shopxo-plugin 代码审议计划 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-15 09:14:35 +08:00
Council e0b2403486 council(draft): FrontendDev - Round 1 vr-shopxo-plugin 代码审议计划 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-15 09:14:29 +08:00
Council b135b772ef council(draft): SecurityEngineer - create plan.md for vr-shopxo-plugin security review 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-15 09:14:23 +08:00
Council 852623fc9f docs: 完整开发日志 DEVELOPMENT_LOG.md 
- 覆盖 2026-04-13 调研 → 2026-04-15 Phase 0/1 完成全记录
- 需求背景 + 技术栈决策
- ShopXO 插件机制调研结论
- Phase 0 插件骨架(14文件 + 4表 + 测试数据)
- Phase 1 Goods.php 改法 + 浏览器验证截图
- Council 审议记录
- 关键决策固化表
- Phase 2/3/4 下步计划
- 清理废弃 review 文件
 2026-04-15 09:12:32 +08:00
Council 7508bed11d docs: 追加 vr-shopxo-plugin Phase 0/1 状态记录 2026-04-15 08:47:21 +08:00
Council 0f5a82d04c feat(Phase 1): ShopXO Goods.php 修改(实际验证通过) 
修改文件:
- shopxo-modifications/app/index/controller/Goods.php

修改内容:
- 在 return MyView() 前加 item_type=ticket 判断
- 查询座位模板 + goods_spec_data 传给模板
- 使用独立票务模板

已通过实际测试验证(商品1改为ticket类型后渲染正常)
 2026-04-15 08:46:45 +08:00
Council 34f7045956 feat(Phase 0): vr_ticket plugin skeleton complete 
生成内容:
- plugin.json + EventListener.php(安装自动建表)
- service/BaseService.php(AES加密/Qr生成/工具函数)
- service/TicketService.php(核心:onOrderPaid发票/核销)
- admin/controller/:SeatTemplate + Ticket + Verifier + Verification
- admin/view/:4套后台列表页
- view/goods/ticket_detail.html(前端票务详情页,完全独立UI)
- app/plugins/vr_ticket/README.md(安装说明)
- docs/GOODS_PHP_MODIFICATION.md(Goods.php修改步骤,更新路径)

 核心原则:怎么快怎么来,AI介入度95%+
 2026-04-15 08:15:51 +08:00
Council d5edb76f33 docs: add guiding principle + Goods.php modification guide 
核心原则:怎么快怎么来,怎么方便怎么来,少改动少复杂度,完全允许改核心

- README.md: 写入核心原则,更新技术发现,标注 Goods.php 方案为推荐
- docs/GOODS_PHP_MODIFICATION.md: 票务模板替换的具体修改步骤(Phase 2 关键文档)
 2026-04-15 08:03:37 +08:00
Council 1c6d32b4c1 docs: add ShopXO hooks reference (v6.8.0) - extracted from source 
- All hooks from OrderService, GoodsService, Goods/Buy/User/Search controllers
- 100+ hooks with descriptions and VR ticket use cases
- Recommended hook strategy for payment callback + ticket generation
 2026-04-15 05:00:24 +08:00
Council e7b7bf9b55 docs: add plugin mechanism + requirements mapping docs 
- 07: ShopXO plugin dev core (config.json/hook/Event/BaseService/directory)
- 08: vr-shopxo-plugin requirements → ShopXO mechanism mapping
 2026-04-15 04:44:48 +08:00
Council 536ef9e120 docs: add 项目启动报告 REPORT-KICKOFF.md (issue #5) 2026-04-15 00:19:42 +08:00
Council 8c6878ec99 council(draft): Architect - 合并 Round 1 架构评审结论,解决冲突 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-14 18:57:58 +08:00
Council 9eae259444 council(draft): Architect - Round 1 架构评审结论 (Q2+Q4) 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-14 18:57:16 +08:00
Council 58e382a972 council(draft): PM - 解决 plan.md 合并冲突 
保留完整 Q1-Q3 内容 + Q4 综合方案

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-14 18:56:53 +08:00
Council 80e1828b41 council(draft): PM - Round 1 Q3 回答(配置结构建议) 
PM 立场:建议新增 `routing` section
- routing.modelProviderOverride: 模型 → provider 映射
- routing.baseUrlOverride: 可选 baseUrl 覆盖
- 放在顶层,语义清晰,向后兼容

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-14 18:56:22 +08:00
Council b969a14304 council(draft): PM - Round 1 创建 MiniMax 路由补丁设计计划 
4 Q 任务分配:
- Q1: Backend 配置读取方案
- Q2: Architect 架构设计(配置注入)
- Q3: PM 配置结构建议
- Q4: Architect 综合方案

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-14 18:55:11 +08:00
Council 59065437f5 council(draft): Backend - Round 1 plan.md MiniMax 路由补丁设计 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-14 18:55:04 +08:00
Council 6b9290f7b6 council(draft): Architect - Round 1 规划 MiniMax 路由补丁设计 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-14 18:54:58 +08:00
Council a865494531 council(draft): Backend - Round 1 plan.md MiniMax 路由补丁设计 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-14 18:54:43 +08:00
Council 1ea1b04d31 council(finalize): PM - Round 2 完成,清理 plan.md conflict markers 
- 清理 plan.md 中的 Git conflict markers
- 确认 4 Q 全票通过 NON-BLOCKING
- 架构决策完成

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-14 18:45:13 +08:00
Council ae59cdbc91 Merge branch 'council/Backend' 2026-04-14 18:44:08 +08:00
Council 97cc5441a4 council(finalize): Architect - Round 2 最终结论:4 Q 全票通过 NON-BLOCKING 
- P1/PM 评审完成(实施复杂度 2.5d)
- B1/Backend 评审完成(Hook 可行性已确认)
- C1 综合结论完成

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-14 18:43:36 +08:00
Council dded7b1d5d council(draft): Architect - 合并 Round 1 架构评审结论,解决冲突 
Q1: 座位模板绑定粒度 - NON-BLOCKING
Q2: spec_base_id_map - NON-BLOCKING
Q3: 观演人存储 - NON-BLOCKING
Q4: spec绑定 - NON-BLOCKING

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-14 18:41:43 +08:00
Council 5113dcc25f council(draft): Architect - Round 1 架构评审结论 
Q1: 座位模板绑定粒度 - NON-BLOCKING (分类UNIQUE KEY合理)
Q2: spec_base_id_map - NON-BLOCKING (共用seat_map最简)
Q3: 观演人存储 - NON-BLOCKING (vr_tickets支付后写入)
Q4: spec绑定 - NON-BLOCKING ($vr-前缀隔离已确认)

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-14 18:40:41 +08:00
Council d14d54b312 Merge remote-tracking branch 'origin/main' into council/Backend 2026-04-14 18:40:40 +08:00
Council cb530783ba council(draft): PM - 合并 PM + Backend Round 1 plan,完成冲突解决 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-14 18:40:31 +08:00
Council 512ecacd2f council(draft): Backend - Round 1 voting complete 
Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-04-14 18:40:09 +08:00
Council 86941094f6 Merge branch 'council/Backend' 
# Conflicts:
#	plan.md
 2026-04-14 18:23:26 +08:00
Council 23022985f4 council(draft): Backend Round 1 - 4 Q non-blocking, T1-T6 pending 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-14 18:23:02 +08:00
Council a27ec349bf council(draft): merge PM + Backend Round 1 plan: 4 Q&A unified plan 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-14 18:22:31 +08:00
Council bb8255b179 council(draft): Architect - Round 1 plan: 4 Q architecture review 
Round 1: Architect/PM/Backend 并行评审 4 个关键技术问题
- Q1: 座位模板与分类绑定粒度
- Q2: spec_base_id_map 生成时机
- Q3: 观演人信息存储位置
- Q4: spec_value 命名匹配方案

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-14 18:21:50 +08:00
Council 9f208629b1 Merge branch 'council/PM' 2026-04-14 18:21:36 +08:00
Council a052d812ad council(draft): PM - PM Q1-Q4 review output 2026-04-14 18:21:32 +08:00
Council df74185a35 Merge branch 'council/PM' 2026-04-14 18:21:09 +08:00
Council 0046f14283 council(draft): Backend - Round 1 plan: 4 Q&A Hook/spec 评审 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-14 18:21:06 +08:00
Council db1ea96b14 council(draft): PM - PM视角评审Q1-Q4,4个问题均为non-blocking 2026-04-14 18:21:03 +08:00
Council a52209292c docs: v2.2 - Q4 resolved: $vr- prefix spec namespace isolation 2026-04-14 17:57:32 +08:00
bigemon bde23d3195 docs: v2.1 - 通用扩展方法论 + Q4 spec_value复用粒度 2026-04-14 17:46:50 +08:00
Council 401f7b500d fix: venue_data方案替换分类方案,vr_sessions职责明确化 2026-04-14 15:44:30 +08:00
Council d28a4dc511 feat: 选座系统架构 + ShopXO后台集成方案(docs/06)+ 关键架构修正 2026-04-14 15:29:22 +08:00
Council dd538ba08e fix: 明确允许最小范围修改ShopXO源码(MIT协议),以进度为先 2026-04-14 14:10:59 +08:00
Council b713cd73c3 council(finalize): backend-reviewer - execute T6/T8/T9, vote YES 
- T6: Confirm payment callback hook plugins_service_buy_order_insert_success
- T8: Supplement verifier permission validation (vr_verifiers whitelist)
- T9: Supplement vr_events/vr_sessions DDL (complete, indexed)
- Review pm-reviewer output: concurrent control already covered in 03 §9
- Vote: [CONSENSUS: YES] - docs ready for coding

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-14 14:09:56 +08:00
Council af66140af1 council(draft): backend-reviewer - Round 1 plan update, vote YES 2026-04-14 14:04:23 +08:00
Council 09ee277268 council(finalize): backend-reviewer - resolve plan.md conflicts, vote YES 
Verdict:
- docs/01_SHOPXO_TECHNICAL_RESEARCH.md:  通过(3项非阻断性改进)
- docs/03_VERIFICATION_SYSTEM.md:  通过(核销员权限验证需补充)
- BuyService OrderInsertHandle:  防超卖安全验证通过
- vr_events/vr_sessions DDL: 已在 reviews/ 中补充

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-14 13:52:25 +08:00