From c287701e1a3fc723bf5b243a3e5ae3e9cccf41a7 Mon Sep 17 00:00:00 2001
From: name <mail>
Date: Thu, 24 Aug 2023 11:27:31 +0900
Subject: [PATCH] =?UTF-8?q?=ED=8F=AC=EC=9D=B8=ED=8A=B8=20=EA=B2=B0?=
 =?UTF-8?q?=EC=A0=9C=20=EA=B8=88=EC=95=A1=EB=B3=80=EC=A1=B0=20=EB=B0=A9?=
 =?UTF-8?q?=EC=A7=80=20=EA=B8=B0=EB=8A=A5=20=EC=88=98=EC=A0=95?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../itn/let/mjo/pay/web/MjonPayController.java     | 14 ++++++++++++++
 .../webapp/WEB-INF/jsp/web/com/webCommonHeader.jsp |  7 +++++++
 2 files changed, 21 insertions(+)

diff --git a/src/main/java/itn/let/mjo/pay/web/MjonPayController.java b/src/main/java/itn/let/mjo/pay/web/MjonPayController.java
index e7e13472..0791ac4b 100644
--- a/src/main/java/itn/let/mjo/pay/web/MjonPayController.java
+++ b/src/main/java/itn/let/mjo/pay/web/MjonPayController.java
@@ -3807,6 +3807,20 @@ public class MjonPayController {
 		mjonPayVO.setFrstRegisterId(user.getId());
 		mjonPayVO.setUserId(user.getId());
 		
+		RefundVO refundVO = new RefundVO();
+		refundVO.setMberId(user.getId());
+		
+		RefundVO mberInfoVO = refundService.selectRefundMberInfo(refundVO);
+		if(Double.parseDouble(mberInfoVO.getMberPoint()) 
+				< mjonPayVO.getPoint()) {
+			
+			modelAndView.addObject("status", "moreThanUserPoint");
+			modelAndView.addObject("msg", "현재 회원의 보유포인트보다 큰 포인트를 환불 할 수 없습니다.");
+			
+			return modelAndView;
+		}
+		
+		
 		if("1".equals(mjonPayVO.getType())){ //현금전환 시
 			mjonPayVO.setMemo("현금 "+mjonPayVO.getPoint()+" 전환"); //전환 내용
 			mjonPayVO.setCmpltYn("N"); //현금 전환 시 처리 전
diff --git a/src/main/webapp/WEB-INF/jsp/web/com/webCommonHeader.jsp b/src/main/webapp/WEB-INF/jsp/web/com/webCommonHeader.jsp
index 5f2e9c7b..c8ba7f6c 100644
--- a/src/main/webapp/WEB-INF/jsp/web/com/webCommonHeader.jsp
+++ b/src/main/webapp/WEB-INF/jsp/web/com/webCommonHeader.jsp
@@ -597,6 +597,13 @@ function actionLogin() {
 				contentType: false,
 				processData: false,
 				success: function (returnData, status) {
+					
+					//보유 금액 변조 방지
+					if(returnData.status == 'moreThanUserPoint'){
+						alert(returnData.msg)
+						return;
+					}
+					
 					if(status == 'success'){
 						alert(successAlertWord);
 						location.reload();