diff --git a/Laravel/app/Http/Controllers/API/H5/PayController.php b/Laravel/app/Http/Controllers/API/H5/PayController.php
index e8a4d43..a906b72 100644
--- a/Laravel/app/Http/Controllers/API/H5/PayController.php
+++ b/Laravel/app/Http/Controllers/API/H5/PayController.php
@@ -37,10 +37,13 @@ class PayController extends Controller
     $openid = request('openid');
     $id = request('id');
     if(!isset($id)) return \Yz::echoError1("id不能为空");
+    $openid = request('openid');
+    $user=DB::table('web_users')->where(['openid'=>$openid])->first();
+    if (!$user) return \Yz::echoError1("用户无效");
     $orderInfo = DB::table('orders')->where(['id' => $id,])->first();
     if (!$orderInfo) return \Yz::echoError1("未找到有效订单");
     if ($orderInfo->status !== 1) return \Yz::echoError1("订单不是待支付状态不能支付。当前状态:" . $orderInfo->status);
-    $personInfo = DB::table('web_user_person')->where(['id' => $orderInfo->person_id, 'is_del' => 0])->first();
+    $personInfo = DB::table('web_user_person')->where(['id_number' => $orderInfo->id_number,'user_id'=>$user->id, 'is_del' => 0])->first();
     if (!$personInfo) return \Yz::echoError1("就诊人异常");
     $sub_org_code = 0; //小程序端医院代码
     if ($orderInfo->hospital_id == 1) {
@@ -59,7 +62,7 @@ class PayController extends Controller
       'old_order_number' => $orderInfo->order_number,
       'new_order_number' => $new_ordernumber,
     ]);
-    $u=DB::table('orders')->where(['id' => $id,])->update(['order_number'=>$new_ordernumber]);
+    $u=DB::table('orders')->where(['id' => $id,])->update(['order_number'=>$new_ordernumber,'web_user_id'=>$user->id,'person_id'=>$personInfo->id]);
     if(!$u) return \Yz::echoError1("更新订单号失败");
     $XCXApi = new XCXApiController();
     $params = [