diff --git a/application/admin/controller/unishop/Order.php b/application/admin/controller/unishop/Order.php
index d1cba9e..237899c 100644
--- a/application/admin/controller/unishop/Order.php
+++ b/application/admin/controller/unishop/Order.php
@@ -668,6 +668,9 @@ class Order extends Backend
     public function doRefund(){
         $order_id = $this->request->get('id');
         $refund_fee = $this->request->get("refund_fee",0);
+        if (!$this->isAmount($refund_fee)) {
+            $this->error("退款金额格式错误");
+        }
         $order = $this->model->where([
             'id' => $order_id,
             'status'=>1,//订单状态正常
@@ -693,6 +696,24 @@ class Order extends Backend
         $this->success("提交成功", null);
 
     }
+    /**
+     * 金额校验函数
+     * @param $value
+     * @param bool $isZero
+     * @param bool $negative
+     * @return bool
+     */
+    function isAmount($value){
+        // 必须是整数或浮点数，且允许为负
+        if (!preg_match("/^[-]?\d+(.\d{1,2})?$/", $value)){
+            return false;
+        }
+        // 不为负数
+        if ((int)($value * 100) < 0){
+            return false;
+        }
+        return true;
+    }
 
     static function refundOrder($order,$refund_fee){
         if ($refund_fee == 0) {//如果未传入金额，则使用总金额