hhyykk/ipms-sjy
1
1
Fork 0
mirror of https://gitee.com/hhyykk/ipms-sjy.git synced 2025-10-31 18:28:43 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity

检查字符支持小数点&降级改成异常提醒

Browse Source
This commit is contained in:
RuoYi
2020-07-23 11:29:40 +08:00
parent df3ef54b41
commit 52d48fa63e
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ruoyi-common/src/main/java/com/ruoyi/common/utils/sql/SqlUtil.java
View File

@@ -1,5 +1,6 @@
package com.ruoyi.common.utils.sql;
import com.ruoyi.common.exception.BaseException;
import com.ruoyi.common.utils.StringUtils;
/**
@@ -10,9 +11,9 @@ import com.ruoyi.common.utils.StringUtils;
public class SqlUtil
{
/**
* 仅支持字母、数字、下划线、空格、逗号(支持多个字段排序)
* 仅支持字母、数字、下划线、空格、逗号、小数点(支持多个字段排序)
*/
public static String SQL_PATTERN = "[a-zA-Z0-9_\\ \\,]+";
public static String SQL_PATTERN = "[a-zA-Z0-9_\\ \\,\\.]+";
/**
* 检查字符,防止注入绕过
@@ -21,7 +22,7 @@ public class SqlUtil
{
if (StringUtils.isNotEmpty(value) && !isValidOrderBySql(value))
{
return StringUtils.EMPTY;
throw new BaseException("参数不符合规范,不能进行查询");
}
return value;
}