From 01556e0130560de59b7d750556b2c5c562e51dbb Mon Sep 17 00:00:00 2001
From: houzhongjian <houzhongyi@126.com>
Date: 星期一, 03 三月 2025 16:10:22 +0800
Subject: [PATCH] Merge remote-tracking branch 'origin/master'

---
 iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java b/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java
index 4e116ea..2ef1f30 100644
--- a/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java
+++ b/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java
@@ -2,6 +2,7 @@
 
 import com.iailab.framework.tenant.core.context.DataContextHolder;
 import com.iailab.module.data.common.utils.DateUtils;
+import com.iailab.module.data.common.xss.SQLFilter;
 import com.iailab.module.data.plan.data.entity.PlanDataSetEntity;
 import com.iailab.module.data.plan.data.service.PlanDataSetService;
 import com.iailab.module.data.plan.item.entity.PlanItemEntity;
@@ -44,6 +45,7 @@
             return null;
         }
         Map<String, Object> params = getSqlParams(dataSet, startTime, endTime);
+        SQLFilter.sqlInject2(dataSet.getQuerySql());
         DataContextHolder.setDataSourceId(Long.valueOf(dataSet.getDataSource()));
         List<PlanItemDataVO> dataList = planItemService.getSourceValue(params);
 

--
Gitblit v1.9.3