From 619626ae7ef85afc60c720fb309efb08b58b0cb7 Mon Sep 17 00:00:00 2001
From: 潘志宝 <979469083@qq.com>
Date: 星期一, 20 一月 2025 09:43:26 +0800
Subject: [PATCH] sqlInject2

---
 iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java b/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java
index 4e116ea..2ef1f30 100644
--- a/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java
+++ b/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java
@@ -2,6 +2,7 @@
 
 import com.iailab.framework.tenant.core.context.DataContextHolder;
 import com.iailab.module.data.common.utils.DateUtils;
+import com.iailab.module.data.common.xss.SQLFilter;
 import com.iailab.module.data.plan.data.entity.PlanDataSetEntity;
 import com.iailab.module.data.plan.data.service.PlanDataSetService;
 import com.iailab.module.data.plan.item.entity.PlanItemEntity;
@@ -44,6 +45,7 @@
             return null;
         }
         Map<String, Object> params = getSqlParams(dataSet, startTime, endTime);
+        SQLFilter.sqlInject2(dataSet.getQuerySql());
         DataContextHolder.setDataSourceId(Long.valueOf(dataSet.getDataSource()));
         List<PlanItemDataVO> dataList = planItemService.getSourceValue(params);
 

--
Gitblit v1.9.3