From 6a5c41c91d0e10e9a48f96d58f4a191b953106ea Mon Sep 17 00:00:00 2001
From: liriming <1343021927@qq.com>
Date: 星期四, 27 三月 2025 16:10:59 +0800
Subject: [PATCH] Merge branch 'master' of http://dlindusit.com:53929/r/iailab-plat
---
iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java b/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java
index 4e116ea..acd6dcb 100644
--- a/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java
+++ b/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java
@@ -2,6 +2,7 @@
import com.iailab.framework.tenant.core.context.DataContextHolder;
import com.iailab.module.data.common.utils.DateUtils;
+import com.iailab.module.data.common.xss.SQLFilter;
import com.iailab.module.data.plan.data.entity.PlanDataSetEntity;
import com.iailab.module.data.plan.data.service.PlanDataSetService;
import com.iailab.module.data.plan.item.entity.PlanItemEntity;
@@ -44,6 +45,7 @@
return null;
}
Map<String, Object> params = getSqlParams(dataSet, startTime, endTime);
+ SQLFilter.sqlInject2(dataSet.getQuerySql());
DataContextHolder.setDataSourceId(Long.valueOf(dataSet.getDataSource()));
List<PlanItemDataVO> dataList = planItemService.getSourceValue(params);
@@ -83,6 +85,10 @@
return null;
}
Map<String, Object> params = getSqlParams(dataSet, startTime, endTime);
+ // 过滤sql注入
+ SQLFilter.sqlInject2(dataSet.getQuerySql());
+ // 切换数据源
+ DataContextHolder.setDataSourceId(Long.valueOf(dataSet.getDataSource()));
return planItemService.getSourceValue(params);
}
--
Gitblit v1.9.3