From 90ec21220d6e331e2fa791fa14fec24c0ad67a5b Mon Sep 17 00:00:00 2001
From: liriming <1343021927@qq.com>
Date: 星期四, 27 三月 2025 16:04:01 +0800
Subject: [PATCH] 动态数据源

---
 iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java |   12 +++++++++---
 1 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java b/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java
index e46e544..f049edc 100644
--- a/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java
+++ b/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/plan/item/collection/PlanItemCollector.java
@@ -2,6 +2,7 @@
 
 import com.iailab.framework.tenant.core.context.DataContextHolder;
 import com.iailab.module.data.common.utils.DateUtils;
+import com.iailab.module.data.common.xss.SQLFilter;
 import com.iailab.module.data.plan.data.entity.PlanDataSetEntity;
 import com.iailab.module.data.plan.data.service.PlanDataSetService;
 import com.iailab.module.data.plan.item.entity.PlanItemEntity;
@@ -44,6 +45,7 @@
             return null;
         }
         Map<String, Object> params = getSqlParams(dataSet, startTime, endTime);
+        SQLFilter.sqlInject2(dataSet.getQuerySql());
         DataContextHolder.setDataSourceId(Long.valueOf(dataSet.getDataSource()));
         List<PlanItemDataVO> dataList = planItemService.getSourceValue(params);
 
@@ -83,6 +85,8 @@
             return null;
         }
         Map<String, Object> params = getSqlParams(dataSet, startTime, endTime);
+        SQLFilter.sqlInject2(dataSet.getQuerySql());
+        DataContextHolder.setDataSourceId(Long.valueOf(dataSet.getDataSource()));
         return planItemService.getSourceValue(params);
     }
 
@@ -93,10 +97,12 @@
         StringBuilder whereSql = new StringBuilder();
         String startStr = DateUtils.format(startTime, DateUtils.DATE_NUMBER_PATTERN);
         String endStr = DateUtils.format(endTime, DateUtils.DATE_NUMBER_PATTERN);
-        whereSql.append(" plan_t.start_time <= ")
+        whereSql.append(" plan_t.start_time <= '")
                 .append(endStr)
-                .append(" and plan_t.end_time >= ")
-                .append(startStr);
+                .append("'")
+                .append(" and plan_t.end_time >= '")
+                .append(startStr)
+                .append("'");
         params.put("whereSql", whereSql.toString());
         return params;
     }

--
Gitblit v1.9.3