From 976e14ad95b0eb0ae2ee08a014c9b435f452b40f Mon Sep 17 00:00:00 2001
From: 潘志宝 <979469083@qq.com>
Date: 星期一, 20 一月 2025 09:28:11 +0800
Subject: [PATCH] sqlInject
---
iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/ind/data/controller/admin/IndDataSetController.java | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/ind/data/controller/admin/IndDataSetController.java b/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/ind/data/controller/admin/IndDataSetController.java
index bd83fbe..d117c17 100644
--- a/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/ind/data/controller/admin/IndDataSetController.java
+++ b/iailab-module-data/iailab-module-data-biz/src/main/java/com/iailab/module/data/ind/data/controller/admin/IndDataSetController.java
@@ -3,6 +3,7 @@
import com.iailab.framework.common.pojo.CommonResult;
import com.iailab.framework.common.pojo.PageResult;
import com.iailab.framework.common.util.object.BeanUtils;
+import com.iailab.module.data.common.xss.SQLFilter;
import com.iailab.module.data.ind.data.entity.IndDataSetEntity;
import com.iailab.module.data.ind.data.service.IndDataSetService;
import com.iailab.module.data.ind.data.vo.IndDataSetPageReqVO;
@@ -47,6 +48,7 @@
@Operation(summary = "创建指标数据集")
@PreAuthorize("@ss.hasPermission('data:ind-data-set:create')")
public CommonResult<Boolean> create(@Valid @RequestBody IndDataSetSaveReqVO createReqVO) {
+ SQLFilter.sqlInject(createReqVO.getQuerySql());
indDataSetService.create(createReqVO);
return success(true);
}
@@ -55,6 +57,7 @@
@Operation(summary = "修改指标数据集")
@PreAuthorize("@ss.hasPermission('data:ind-data-set:update')")
public CommonResult<Boolean> update(@Valid @RequestBody IndDataSetSaveReqVO updateReqVO) {
+ SQLFilter.sqlInject(updateReqVO.getQuerySql());
indDataSetService.update(updateReqVO);
return success(true);
}
--
Gitblit v1.9.3