From af8f87298fc611ac371216e278a18abac6ca0766 Mon Sep 17 00:00:00 2001
From: ZY <zc857179121@qq.com>
Date: 星期一, 28 十月 2024 12:11:50 +0800
Subject: [PATCH] sql注入漏洞
---
src/main/java/com/zy/asrs/controller/AgvOpenController.java | 82 ++++++++++++++++++++++++++++++-----------
1 files changed, 60 insertions(+), 22 deletions(-)
diff --git a/src/main/java/com/zy/asrs/controller/AgvOpenController.java b/src/main/java/com/zy/asrs/controller/AgvOpenController.java
index bb077b8..66ecba6 100644
--- a/src/main/java/com/zy/asrs/controller/AgvOpenController.java
+++ b/src/main/java/com/zy/asrs/controller/AgvOpenController.java
@@ -28,6 +28,7 @@
import javax.servlet.http.HttpServletRequest;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
+import java.util.Date;
import java.util.EnumSet;
import java.util.Map;
@@ -65,18 +66,12 @@
@AppAuth(memo = "ESS浠诲姟鍥炶皟")
public R taskEventStaus(@RequestBody AgvTaskCallBackParam param, HttpServletRequest request){
- apiLogService.save(
- "ESS浠诲姟鍥炶皟",
- "/phyzwms/agv/task/event/status",
- null,
- null,
- JSON.toJSONString(JSONObject.toJSONString(param)),
- null,
- true
- );
+
//save api log (appkey 鍚庣画娣诲姞)
+
+ R r = new R(0, "鎴愬姛");
AppAuthUtil.auth("",param, request);
int wrkNo = Integer.parseInt(param.getTaskCode());
@@ -87,7 +82,9 @@
if(Cools.isEmpty(agvWrkMast)){
agvWrkMast = agvWrkMastService.selectOne(new EntityWrapper<AgvWrkMast>().eq("barcode",param.getPodCode()));
if (Cools.isEmpty(agvWrkMast)){
- return R.error("浠诲姟缂栧彿閿欒");
+ r = R.error("浠诲姟缂栧彿閿欒");
+ logPost(param,JSONObject.toJSONString(r),false);
+ return r;
}
}
if (agvWrkMast.getIoType().equals(121)){
@@ -95,20 +92,29 @@
if (agvWrkMast.getWrkSts().equals(12L)){
WrkMastExecute wrkMastExecute = wrkMastExecuteService.selectOne(new EntityWrapper<WrkMastExecute>().eq("wrk_no", wrkNo));
if (Cools.isEmpty(wrkMastExecute) || wrkMastExecute.getWrkSts()!=1){
- return R.error("浠诲姟鐘舵�乄rkSts鍙傛暟鏈夎,WrkSts:"+wrkMastExecute.getWrkSts$());
+ r = R.error("浠诲姟鐘舵�乄rkSts鍙傛暟鏈夎,WrkSts:"+wrkMastExecute.getWrkSts$());
+ logPost(param,"浠诲姟鐘舵�乄rkSts鍙傛暟鏈夎,WrkSts:"+wrkMastExecute.getWrkSts$()+JSONObject.toJSONString(r),false);
+ return r;
} else {
wrkMastExecute.setWrkSts(wrkMastExecute.getWrkStsCode());
wrkMastExecuteService.updateById(wrkMastExecute);
}
}else {
- return R.error("浠诲姟寮傚父");
+ r = R.error("浠诲姟寮傚父");
+ logPost(param,JSONObject.toJSONString(r),false);
+
+ return r;
}
}catch (Exception e){
- return R.error(""+e.getMessage());
+ r = R.error(""+e.getMessage());
+ logPost(param,JSONObject.toJSONString(r),false);
+ return r;
}
}else {
if(agvWrkMast.getWrkSts() >= 205){
- return R.error("褰撳墠浠诲姟宸插畬鎴�");
+ r = R.error("褰撳墠浠诲姟宸插畬鎴�");
+ logPost(param,JSONObject.toJSONString(r),false);
+ return r;
}
AgvTask agvTask = AgvTask.valueOf(param.getMethod());
@@ -117,16 +123,23 @@
Method method = clz.getDeclaredMethod("success", AgvWrkMast.class, AgvTaskCallBackParam.class);
method.invoke(agvTask,agvWrkMast,param);
} catch (NoSuchMethodException e) {
- return R.error("浠诲姟鐘舵�乻tatus鍙傛暟鏈夎");
+ r = R.error("浠诲姟鐘舵�乻tatus鍙傛暟鏈夎");
+ logPost(param,JSONObject.toJSONString(r),false);
+ return r;
} catch (InvocationTargetException e) {
log.error(e.getMessage());
- return R.error();
+ r = R.error(""+e.getMessage());
+ logPost(param,JSONObject.toJSONString(r),false);
+ return r;
} catch (IllegalAccessException e) {
log.error(e.getMessage());
- return R.error();
+ r = R.error(""+e.getMessage());
+ logPost(param,JSONObject.toJSONString(r),false);
+ return r;
}
}
- return new R(0, "鎴愬姛");
+ logPost(param,JSONObject.toJSONString(r),true);
+ return r;
}
@PostMapping("/conveyor/loadContainerFinish ")
@@ -134,6 +147,18 @@
public R loadContainerFinish(@RequestBody Map<String,Object> params){
return R.ok();
+ }
+
+ private void logPost( AgvTaskCallBackParam param,String response,boolean success){
+ apiLogService.save(
+ "ESS浠诲姟鍥炶皟",
+ "/phyzwms/agv/task/event/status",
+ null,
+ null,
+ JSON.toJSONString(JSONObject.toJSONString(param)),
+ response,
+ success
+ );
}
}
@@ -158,6 +183,7 @@
agvBasDevpService.updateLocStsAndBarcodeByDevNo(agvWrkMast.getLocNo(),"F",agvWrkMast.getBarcode(),agvWrkMast.getWhsType().shortValue());
agvWrkMast.setWrkSts(206L);
}
+ agvWrkMast.setModiTime(new Date());
agvWrkMastService.updateById(agvWrkMast);
}
},
@@ -169,6 +195,7 @@
public void success(AgvWrkMast agvWrkMast, AgvTaskCallBackParam param) {
//淇敼AGV宸ヤ綔妗g殑宸ヤ綔鐘舵�佷负203.浠诲姟寮�濮�
agvWrkMast.setWrkSts(203L);
+ agvWrkMast.setModiTime(new Date());
agvWrkMastService.updateById(agvWrkMast);
}
},
@@ -179,11 +206,22 @@
@Transactional
public void success(AgvWrkMast agvWrkMast, AgvTaskCallBackParam param) {
- //鍏ュ簱浠诲姟 || 鎷f枡鍏ュ簱浠诲姟 ||鐩樼偣鍐嶅叆搴� ||绌烘澘鍏ュ簱
- if(agvWrkMast.getIoType() == 1 || agvWrkMast.getIoType() == 53 || agvWrkMast.getIoType() == 57 || agvWrkMast.getIoType() == 10){
- //淇敼婧愮珯鐐圭姸鎬佷负O.绌猴紝浠ュ強瑙g粦鎵樼洏鏉$爜
- agvBasDevpService.updateLocStsAndBarcodeByDevNo(agvWrkMast.getSourceLocNo(),"O","",null);
+ switch(agvWrkMast.getIoType()) {
+ //鍏ュ簱浠诲姟
+ case 1:
+ // 绌烘澘鍏ュ簱
+ case 10:
+ // 鎷f枡鍏ュ簱浠诲姟
+ case 53:
+ // 鐩樼偣鍐嶅叆搴�
+ case 57:
+ agvBasDevpService.updateLocStsAndBarcodeByDevNo(agvWrkMast.getSourceLocNo(),"O","",null);
+ break;
}
+ //if(agvWrkMast.getIoType() == 1 || agvWrkMast.getIoType() == 53 || agvWrkMast.getIoType() == 57 || agvWrkMast.getIoType() == 10){
+ // //淇敼婧愮珯鐐圭姸鎬佷负O.绌猴紝浠ュ強瑙g粦鎵樼洏鏉$爜
+ // agvBasDevpService.updateLocStsAndBarcodeByDevNo(agvWrkMast.getSourceLocNo(),"O","",null);
+ //}
//淇敼AGV宸ヤ綔妗g殑宸ヤ綔鐘舵�佷负203.RCS鏀捐揣涓�
agvWrkMastService.updateWrkStsByWrkNo(agvWrkMast.getWrkNo(),204);
--
Gitblit v1.9.1