From af8f87298fc611ac371216e278a18abac6ca0766 Mon Sep 17 00:00:00 2001
From: ZY <zc857179121@qq.com>
Date: 星期一, 28 十月 2024 12:11:50 +0800
Subject: [PATCH] sql注入漏洞

---
 src/main/java/com/zy/asrs/controller/AgvWrkMastController.java |   78 +++++++++++++++++++++++++-------------
 1 files changed, 51 insertions(+), 27 deletions(-)

diff --git a/src/main/java/com/zy/asrs/controller/AgvWrkMastController.java b/src/main/java/com/zy/asrs/controller/AgvWrkMastController.java
index a6cc241..b6e2b87 100644
--- a/src/main/java/com/zy/asrs/controller/AgvWrkMastController.java
+++ b/src/main/java/com/zy/asrs/controller/AgvWrkMastController.java
@@ -17,7 +17,6 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.bind.annotation.*;
 
-import java.io.IOException;
 import java.util.*;
 
 @RestController
@@ -55,6 +54,31 @@
         }else {
             wrapper.orderBy("io_time", false);
         }
+        Page<AgvWrkMast> agvWrkMastPage = agvWrkMastService.selectPage(new Page<>(curr, limit), wrapper);
+        return R.ok(agvWrkMastPage);
+    }
+
+    @RequestMapping(value = "/wrkMast/list/auth/dbList")
+    @ManagerAuth
+    public R dbList(@RequestParam(defaultValue = "1")Integer curr,
+                  @RequestParam(defaultValue = "10")Integer limit,
+                  @RequestParam(required = false)String orderByField,
+                  @RequestParam(required = false)String orderByType,
+                  @RequestParam(required = false)String condition,
+                  @RequestParam Map<String, Object> param){
+        excludeTrash(param);
+        EntityWrapper<AgvWrkMast> wrapper = new EntityWrapper<>();
+        convert(param, wrapper);
+        allLike(AgvWrkMast.class, param.keySet(), wrapper, condition);
+        if (!Cools.isEmpty(orderByField)){
+            if (orderByField.endsWith("$")){
+                orderByField = orderByField.substring(0, orderByField.length()-1);
+            }
+            wrapper.orderBy(humpToLine(orderByField), "asc".equals(orderByType));
+        }else {
+            wrapper.orderBy("io_time", false);
+        }
+        wrapper.in("io_type",108,111,112);
         return R.ok(agvWrkMastService.selectPage(new Page<>(curr, limit), wrapper));
     }
 
@@ -158,30 +182,30 @@
         return R.ok();
     }
 
-    @RequestMapping(value = "/wrkMast/startWrk/auth")
-    @ManagerAuth(memo = "宸ヤ綔妗ｅ紑濮嬩换鍔�")
-    public R startWrk(@RequestParam String param) throws IOException {
-        List<AgvWrkMast> agvWrkMastList = JSONArray.parseArray(param, AgvWrkMast.class);
-        if (Cools.isEmpty(agvWrkMastList)){
-            return R.error();
-        }
-        Map<String, List<Map<String, String>>> containerMoveParam = agvWrkMastService.startWrk(agvWrkMastList);
-
-        int code = agvWrkMastService.containerMove(containerMoveParam);
-
-        if(code == 0){
-            agvWrkMastList.forEach(agvWrkMast -> {
-                //202.RCS鍙栬揣涓�
-                agvWrkMast.setWrkSts((long)202);
-                //淇敼AGV鍏ュ簱閫氱煡妗ｇ姸鎬佸叆鍑虹姸鎬佷负Y
-                agvWaitPakinService.updateIoStatus(agvWrkMast.getWrkNo(),"Y");
-            });
-            agvWrkMastService.updateBatchById(agvWrkMastList);
-
-            return R.ok("浠诲姟鍚姩鎴愬姛");
-        }
-
-        return R.error("浠诲姟鍚姩澶辫触");
-
-    }
+//    @RequestMapping(value = "/wrkMast/startWrk/auth")
+//    @ManagerAuth(memo = "宸ヤ綔妗ｅ紑濮嬩换鍔�")
+//    public R startWrk(@RequestParam String param) throws IOException {
+//        List<AgvWrkMast> agvWrkMastList = JSONArray.parseArray(param, AgvWrkMast.class);
+//        if (Cools.isEmpty(agvWrkMastList)){
+//            return R.error();
+//        }
+//        int startWrkCode = agvWrkMastService.startWrk(agvWrkMastList,"putaway");
+//
+//        int code = agvWrkMastService.containerMoveIn(agvWrkMastList);
+//
+//        if(code == 0){
+//            agvWrkMastList.forEach(agvWrkMast -> {
+//                //202.RCS鍙栬揣涓�
+//                agvWrkMast.setWrkSts((long)202);
+//                //淇敼AGV鍏ュ簱閫氱煡妗ｇ姸鎬佸叆鍑虹姸鎬佷负Y
+//                agvWaitPakinService.updateIoStatus(agvWrkMast.getWrkNo(),"Y");
+//            });
+//            agvWrkMastService.updateBatchById(agvWrkMastList);
+//
+//            return R.ok("浠诲姟鍚姩鎴愬姛");
+//        }
+//
+//        return R.error("浠诲姟鍚姩澶辫触");
+//
+//    }
 }

--
Gitblit v1.9.1