From af8f87298fc611ac371216e278a18abac6ca0766 Mon Sep 17 00:00:00 2001
From: ZY <zc857179121@qq.com>
Date: 星期一, 28 十月 2024 12:11:50 +0800
Subject: [PATCH] sql注入漏洞

---
 src/main/java/com/zy/asrs/controller/OpenController.java |   22 +++++++++++++++++++++-
 1 files changed, 21 insertions(+), 1 deletions(-)

diff --git a/src/main/java/com/zy/asrs/controller/OpenController.java b/src/main/java/com/zy/asrs/controller/OpenController.java
index 1e2b75c..85a52f7 100644
--- a/src/main/java/com/zy/asrs/controller/OpenController.java
+++ b/src/main/java/com/zy/asrs/controller/OpenController.java
@@ -110,7 +110,7 @@
             return R.parse(BaseRes.PARAM);
         }
 
-        String docName = param.getChildren().get(0).getIQuantity() > 0 ? "閾跺骇閲囪喘鍏ュ簱鍗�" : "閾跺骇閲囪喘閫�璐у崟";
+        String docName = !Cools.isEmpty(param.getOrderType()) ? param.getOrderType() : param.getChildren().get(0).getIQuantity() > 0 ? "閾跺骇閲囪喘鍏ュ簱鍗�" : "閾跺骇閲囪喘閫�璐у崟";
         boolean pakin = param.getChildren().get(0).getIQuantity() > 0 ? true : false;
 
         openService.syncOrder(param,pakin,docName);
@@ -119,6 +119,26 @@
 
     }
 
+    /*
+    鐩樼偣鎺ュ彛
+     */
+    @PostMapping("/check/default/v1")
+    @AppAuth(memo = "搴撳瓨鐩樼偣")
+    public synchronized R checkLoc(@RequestHeader(required = false) String appkey,
+                                     @RequestBody(required = true) CheckParam param,
+                                     HttpServletRequest request){
+        auth(appkey, param, request);
+        if (Cools.isEmpty(param)) {
+            return R.parse(BaseRes.PARAM);
+        }
+
+        openService.checkAndAdjustLocDetl(param);
+
+        return R.ok("搴撳瓨璋冩暣鎴愬姛");
+
+    }
+
+
     @PostMapping("/order/pakout/default/v1")
     @AppAuth(memo = "鍚屾宸ュ崟鍗曟嵁")
     public synchronized R orderPakout(@RequestHeader(required = false) String appkey,

--
Gitblit v1.9.1