From af8f87298fc611ac371216e278a18abac6ca0766 Mon Sep 17 00:00:00 2001
From: ZY <zc857179121@qq.com>
Date: 星期一, 28 十月 2024 12:11:50 +0800
Subject: [PATCH] sql注入漏洞
---
src/main/java/com/zy/asrs/controller/OrderDetlController.java | 11 ++++++++---
1 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/src/main/java/com/zy/asrs/controller/OrderDetlController.java b/src/main/java/com/zy/asrs/controller/OrderDetlController.java
index e56ddff..349450e 100644
--- a/src/main/java/com/zy/asrs/controller/OrderDetlController.java
+++ b/src/main/java/com/zy/asrs/controller/OrderDetlController.java
@@ -15,7 +15,9 @@
import com.zy.asrs.entity.OrderDetl;
import com.zy.asrs.service.*;
import com.zy.common.web.BaseController;
+import lombok.Synchronized;
import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.util.StopWatch;
import org.springframework.web.bind.annotation.*;
import java.util.ArrayList;
@@ -149,12 +151,15 @@
}
@RequestMapping(value = "/orderDetl/pakout/list/authV3")
+ @Synchronized
@ManagerAuth
public R pakoutList3(@RequestParam(defaultValue = "1")Integer curr,
@RequestParam(defaultValue = "10")Integer limit,
@RequestParam(required = false)String orderByField,
@RequestParam(required = false)String orderByType,
@RequestParam Map<String, Object> param){
+ StopWatch stopWatch = new StopWatch();
+ stopWatch.start();
EntityWrapper<OrderDetl> wrapper = new EntityWrapper<>();
excludeTrash(param);
convertLike(param, wrapper);
@@ -168,14 +173,14 @@
docIds.add(pakin.getDocId());
}
}
-
- wrapper.in("source",docIds);
+ wrapper.ne("source",19);
Page<OrderDetl> page = orderDetlService.selectPage(new Page<>(curr, limit), wrapper);
for (OrderDetl record : page.getRecords()) {
Double sumAnfme = agvLocDetlService.getSumAnfme(record.getMatnr(), record.getThreeCode());
record.setStock(sumAnfme == null ? 0 : sumAnfme);
}
-
+ stopWatch.stop();
+ System.out.println(stopWatch.getTotalTimeSeconds());
return R.ok(page);
}
--
Gitblit v1.9.1