From af8f87298fc611ac371216e278a18abac6ca0766 Mon Sep 17 00:00:00 2001
From: ZY <zc857179121@qq.com>
Date: 星期一, 28 十月 2024 12:11:50 +0800
Subject: [PATCH] sql注入漏洞
---
src/main/java/com/zy/asrs/service/impl/OpenServiceImpl.java | 21 ++++++++++++++++++++-
1 files changed, 20 insertions(+), 1 deletions(-)
diff --git a/src/main/java/com/zy/asrs/service/impl/OpenServiceImpl.java b/src/main/java/com/zy/asrs/service/impl/OpenServiceImpl.java
index 94cdbb2..22aaa45 100644
--- a/src/main/java/com/zy/asrs/service/impl/OpenServiceImpl.java
+++ b/src/main/java/com/zy/asrs/service/impl/OpenServiceImpl.java
@@ -15,7 +15,6 @@
import com.zy.asrs.service.*;
import com.zy.asrs.utils.MatUtils;
import com.zy.common.model.DetlDto;
-import com.zy.common.model.LocDetlDto;
import com.zy.common.utils.NodeUtils;
import lombok.Synchronized;
import lombok.extern.slf4j.Slf4j;
@@ -136,6 +135,9 @@
}
OrderDetl orderDetl = new OrderDetl();
orderDetl.sync(mat);
+ if (!Cools.isEmpty(detlDto.getCFree1())){
+ orderDetl.setSpecs(detlDto.getCFree1());
+ }
orderDetl.setBatch(detlDto.getBatch());
orderDetl.setAnfme(detlDto.getAnfme());
orderDetl.setOrderId(order.getId());
@@ -631,6 +633,7 @@
} else {
mat.setTagId(tag.getId());
syncMat(mat,param);
+ System.out.println(mat.getMaktx().length());
if (matService.updateById(mat)) {
callApiLogSave(mat, "/open/asrs/mat/v1", "鎺ユ敹ERP涓嬪彂鍟嗗搧淇℃伅鎴愬姛锛佹坊鍔犲晢鍝佷俊鎭垚鍔燂紒", true);
} else {
@@ -936,6 +939,18 @@
throw new CoolException("搴撲綅鍙蜂笉瀛樺湪");
}
+ if(!Cools.eq("O",agvLocMast.getLocSts()) && !Cools.eq("F",agvLocMast.getLocSts())){
+ throw new CoolException("褰撳墠搴撲綅姝e湪浣滀笟涓紝鏃犳硶鐩樼偣璋冩暣");
+ }
+
+ if(Cools.isEmpty(params.getLocDetls())){
+ agvLocMast.setLocSts("O");
+ }else {
+ agvLocMast.setLocSts("F");
+ }
+
+ agvLocMastService.updateById(agvLocMast);
+
//鍒犻櫎鏃у簱瀛�
agvLocDetlService.delete(new EntityWrapper<AgvLocDetl>().eq("loc_no",params.getLocNo()));
@@ -967,6 +982,9 @@
order.setDocType(docType.getDocId());
//鍗曟嵁鏃ユ湡
order.setOrderTime(param.getDdate());
+
+ //渚涘簲鍟嗙紪鐮�
+ order.setSalesman(param.getCVenCode());
order.setMemo(param.getCMemo());
//鍒跺崟浜�
@@ -1017,6 +1035,7 @@
od.setLength(odParam.getINum());
+ od.setSource(order.getDocType().intValue());
od.setStatus(1);
od.setQty(0.0D);
od.setCreateBy(9999L);
--
Gitblit v1.9.1