From af8f87298fc611ac371216e278a18abac6ca0766 Mon Sep 17 00:00:00 2001
From: ZY <zc857179121@qq.com>
Date: 星期一, 28 十月 2024 12:11:50 +0800
Subject: [PATCH] sql注入漏洞

---
 src/main/java/com/zy/common/service/AgvCommonService.java |   11 +++++++++--
 1 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/zy/common/service/AgvCommonService.java b/src/main/java/com/zy/common/service/AgvCommonService.java
index 8efe2b6..e7aded0 100644
--- a/src/main/java/com/zy/common/service/AgvCommonService.java
+++ b/src/main/java/com/zy/common/service/AgvCommonService.java
@@ -238,7 +238,10 @@
         Boolean orderBy = false;
         int levCount = 0;
         int times = 1;
-        if (floor == 1) {
+        if (floor == 1 || floor >= 4) {
+            if (floor >= 4 ) {
+                floor = 1;
+            }
             orderBy = true;
             levCount = 2;
         } else {
@@ -253,7 +256,11 @@
             if (isEmpty) {
                 wrapper.eq("floor", floor).eq("lev1",1);
             } else {
-                wrapper.eq("floor", floor).orderBy("lev1",!orderBy);
+                if (isCurrLev) {
+                    wrapper.eq("floor", floor).eq("lev1",1);
+                } else {
+                    wrapper.eq("floor", floor).orderBy("lev1",!orderBy);
+                }
             }
 
 

--
Gitblit v1.9.1