From f59681e9cf7faedb6c28e23920c58ecb919be547 Mon Sep 17 00:00:00 2001
From: ZY <zc857179121@qq.com>
Date: 星期一, 28 十月 2024 10:14:29 +0800
Subject: [PATCH] sql注入漏洞

---
 src/main/java/com/zy/asrs/task/handler/OrderSendHandler.java |   23 +++++++++++------------
 1 files changed, 11 insertions(+), 12 deletions(-)

diff --git a/src/main/java/com/zy/asrs/task/handler/OrderSendHandler.java b/src/main/java/com/zy/asrs/task/handler/OrderSendHandler.java
index ab48658..5fcea45 100644
--- a/src/main/java/com/zy/asrs/task/handler/OrderSendHandler.java
+++ b/src/main/java/com/zy/asrs/task/handler/OrderSendHandler.java
@@ -56,7 +56,7 @@
         param.setcCusName(order.getCstmrName());
         param.setcAccount(order.getNumber());
         param.setcMemo(order.getMemo());
-        param.setType(Cools.isEmpty(order.getDocType$())?"":order.getDocType$());
+        param.setType(Cools.isEmpty(order.getDocType$()) ? "" : order.getDocType$());
         param.setdDate(Utils.getDateStr(order.getCreateTime()));
         param.setAllocation(order.getItemName());
 
@@ -64,7 +64,7 @@
         List<OpenOrderPakoutParam.Body> bodyList = new ArrayList<>();
         param.setaDDBody(bodyList);
 
-        for(OrderDetl orderDetl : orderDetlList){
+        for (OrderDetl orderDetl : orderDetlList) {
             OpenOrderPakoutParam.Body body = new OpenOrderPakoutParam.Body();
             body.setiQuantity(orderDetl.getQty());
             body.setcInvCode(orderDetl.getMatnr());
@@ -74,16 +74,15 @@
 
         doHttpRequest(param, "涓婃姤ERP鍑哄簱鍗曟嵁", url, orderReportPath, null, "127.0.0.1");
 
-        orderService.updateSettle(order.getId(),6L,0L);
-
+        orderService.updateSettle(order.getId(), 6L, 0L);
 
 
     }
 
-    private int doHttpRequest(Object requestParam, String namespace, String url, String path, String appkey, String ip){
+    private int doHttpRequest(Object requestParam, String namespace, String url, String path, String appkey, String ip) {
         String response = "";
         boolean success = false;
-        log.error(JSONObject.toJSONString(requestParam));
+        log.info(JSONObject.toJSONString(requestParam));
         try {
             response = new HttpHandler.Builder()
                     .setUri(url)
@@ -91,22 +90,22 @@
                     .setJson(JSONObject.toJSONString(requestParam))
                     .build()
                     .doPost();
+            log.info("涓婃姤ERP鍑哄簱鍗曟嵁璇锋眰杩斿洖鎶ユ枃锛歿}", response);
             JSONObject jsonObject = JSON.parseObject(response);
-
-            if(Cools.isEmpty(jsonObject.get("ErrorCode"))){
+            if (Cools.isEmpty(jsonObject.get("ErrorCode"))) {
                 throw new CoolException(jsonObject.get("ErrorMsg").toString());
             }
 
-            int code = Integer.parseInt(jsonObject.get("ErrorCode").toString()) ;
-            if(code == 0){
+            int code = Integer.parseInt(jsonObject.get("ErrorCode").toString());
+            if (code == 0) {
                 throw new CoolException(jsonObject.get("ErrorMsg").toString());
             }
             success = true;
             return code;
-        }catch (Exception e){
+        } catch (Exception e) {
             log.error(e.getMessage());
             throw new CoolException("璋冪敤鎺ュ彛鍝嶅簲閿欒");
-        }finally {
+        } finally {
             apiLogService.save(
                     namespace,
                     url + path,

--
Gitblit v1.9.1