Home Explore Help
Register Sign In
lqb
/
fuintBackend
mirror of https://gitee.com/fuint/fuintBackend.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

fixed SQL注入漏洞修复

fushengqian 3 months ago
parent
eff8163e4a
commit
6d905b3a30
1 changed files with 1 additions and 1 deletions
Split View Show Diff Stats
  1. 1 1
      fuint-application/src/main/java/com/fuint/common/service/impl/GoodsServiceImpl.java

+ 1 - 1
fuint-application/src/main/java/com/fuint/common/service/impl/GoodsServiceImpl.java
View File 

@@ -110,7 +110,7 @@ public class GoodsServiceImpl extends ServiceImpl<MtGoodsMapper, MtGoods> implem
 
         if (StringUtils.isNotBlank(storeId)) {
 
             lambdaQueryWrapper.and(qw -> qw.eq(MtGoods::getStoreId, storeId)
 
                                         .or(qw2 -> qw2.eq(MtGoods::getStoreId, 0)
 
-                                        .inSql(MtGoods::getId, "SELECT s.GOODS_ID FROM mt_store_goods s WHERE s.STORE_ID = "+storeId+" AND s.status = 'A'")));
 
+                                        .inSql(MtGoods::getId, "SELECT s.GOODS_ID FROM mt_store_goods s WHERE s.STORE_ID = "+Integer.parseInt(storeId)+" AND s.status = 'A'")));
 
         }
 
         String type = paginationRequest.getSearchParams().get("type") == null ? "" : paginationRequest.getSearchParams().get("type").toString();
 
         if (StringUtils.isNotBlank(type)) {