|
|
@@ -158,7 +158,8 @@ public class QueryGenerator {
|
|
|
log.error(e.getMessage(), e);
|
|
|
}
|
|
|
}
|
|
|
-
|
|
|
+ // 排序逻辑 处理(只检验sql注入,不执行赋值)
|
|
|
+ doMultiFieldsOrderForRule(queryWrapper, parameterMap);
|
|
|
//高级查询
|
|
|
doSuperQuery(queryWrapper, parameterMap);
|
|
|
|
|
|
@@ -268,6 +269,26 @@ public class QueryGenerator {
|
|
|
}
|
|
|
|
|
|
//多字段排序 TODO 需要修改前端
|
|
|
+ public static void doMultiFieldsOrderForRule(QueryWrapper<?> queryWrapper, Map<String, String[]> parameterMap) {
|
|
|
+ String column = null, order = null;
|
|
|
+ if (parameterMap != null && parameterMap.containsKey(ORDER_COLUMN)) {
|
|
|
+ column = parameterMap.get(ORDER_COLUMN)[0];
|
|
|
+ }
|
|
|
+ if (parameterMap != null && parameterMap.containsKey(ORDER_TYPE)) {
|
|
|
+ order = parameterMap.get(ORDER_TYPE)[0];
|
|
|
+ }
|
|
|
+ log.debug("排序规则>>列:" + column + ",排序方式:" + order);
|
|
|
+ if (oConvertUtils.isNotEmpty(column) && oConvertUtils.isNotEmpty(order)) {
|
|
|
+ //字典字段,去掉字典翻译文本后缀
|
|
|
+ if (column.endsWith(CommonConstant.DICT_TEXT_SUFFIX)) {
|
|
|
+ column = column.substring(0, column.lastIndexOf(CommonConstant.DICT_TEXT_SUFFIX));
|
|
|
+ }
|
|
|
+ //SQL注入check
|
|
|
+ SqlInjectionUtil.filterContent(column);
|
|
|
+ }
|
|
|
+ }
|
|
|
+
|
|
|
+ //多字段排序 TODO 需要修改前端
|
|
|
public static void doMultiFieldsOrder(QueryWrapper<?> queryWrapper, Map<String, String[]> parameterMap) {
|
|
|
String column = null, order = null;
|
|
|
if (parameterMap != null && parameterMap.containsKey(ORDER_COLUMN)) {
|
ZhangWenQiang