jiangyc/RuoYi-Vue-Plus
1
0
Fork 0
mirror of https://github.com/dromara/RuoYi-Vue-Plus.git synced 2025-09-24 07:19:46 +08:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://gitee.com/y_project/RuoYi-Vue

Browse Source 
 Conflicts:
	pom.xml
	ruoyi-admin/src/main/java/com/ruoyi/web/controller/common/CaptchaController.java
	ruoyi-admin/src/main/resources/application.yml
	ruoyi-common/src/main/java/com/ruoyi/common/core/redis/RedisCache.java
	ruoyi-common/src/main/java/com/ruoyi/common/utils/file/FileUploadUtils.java
	ruoyi-common/src/main/java/com/ruoyi/common/utils/file/FileUtils.java
	ruoyi-common/src/main/java/com/ruoyi/common/utils/html/EscapeUtil.java
	ruoyi-common/src/main/java/com/ruoyi/common/utils/sql/SqlUtil.java
	ruoyi-framework/src/main/java/com/ruoyi/framework/aspectj/DataScopeAspect.java
	ruoyi-framework/src/main/java/com/ruoyi/framework/web/service/TokenService.java
	ruoyi-generator/src/main/java/com/ruoyi/generator/controller/GenController.java
	ruoyi-generator/src/main/java/com/ruoyi/generator/domain/GenTable.java
	ruoyi-generator/src/main/java/com/ruoyi/generator/service/GenTableServiceImpl.java
	ruoyi-generator/src/main/java/com/ruoyi/generator/service/IGenTableService.java
	ruoyi-generator/src/main/java/com/ruoyi/generator/util/VelocityUtils.java
	ruoyi-generator/src/main/resources/mapper/generator/GenTableMapper.xml
	ruoyi-generator/src/main/resources/vm/vue/index.vue.vm
	ruoyi-system/src/main/java/com/ruoyi/system/mapper/SysMenuMapper.java
	ruoyi-system/src/main/resources/mapper/system/SysDeptMapper.xml
	ruoyi-ui/babel.config.js
	ruoyi-ui/package.json
	ruoyi-ui/src/api/tool/gen.js
	ruoyi-ui/src/assets/styles/ruoyi.scss
	ruoyi-ui/src/components/HeaderSearch/index.vue
	ruoyi-ui/src/layout/components/TagsView/ScrollPane.vue
	ruoyi-ui/src/main.js
	ruoyi-ui/src/utils/ruoyi.js
	ruoyi-ui/src/views/login.vue
	ruoyi-ui/src/views/monitor/job/index.vue
	ruoyi-ui/src/views/monitor/logininfor/index.vue
	ruoyi-ui/src/views/monitor/online/index.vue
	ruoyi-ui/src/views/monitor/operlog/index.vue
	ruoyi-ui/src/views/system/config/index.vue
	ruoyi-ui/src/views/system/dept/index.vue
	ruoyi-ui/src/views/system/dict/data.vue
	ruoyi-ui/src/views/system/dict/index.vue
	ruoyi-ui/src/views/system/menu/index.vue
	ruoyi-ui/src/views/system/notice/index.vue
	ruoyi-ui/src/views/system/post/index.vue
	ruoyi-ui/src/views/system/role/index.vue
	ruoyi-ui/src/views/system/user/index.vue
	ruoyi-ui/src/views/tool/gen/genInfoForm.vue
	ruoyi-ui/src/views/tool/gen/index.vue
	ruoyi-ui/vue.config.js
	sql/ry_20200724.sql
This commit is contained in:
疯狂的狮子li
2020-08-02 18:31:47 +08:00
parent a95abff0d3 4dcf737db0
commit c966d9bada
56 changed files with 1058 additions and 311 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
ruoyi-common/src/main/java/com/ruoyi/common/utils/sql/SqlUtil.java
View File

@ -1,5 +1,6 @@
package com.ruoyi.common.utils.sql;
import com.ruoyi.common.exception.BaseException;
import com.ruoyi.common.utils.StringUtils;
/**
@ -10,9 +11,9 @@ import com.ruoyi.common.utils.StringUtils;
public class SqlUtil
{
/**
* 仅支持字母、数字、下划线、空格、逗号(支持多个字段排序)
* 仅支持字母、数字、下划线、空格、逗号、小数点(支持多个字段排序)
*/
public static String SQL_PATTERN = "[a-zA-Z0-9_\\ \\,]+";
public static String SQL_PATTERN = "[a-zA-Z0-9_\\ \\,\\.]+";
/**
* 检查字符,防止注入绕过
@ -21,7 +22,7 @@ public class SqlUtil
{
if (StringUtils.isNotEmpty(value) && !isValidOrderBySql(value))
{
return StringUtils.EMPTY;
throw new BaseException("参数不符合规范,不能进行查询");
}
return value;
}