SQL Injection: MyBatis Mapper(SQL注入：MyBatis Mapper)

3e89820d · litengwei · 027aefdf · 3e89820d
Commit 3e89820d authored Mar 26, 2024 by litengwei
Hide whitespace changes
Inline Side-by-side

Showing with 5 additions and 5 deletions

dbTemplate_plan_task.xml ...rol/src/main/resources/db/mapper/dbTemplate_plan_task.xml +5 -5

No files found.
--- a/amos-boot-system-patrol/src/main/resources/db/mapper/dbTemplate_plan_task.xml
+++ b/amos-boot-system-patrol/src/main/resources/db/mapper/dbTemplate_plan_task.xml
@@ -102,7 +102,7 @@
 		order by b.id desc
 		<choose>
 	     <when test="pageSize==-1"></when>
-	     <when test="pageSize!=-1">limit ${offset},${pageSize}</when>
+	     <when test="pageSize!=-1">limit #{offset},#{pageSize}</when>
 	    </choose>
 	</select>

@@ -238,7 +238,7 @@
 			) a
 		<include refid="plan-task-app-where"/>
 		<if test="orderBy != null and orderBy != ''"> order by ${orderBy} </if>
-		limit ${offset},${pageSize}
+		limit #{offset},#{pageSize}
 	</select>
 	<select id="getPlanTasksCount" resultType="long">
 		SELECT
@@ -555,7 +555,7 @@
 		order by a.id
 		<choose>
 	     <when test="pageSize==-1"></when>
-	     <when test="pageSize!=-1">limit ${offset},${pageSize}</when>
+	     <when test="pageSize!=-1">limit #{offset},#{pageSize}</when>
 	    </choose>
 	</select>

@@ -588,7 +588,7 @@
 		order by a.id
 		<choose>
 			<when test="pageSize==-1"></when>
-			<when test="pageSize!=-1">limit ${offset},${pageSize}</when>
+			<when test="pageSize!=-1">limit #{offset},#{pageSize}</when>
 		</choose>
 	</select>

@@ -1177,7 +1177,7 @@
 			ppk.begin_time DESC
 		<choose>
 			<when test="param.pageSize==-1"></when>
-			<when test="param.pageSize!=-1">limit ${param.pageNumber}, ${param.pageSize}</when>
+			<when test="param.pageSize!=-1">limit #{param.pageNumber}, #{param.pageSize}</when>
 		</choose>
 	</select>