GEO后端
blame | 历史 | 补丁 | 提交 | 提交对比 | ignore whitespace
chengf
2026-02-07 e310dfdc93c20ac0c3b5fcd1a95de298cfce2ae9 
 jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/demo/copywriting/controller/CopywritingController.java


@@ -104,8 +104,19 @@


        }


        if (StringUtils.isNotBlank(copywriting.getWordLike())){


            queryWrapper.exists("SELECT 1 FROM semantic_word WHERE semantic_word.id = copywriting.word_id " +


                            "AND semantic_word.word LIKE '%" + copywriting.getWordLike() + "%'");


                    "AND semantic_word.word LIKE '%" + copywriting.getWordLike() + "%'");




        }


        if (StringUtils.isNotBlank(copywriting.getContractId())) {


            // 1. 拼接关联 contact 表的 EXISTS 子查询,使用 contact.id 作为外键关联


            // 2. 使用 MyBatis-Plus 的参数占位符避免 SQL 注入,而不是直接字符串拼接


            String existsSql = "SELECT 1 FROM semantic_word " +


                    "LEFT JOIN contract ON semantic_word.contract_id = contract.id " + // 关联 contact 表(外键关联)


                    "WHERE semantic_word.id = copywriting.word_id " +


                    "AND contract.id = " + copywriting.getContractId(); // 使用 contact 表的 id 作为条件




            // 给 QueryWrapper 设置参数,避免 SQL 注入


            queryWrapper.exists(existsSql);


        }


        Page<Copywriting> page = new Page<Copywriting>(pageNo, pageSize);


      IPage<Copywriting> pageList = copywritingService.page(page, queryWrapper);


@@ -340,7 +351,7 @@


             }




             // 添加其他文本参数


             inputs.put("wenanyaoqiu", wenanyaoqiu);


             inputs.put("benchmarkUrl", wenanyaoqiu);


             inputs.put("louchu", louchu);


             inputs.put("youshang", youshang);


             inputs.put("wenti", wenti);