From 0ced772c403923d79825a0efc3db133a26ed9712 Mon Sep 17 00:00:00 2001
From: java110 <928255095@qq.com>
Date: 星期二, 19 十月 2021 13:37:55 +0800
Subject: [PATCH] 优化代码

---
 service-oa/src/main/java/com/java110/oa/cmd/oaWorkflow/UpdateOaWorkflowFormData.java |   13 ++++++++-----
 1 files changed, 8 insertions(+), 5 deletions(-)

diff --git a/service-oa/src/main/java/com/java110/oa/cmd/oaWorkflow/UpdateOaWorkflowFormData.java b/service-oa/src/main/java/com/java110/oa/cmd/oaWorkflow/UpdateOaWorkflowFormData.java
index 6b8f857..6c57c57 100644
--- a/service-oa/src/main/java/com/java110/oa/cmd/oaWorkflow/UpdateOaWorkflowFormData.java
+++ b/service-oa/src/main/java/com/java110/oa/cmd/oaWorkflow/UpdateOaWorkflowFormData.java
@@ -19,13 +19,14 @@
 
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Map;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
 
 /**
  * 淇敼琛ㄥ崟鏁版嵁
  */
-@Java110Cmd(serviceCode = "/oaWorkflow/updateOaWorkflowFormData")
+@Java110Cmd(serviceCode = "oaWorkflow.updateOaWorkflowFormData")
 public class UpdateOaWorkflowFormData extends AbstractServiceCmdListener {
 
     @Autowired
@@ -46,6 +47,9 @@
     @Override
     @Java110Transactional
     public void doCmd(CmdEvent event, ICmdDataFlowContext cmdDataFlowContext, JSONObject reqJson) throws CmdException {
+        Map<String,String> headers = cmdDataFlowContext.getReqHeaders();
+
+        reqJson.put("storeId",headers.get("store-id"));
 
         OaWorkflowFormDto oaWorkflowFormDto = new OaWorkflowFormDto();
         oaWorkflowFormDto.setFlowId(reqJson.get("flowId").toString());
@@ -71,12 +75,11 @@
         }
 
         List<String> columns = new ArrayList<>();
-        List<String> values = new ArrayList<>();
         for (String key : reqJson.keySet()) {
-            if ("flowId".equals(key) || "id".equals(key)) {
+            if ("flowId".equals(key) || "id".equals(key) || "storeId".equals(key)) {
                 continue;
             }
-            columns.add(key + "=" + reqJson.getString(key));
+            columns.add(key + "='" + reqJson.getString(key)+"'");
 
             //绠�鍗曟牎楠�
             validateColumns(columns);
@@ -107,7 +110,7 @@
     }
 
     public static boolean containsSqlInjection(Object obj) {
-        Pattern pattern = Pattern.compile("\\b(exec|insert|select|drop|grant|alter|delete|update|count|chr|mid|master|truncate|char|declare)\\b|(\\*|;|\\+|'|%)");
+        Pattern pattern = Pattern.compile("\\b(exec|insert|select|drop|grant|alter|delete|update|count|chr|mid|master|truncate|char|declare)");
         Matcher matcher = pattern.matcher(obj.toString().toLowerCase());
         return matcher.find();
     }

--
Gitblit v1.8.0