Commit 505f1c7

committed

Java:MultiDataSource /execute 新增支持严格模式

1 parent b67eb21 commit 505f1c7Copy full SHA for 505f1c7

File tree

1 file changed

+27

-5

lines changed

APIJSON-Java-Server/APIJSONBoot-MultiDataSource/src/main/java/apijson/boot
- DemoController.java

1 file changed

+27

-5

lines changed

`‎APIJSON-Java-Server/APIJSONBoot-MultiDataSource/src/main/java/apijson/boot/DemoController.java`

Lines changed: 27 additions & 5 deletions

Original file line number	Diff line number	Diff line change
`@@ -647,7 +647,7 @@ private apijson.JSONRequest newVerifyRequest(int type, String phone, String veri`
`647`	`647`	`}`
`648`	`648`	`* </pre>`
`649`	`649`	`*/`
`650`		`- @PostMapping(LOGIN)`
	`650`	`+ @PostMapping(LOGIN)//TODO 改 SQLConfig 里的 dbAccount, dbPassword,直接用数据库鉴权`
`651`	`651`	`public JSONObject login(@RequestBody String request, HttpSession session) {`
`652`	`652`	`JSONObject requestObject = null;`
`653`	`653`	`boolean isPassword;`
`@@ -1324,6 +1324,7 @@ else if (APIJSON_DELEGATE_ID.toLowerCase().equals(name.toLowerCase())) {`
`1324`	`1324`	`return entity.getBody();`
`1325`	`1325`	`}`
`1326`	`1326`
	`1327`	`+ public static boolean EXECUTE_STRICTLY = true;`
`1327`	`1328`	`/**执行 SQL 语句,支持 SQLAuto,注意仅仅不要开放给后端组外的任何人,更不要暴露到公司外的公网!`
`1328`	`1329`	`* @param request 只用String,避免encode后未decode`
`1329`	`1330`	`* @return`
`@@ -1350,8 +1351,9 @@ public String execute(@RequestBody String request, HttpSession session) {`
`1350`	`1351`
`1351`	`1352`	`JSONObject req = JSON.parseObject(request);`
`1352`	`1353`	`String uri = req.getString("uri");`
`1353`		`- String sql = req.getString("sql");`
`1354`		`- List<Object> valueList = req.getJSONArray("arg");`
	`1354`	`+ String sql = StringUtil.getTrimedString(req.getString("sql"));`
	`1355`	`+ JSONArray arg = req.getJSONArray("arg");`
	`1356`	`+ List<Object> valueList = arg;`
`1355`	`1357`
`1356`	`1358`	`DemoSQLExecutor executor = new DemoSQLExecutor();`
`1357`	`1359`	`DemoSQLConfig config = new DemoSQLConfig();`
`@@ -1364,9 +1366,27 @@ public String execute(@RequestBody String request, HttpSession session) {`
`1364`	`1366`
`1365`	`1367`	`Statement statement = executor.getStatement(config, sql);`
`1366`	`1368`	`if (statement instanceof PreparedStatement) {`
`1367`		`- ((PreparedStatement) statement).execute();`
	`1369`	`+ if (EXECUTE_STRICTLY) {`
	`1370`	`+ if (sql.startsWith("SELECT ")) {`
	`1371`	`+ ((PreparedStatement) statement).executeQuery();`
	`1372`	`+ } else {`
	`1373`	`+ ((PreparedStatement) statement).executeUpdate();`
	`1374`	`+ }`
	`1375`	`+ }`
	`1376`	`+ else {`
	`1377`	`+ ((PreparedStatement) statement).execute();`
	`1378`	`+ }`
`1368`	`1379`	`} else {`
`1369`		`- statement.execute(sql);`
	`1380`	`+ if (EXECUTE_STRICTLY) {`
	`1381`	`+ if (sql.startsWith("SELECT ")) {`
	`1382`	`+ statement.executeQuery(sql);`
	`1383`	`+ } else {`
	`1384`	`+ statement.executeUpdate(sql);`
	`1385`	`+ }`
	`1386`	`+ }`
	`1387`	`+ else {`
	`1388`	`+ statement.execute(sql);`
	`1389`	`+ }`
`1370`	`1390`	`}`
`1371`	`1391`
`1372`	`1392`	`ResultSet rs = statement.getResultSet();`
`@@ -1396,6 +1416,8 @@ public String execute(@RequestBody String request, HttpSession session) {`
`1396`	`1416`	`}`
`1397`	`1417`
`1398`	`1418`	`JSONObject result = DemoParser.newSuccessResult();`
	`1419`	`+ result.put("sql", sql);`
	`1420`	`+ result.put("arg", arg);`
`1399`	`1421`	`result.put("count", statement.getUpdateCount());`
`1400`	`1422`	`result.put("list", arr);`
`1401`	`1423`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Commit 505f1c7

File tree

1 file changed

1 file changed

`‎APIJSON-Java-Server/APIJSONBoot-MultiDataSource/src/main/java/apijson/boot/DemoController.java`

0 commit comments