防止sql注入%
This commit is contained in:
parent
35ba4ea213
commit
982d7840d8
|
|
@ -35,7 +35,7 @@ public class KitchenSettingController extends BaseController {
|
|||
@ApiOperation(value = "查询功能参数配置列表")
|
||||
//@RequiresPermissions("kitchen:setting:list")
|
||||
@GetMapping("/list")
|
||||
public TableDataInfo list(@Valid KitchenSetting kitchenSetting) {
|
||||
public TableDataInfo list(KitchenSetting kitchenSetting) {
|
||||
startPage();
|
||||
List<KitchenSetting> list = kitchenSettingService.selectKitchenSettingList(kitchenSetting);
|
||||
return getDataTable(list);
|
||||
|
|
|
|||
|
|
@ -26,7 +26,6 @@ public class KitchenSetting extends BaseEntity {
|
|||
/** 参数键名 */
|
||||
@Excel(name = "参数键名")
|
||||
@ApiModelProperty(value = "参数键名")
|
||||
@NoPercent
|
||||
private String itemName;
|
||||
|
||||
/** 参数主键 */
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
|
|||
<select id="selectKitchenSettingList" parameterType="com.bonus.canteen.core.kitchen.domain.KitchenSetting" resultMap="KitchenSettingResult">
|
||||
<include refid="selectKitchenSettingVo"/>
|
||||
<where>
|
||||
<if test="itemName != null and itemName != ''"> and item_name like concat('%', #{itemName}, '%')</if>
|
||||
<if test="itemName != null and itemName != ''"> and item_name = #{itemName}</if>
|
||||
<if test="itemValue != null and itemValue != ''"> and item_value = #{itemValue}</if>
|
||||
<if test="itemDescription != null and itemDescription != ''"> and item_description like concat('%', #{itemDescription}, '%')</if>
|
||||
</where>
|
||||
|
|
|
|||
Loading…
Reference in New Issue