防止sql注入%

bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/kitchen/controller/KitchenSettingController.java

@@ -35,7 +35,7 @@ public class KitchenSettingController extends BaseController {
     @ApiOperation(value = "查询功能参数配置列表")
     //@RequiresPermissions("kitchen:setting:list")
     @GetMapping("/list")
-    public TableDataInfo list(@Valid KitchenSetting kitchenSetting) {
+    public TableDataInfo list(KitchenSetting kitchenSetting) {
         startPage();
         List<KitchenSetting> list = kitchenSettingService.selectKitchenSettingList(kitchenSetting);
         return getDataTable(list);

bonus-modules/bonus-smart-canteen/src/main/java/com/bonus/canteen/core/kitchen/domain/KitchenSetting.java

@@ -26,7 +26,6 @@ public class KitchenSetting extends BaseEntity {
     /** 参数键名 */
     @Excel(name = "参数键名")
     @ApiModelProperty(value = "参数键名")
-    @NoPercent
     private String itemName;
 
     /** 参数主键 */

bonus-modules/bonus-smart-canteen/src/main/resources/mapper/kitchen/KitchenSettingMapper.xml

@@ -23,7 +23,7 @@ PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
     <select id="selectKitchenSettingList" parameterType="com.bonus.canteen.core.kitchen.domain.KitchenSetting" resultMap="KitchenSettingResult">
         <include refid="selectKitchenSettingVo"/>
         <where>  
-            <if test="itemName != null  and itemName != ''"> and item_name like concat('%', #{itemName}, '%')</if>
+            <if test="itemName != null  and itemName != ''"> and item_name = #{itemName}</if>
             <if test="itemValue != null  and itemValue != ''"> and item_value = #{itemValue}</if>
             <if test="itemDescription != null  and itemDescription != ''"> and item_description like concat('%', #{itemDescription}, '%')</if>
         </where>