201206030/novel-plus
1
0
Fork 0
mirror of https://github.com/201206030/novel-plus.git synced 2025-09-14 05:02:43 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix: 修复sort和order参数的SQL注入漏洞

Browse Source
This commit is contained in:
xiongxiaoyang
2025-07-17 19:03:58 +08:00
parent 54bd194b98
commit 3db8828384
36 changed files with 344 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
novel-front/src/main/java/com/java2nb/novel/mapper/FrontBookMapper.java
View File

@@ -1,5 +1,6 @@
package com.java2nb.novel.mapper;
import com.java2nb.novel.core.annotation.ValidateSortOrder;
import com.java2nb.novel.entity.Book;
import com.java2nb.novel.vo.BookSpVO;
import com.java2nb.novel.vo.BookVO;
@@ -13,7 +14,7 @@ import java.util.List;
public interface FrontBookMapper extends BookMapper {
List<BookVO> searchByPage(BookSpVO params);
List<BookVO> searchByPage(@ValidateSortOrder BookSpVO params);
void addVisitCount(@Param("bookId") Long bookId, @Param("visitCount") Integer visitCount);