潘钊 / bsth_control · Commits

Commit 6204c644e0b8f29fe3b444e57a6ce52b51eca208

Authored by 王通
1 parent 068b7f39
build: skipped

1.sql注入过滤开启

Inline Side-by-side
Showing 1 changed file with 1 additions and 1 deletions
src/main/java/com/bsth/filter/SQLInjectFilter.java
  View file @6204c64
... ... @@ -33,7 +33,7 @@ public class SQLInjectFilter extends BaseFilter{
33 33 }
34 34  
35 35 private static boolean isSqlInject(String injectStr) {
36   - String injStr = "'|and|exec|create|insert|select|delete|update|count|*|%|chr|mid|master|truncate|drop|char|declare|;|or|-|+|,";
  36 + String injStr = "'|and|exec|create|insert|select|delete|update|count|*|%|chr|mid|master|truncate|drop|char|declare|or|+";
37 37 String injStrArr[] = injStr.split("\\|");
38 38 injectStr = injectStr.toLowerCase();
39 39 for (int i = 0; i < injStrArr.length; i++) {
... ...