From 52e1717014241593b110c46e53654f4b6749f854 Mon Sep 17 00:00:00 2001
From: mingliangyang <yml@shencevc.cn>
Date: Fri, 27 May 2022 12:06:27 +0800
Subject: [PATCH] 增加对空字符串参数的过滤

---
 ruoyi-common/src/main/java/com/ruoyi/common/utils/sql/SqlUtil.java |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/ruoyi-common/src/main/java/com/ruoyi/common/utils/sql/SqlUtil.java b/ruoyi-common/src/main/java/com/ruoyi/common/utils/sql/SqlUtil.java
index 03832f9..5243849 100644
--- a/ruoyi-common/src/main/java/com/ruoyi/common/utils/sql/SqlUtil.java
+++ b/ruoyi-common/src/main/java/com/ruoyi/common/utils/sql/SqlUtil.java
@@ -50,8 +50,10 @@
             return;
         }
         String[] sqlKeywords = StringUtils.split(SQL_REGEX, "\\|");
-        for (String sqlKeyword : sqlKeywords) {
-            if (StringUtils.indexOfIgnoreCase(value, sqlKeyword) > -1) {
+        for (String sqlKeyword : sqlKeywords)
+        {
+            if (StringUtils.indexOfIgnoreCase(value, sqlKeyword) > -1)
+            {
                 throw new UtilException("参数存在SQL注入风险");
             }
         }

--
Gitblit v1.9.2