From 8bc7296fb4f8d87fc514a7ef04b8a419948de836 Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: Fri, 20 Dec 2019 11:34:45 +0800
Subject: [PATCH] 添加HTML过滤器，用于去除XSS漏洞隐患

---
 ruoyi/src/main/resources/mybatis/system/SysUserMapper.xml |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/ruoyi/src/main/resources/mybatis/system/SysUserMapper.xml b/ruoyi/src/main/resources/mybatis/system/SysUserMapper.xml
index 85d1786..25dd072 100644
--- a/ruoyi/src/main/resources/mybatis/system/SysUserMapper.xml
+++ b/ruoyi/src/main/resources/mybatis/system/SysUserMapper.xml
@@ -67,11 +67,11 @@
 		<if test="phonenumber != null and phonenumber != ''">
 			AND u.phonenumber like concat('%', #{phonenumber}, '%')
 		</if>
-		<if test="params.beginTime != null and params.beginTime != ''"><!-- 开始时间检索 -->
-			AND date_format(u.create_time,'%y%m%d') &gt;= date_format(#{params.beginTime},'%y%m%d')
+		<if test="beginTime != null and beginTime != ''"><!-- 开始时间检索 -->
+			AND date_format(u.create_time,'%y%m%d') &gt;= date_format(#{beginTime},'%y%m%d')
 		</if>
-		<if test="params.endTime != null and params.endTime != ''"><!-- 结束时间检索 -->
-			AND date_format(u.create_time,'%y%m%d') &lt;= date_format(#{params.endTime},'%y%m%d')
+		<if test="endTime != null and endTime != ''"><!-- 结束时间检索 -->
+			AND date_format(u.create_time,'%y%m%d') &lt;= date_format(#{endTime},'%y%m%d')
 		</if>
 		<if test="deptId != null and deptId != 0">
 			AND (u.dept_id = #{deptId} OR u.dept_id IN ( SELECT t.dept_id FROM sys_dept t WHERE FIND_IN_SET (#{deptId},ancestors) ))

--
Gitblit v1.9.2