'commit'

7 months ago · 073797c978
parent ee64a4ccec
commit 073797c978
2 changed files with 119 additions and 0 deletions
--- a/src/main/java/com/dsideal/base/DataEase/Controller/DataEaseController.java
+++ b/src/main/java/com/dsideal/base/DataEase/Controller/DataEaseController.java
@ -12,6 +12,7 @@ import com.dsideal.base.Interceptor.IsNumericInterface;
 import com.dsideal.base.Res.Model.ResourceModel;
 import com.dsideal.base.Util.CommonUtil;
 import com.dsideal.base.Util.CookieUtil;
 import com.dsideal.base.Util.SqlInjectionUtils;
 import com.jfinal.aop.Before;
 import com.jfinal.core.Controller;
 import com.jfinal.ext.interceptor.GET;
@ -325,6 +326,10 @@ public class DataEaseController extends Controller {
        if (StrKit.isBlank(keyword)) keyword = "";
        if (pageNumber == 0) pageNumber = 1;
        if (pageSize == 0) pageSize = 20;
        if (SqlInjectionUtils.hasSqlInjectionRisk(keyword)) {
            renderJson("输入的查询关键字存在SQL注入攻击，无法执行！");
            return;
        }
        //登录的人员
        int identity_id = Integer.parseInt(CookieUtil.getValue(getRequest(), "identity_id"));
        String person_id = CookieUtil.getValue(getRequest(), "person_id");
@ -396,6 +401,10 @@ public class DataEaseController extends Controller {
        if (StrKit.isBlank(keyword)) keyword = "";
        if (pageNumber == 0) pageNumber = 1;
        if (pageSize == 0) pageSize = 20;
        if (SqlInjectionUtils.hasSqlInjectionRisk(keyword)) {
            renderJson("输入的查询关键字存在SQL注入攻击，无法执行！");
            return;
        }
        //登录的人员
        int identity_id = Integer.parseInt(CookieUtil.getValue(getRequest(), "identity_id"));
        String person_id = CookieUtil.getValue(getRequest(), "person_id");
@ -522,6 +531,10 @@ public class DataEaseController extends Controller {
        if (pageNumber == 0) pageNumber = 1;
        if (pageSize == 0) pageSize = 20;
        if (StrKit.isBlank(keyword)) keyword = "";
        if (SqlInjectionUtils.hasSqlInjectionRisk(keyword)) {
            renderJson("输入的查询关键字存在SQL注入攻击，无法执行！");
            return;
        }
        Page<Record> list = dm.getDataSetContentByProvince(id, keyword, pageNumber, pageSize);
        renderJson(CommonUtil.renderJsonForLayUI(list));
    }
--- a/src/main/java/com/dsideal/base/Util/SqlInjectionUtils.java
+++ b/src/main/java/com/dsideal/base/Util/SqlInjectionUtils.java
@ -0,0 +1,106 @@
 package com.dsideal.base.Util;
 public class SqlInjectionUtils {
    // SQL注入风险的关键字
    private static final String[] SQL_INJECTION_KEYWORDS = {
            "SELECT", "INSERT", "UPDATE", "DELETE", "DROP", "TRUNCATE",
            "EXEC", "EXECUTE", "UNION", "CREATE", "ALTER", "GRANT",
            "--", "/*", "*/", ";", "@@", "@",
            "CHAR", "DECLARE", "CAST", "CONVERT",
            "WAITFOR", "DELAY"
    };
    // SQL注入特殊字符
    private static final String[] SQL_INJECTION_CHARS = {
            "'", "\"", "\\", "%", "_", "^", "[", "]"
    };
    /**
     * 检查输入是否存在SQL注入风险
     * @param input 待检查的字符串
     * @return 检查结果，true表示存在风险
     */
    public static boolean hasSqlInjectionRisk(String input) {
        if (input == null || input.trim().isEmpty()) {
            return false;
        }
        // 转换为大写，便于检查关键字
        String upperInput = input.toUpperCase();
        // 检查SQL关键字
        for (String keyword : SQL_INJECTION_KEYWORDS) {
            if (upperInput.contains(keyword)) {
                return true;
            }
        }
        // 检查特殊字符
        for (String specialChar : SQL_INJECTION_CHARS) {
            if (input.contains(specialChar)) {
                return true;
            }
        }
        return false;
    }
    /**
     * 清理可能存在SQL注入风险的字符串
     * @param input 待清理的字符串
     * @return 清理后的字符串
     */
    public static String cleanSqlInjection(String input) {
        if (input == null) {
            return null;
        }
        String result = input;
        // 替换SQL关键字
        for (String keyword : SQL_INJECTION_KEYWORDS) {
            result = result.replaceAll("(?i)" + keyword, "");
        }
        // 替换特殊字符
        for (String specialChar : SQL_INJECTION_CHARS) {
            result = result.replace(specialChar, "");
        }
        return result;
    }
    /**
     * 转义SQL特殊字符
     * @param input 待转义的字符串
     * @return 转义后的字符串
     */
    public static String escapeSql(String input) {
        if (input == null) {
            return null;
        }
        return input.replace("'", "''")
                .replace("\\", "\\\\")
                .replace("%", "\\%")
                .replace("_", "\\_");
    }
    /**
     * 验证并清理输入
     * @param input 输入字符串
     * @param throwException 是否抛出异常
     * @return 清理后的字符串
     */
    public static String validateAndClean(String input, boolean throwException)
            throws IllegalArgumentException {
        if (hasSqlInjectionRisk(input)) {
            if (throwException) {
                throw new IllegalArgumentException("检测到SQL注入风险: " + input);
            }
            return cleanSqlInjection(input);
        }
        return input;
    }
 }