Ruoyi encapsulated SqlUtil [order by to prevent sql injection, verify order by syntax rules] - Code World

Ruoyi encapsulated SqlUtil [order by to prevent sql injection, verify order by syntax rules]

Language 2023-09-09 22:26:55 views: null

package com.ruoyi.common.utils.sql; 

import com.ruoyi.common.utils.StringUtils; 

/** 
 * sql operation tool class 
 * 
 * @author ruoyi 
 */ 
public class SqlUtil 
{ 
    /** 
     * Only supports letters and numbers , underscore, space, comma (supports multiple field sorting) 
     */ 
    public static String SQL_PATTERN = "[a-zA-Z0-9_\\ \\,]+"; 

    /** 
     * Check characters to prevent injection bypass 
     * / 
    public static String escapeOrderBySql(String value) 
    { 
        if (StringUtils.isNotEmpty(value) && !isValidOrderBySql(value)) 
        { 
            return StringUtils.EMPTY; 
        } 
        return value; 
    }
 
    /**
     * Verify whether the order by syntax complies with the specification 
     */ 
    public static boolean isValidOrderBySql(String value) 
    { 
        return value.matches(SQL_PATTERN); 
    } 
}

Guess you like

Origin blog.csdn.net/snowing1997/article/details/131720372

Ruoyi encapsulated SqlUtil [order by to prevent sql injection, verify order by syntax rules]

Order by in sql injection

Execution order of CSS rules

Order Number Generation Rules

order by ordering injection

SqlParameter prevent SQL injection

Prevent SQL injection ***

thinkphp prevent sql injection

How to prevent SQL injection?

How to prevent SQL injection?

Prevent SQL Injection

How to prevent SQL injection?

Prevent SQL injection in PHP

[Java] mybatis dynamically passes in order by (sorting field) and sort (sorting method) to prevent injection

SQL definition order and execution order

Rules are rules, with the evolution of the order will become harmonious

The syntax and order of execution of Java for loop

[MySQL] SELECT statement - syntax order

pymysql prevent sql injection case

Python how to prevent sql injection

How to prevent SQL injection attacks

Precautions for mybatis to prevent sql injection

What is SQL Injection? how to prevent it

order

[SQL Basics] The order of GROUP BY and WHERE HAVING ORDER BY in SQL execution order

In order to prevent errors, deep copy is used

SQL order by statement

SQL - ORDER BY Keyword

SQL order each keyword

sql execution order in hive

Recommended

Rushing to the GitHub hot list——How can open source programming languages and frameworks be so cute?

Beijing Humanoid Robot Innovation Center launches Tiangong, the world's first full-size humanoid robot with purely electric drive for anthropomorphic running

Ranking

8个无需编写代码即可使用 Python 内置库的方法

Java collections interview knowledge Lite

Machine learning algorithms foundation - Introduction a (watermelon materials for the book)

(Easy) Ransom Note - LeetCode

[Five days] Qt from entry to actual combat: the second day

Remember once extremely pit father can not download Maven Jar package of issues: IDEA question

The minimum cost Shortest

OSPF study map (the most complete version)

Network Takeaways

GnuPG

Daily

More

2024-04-27(29)

2024-04-26(22)

2024-04-25(32)

2024-04-24(30)

2024-04-23(30)

2024-04-22(5)

2024-04-21(0)

2024-04-20(6)

2024-04-19(5)

2024-04-18(0)