MAP对象转sql如何防止注入
lewis
2018-12-04
22次阅读
MAP对象转sql防止注入的方法:
通过MAP封装例如:
SqlHelper
getUpdateSql
Map modifymap=new HashMap();
modifymap.put("taxes", taxesnew);
modifymap.put("effectiveprofit", effectiveprofitnew);
modifymap.put("field001", field001new);
modifymap.put("budgetedcost", budgetedcostnew);
modifymap.put("field002", field002new);
modifymap.put("fromdepbudget", null);
modifymap.put("requestid", workflowid);
modifymap.put("effectiveamount2", effectiveamount2);
modifymap.put("contractbudget", contractbudget);
dataService.executeSql(SqlHelper.getUpdateSql("depbudget", modifymap, " id='"+id+"' "));
发表评论:
◎欢迎参与讨论,请在这里发表您的看法、交流您的观点。