wgh/coreshoppro
1
0
Fork 0
mirror of http://git.coreshop.cn/jianweie/coreshoppro.git synced 2025-12-06 15:43:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

【优化】移除2个orderBy使用的sql组合方法参数,移除4个仓储基类的所有sql组合方法,全部使用参数化提交,防止出现可能存在的sql注入。

Browse Source
This commit is contained in:
jianweie code
2024-01-17 20:02:06 +08:00
parent f16797adb5
commit a6e345a48b
15 changed files with 77 additions and 883 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
CoreCms.Net.IServices/Good/ICoreCmsGoodsServices.cs
View File

@@ -206,13 +206,11 @@ namespace CoreCms.Net.IServices
/// 重写根据条件及自定义排序查询分页数据返回DTO
/// </summary>
/// <param name="predicate"></param>
/// <param name="orderBy"></param>
/// <param name="pageIndex">当前页面索引</param>
/// <param name="pageSize">分布大小</param>
/// <param name="blUseNoLock">是否使用WITH(NOLOCK)</param>
/// <returns></returns>
Task<IPageList<GoodListDTO>> QueryPageByDTOAsync(Expression<Func<GoodListDTO, bool>> predicate,
string orderBy = "", int pageIndex = 1, int pageSize = 20, bool blUseNoLock = false);
Task<IPageList<GoodListDTO>> QueryPageByDTOAsync(Expression<Func<GoodListDTO, bool>> predicate, int pageIndex = 1, int pageSize = 20, bool blUseNoLock = false);
/// <summary>
/// 重写根据条件及自定义排序查询分页数据
@@ -223,8 +221,7 @@ namespace CoreCms.Net.IServices
/// <param name="pageSize">分布大小</param>
/// <param name="blUseNoLock">是否使用WITH(NOLOCK)</param>
/// <returns></returns>
Task<IPageList<CoreCmsGoods>> QueryAgentGoodsPageAsync(Expression<Func<CoreCmsGoods, bool>> predicate,
string orderBy = "", int pageIndex = 1, int pageSize = 20, bool blUseNoLock = false);
Task<IPageList<CoreCmsGoods>> QueryAgentGoodsPageAsync(Expression<Func<CoreCmsGoods, bool>> predicate, int pageIndex = 1, int pageSize = 20, bool blUseNoLock = false);
/// <summary>

168
CoreCms.Net.IServices/IBaseServices.cs
View File

@@ -105,51 +105,6 @@ namespace CoreCms.Net.IServices
/// <returns></returns>
Task<List<T>> QueryAsync(bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue);
/// <summary>
/// 根据条件查询数据
/// </summary>
/// <param name="strWhere">条件</param>
/// <param name="orderBy">排序</param>
/// <param name="blUseNoLock">是否使用WITH(NoLock)</param>
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns>泛型实体集合</returns>
List<T> QueryListByClause(string strWhere, string orderBy = "", bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue);
/// <summary>
/// 根据条件查询数据
/// </summary>
/// <param name="strWhere">条件</param>
/// <param name="orderBy">排序</param>
/// <param name="blUseNoLock">是否使用WITH(NoLock)</param>
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns>泛型实体集合</returns>
Task<List<T>> QueryListByClauseAsync(string strWhere, string orderBy = "", bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue);
/// <summary>
/// 根据条件查询数据
/// </summary>
/// <param name="predicate">条件表达式树</param>
/// <param name="orderBy">排序</param>
/// <param name="blUseNoLock">是否使用WITH(NoLock)</param>
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns>泛型实体集合</returns>
List<T> QueryListByClause(Expression<Func<T, bool>> predicate, string orderBy = "", bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue);
/// <summary>
/// 根据条件查询数据
/// </summary>
/// <param name="predicate">条件表达式树</param>
/// <param name="orderBy">排序</param>
/// <param name="blUseNoLock">是否使用WITH(NoLock)</param>
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns>泛型实体集合</returns>
Task<List<T>> QueryListByClauseAsync(Expression<Func<T, bool>> predicate, string orderBy = "",
bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue);
/// <summary>
/// 根据条件查询数据
/// </summary>
@@ -160,8 +115,8 @@ namespace CoreCms.Net.IServices
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns>泛型实体集合</returns>
List<T> QueryListByClause(Expression<Func<T, bool>> predicate, Expression<Func<T, object>> orderByPredicate,
OrderByType orderByType, bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue);
List<T> QueryListByClause(Expression<Func<T, bool>> predicate, Expression<Func<T, object>> orderByPredicate = null,
OrderByType orderByType = OrderByType.Asc, bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue);
/// <summary>
/// 根据条件查询数据
@@ -174,7 +129,7 @@ namespace CoreCms.Net.IServices
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns>泛型实体集合</returns>
Task<List<T>> QueryListByClauseAsync(Expression<Func<T, bool>> predicate,
Expression<Func<T, object>> orderByPredicate, OrderByType orderByType, bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue);
Expression<Func<T, object>> orderByPredicate = null, OrderByType orderByType = OrderByType.Asc, bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue);
/// <summary>
/// 根据条件查询一定数量数据
@@ -204,32 +159,6 @@ namespace CoreCms.Net.IServices
Task<List<T>> QueryListByClauseAsync(Expression<Func<T, bool>> predicate, int take,
Expression<Func<T, object>> orderByPredicate, OrderByType orderByType, bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue);
/// <summary>
/// 根据条件查询一定数量数据
/// </summary>
/// <param name="predicate">条件表达式树</param>
/// <param name="take">获取数量</param>
/// <param name="strOrderByFields">排序字段如name asc,age desc</param>
/// <param name="blUseNoLock">是否使用WITH(NoLock)</param>
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns></returns>
List<T> QueryListByClause(Expression<Func<T, bool>> predicate, int take, string strOrderByFields = "",
bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue);
/// <summary>
/// 根据条件查询一定数量数据
/// </summary>
/// <param name="predicate">条件表达式树</param>
/// <param name="take">获取数量</param>
/// <param name="strOrderByFields">排序字段如name asc,age desc</param>
/// <param name="blUseNoLock">是否使用WITH(NoLock)</param>
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns></returns>
Task<List<T>> QueryListByClauseAsync(Expression<Func<T, bool>> predicate, int take,
string strOrderByFields = "", bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue);
/// <summary>
/// 根据条件查询数据
/// </summary>
@@ -262,8 +191,7 @@ namespace CoreCms.Net.IServices
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns></returns>
T QueryByClause(Expression<Func<T, bool>> predicate, Expression<Func<T, object>> orderByPredicate,
OrderByType orderByType, bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue);
T QueryByClause(Expression<Func<T, bool>> predicate, Expression<Func<T, object>> orderByPredicate, OrderByType orderByType, bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue);
/// <summary>
/// 根据条件查询数据
@@ -282,7 +210,7 @@ namespace CoreCms.Net.IServices
#endregion
#region
#region
/// <summary>
/// 写入实体数据
@@ -396,40 +324,6 @@ namespace CoreCms.Net.IServices
/// <returns></returns>
Task<bool> UpdateAsync(T entity, bool isRemoveDataCache = false);
/// <summary>
/// 根据手写条件更新
/// </summary>
/// <param name="entity"></param>
/// <param name="strWhere"></param>
/// <param name="isRemoveDataCache">是否清除缓存</param>
/// <returns></returns>
bool Update(T entity, string strWhere, bool isRemoveDataCache = false);
/// <summary>
/// 根据手写条件更新
/// </summary>
/// <param name="entity"></param>
/// <param name="strWhere"></param>
/// <param name="isRemoveDataCache">是否清除缓存</param>
/// <returns></returns>
Task<bool> UpdateAsync(T entity, string strWhere, bool isRemoveDataCache = false);
/// <summary>
/// 根据手写sql语句更新数据
/// </summary>
/// <param name="strSql"></param>
/// <param name="parameters"></param>
/// <returns></returns>
bool Update(string strSql, SugarParameter[] parameters = null);
/// <summary>
/// 根据手写sql语句更新数据
/// </summary>
/// <param name="strSql"></param>
/// <param name="parameters"></param>
/// <returns></returns>
Task<bool> UpdateAsync(string strSql, SugarParameter[] parameters = null);
/// <summary>
/// 更新某个字段
/// </summary>
@@ -448,28 +342,6 @@ namespace CoreCms.Net.IServices
/// <returns></returns>
Task<bool> UpdateAsync(Expression<Func<T, T>> columns, Expression<Func<T, bool>> where, bool isRemoveDataCache = false);
/// <summary>
/// 根据条件更新
/// </summary>
/// <param name="entity"></param>
/// <param name="lstColumns"></param>
/// <param name="lstIgnoreColumns"></param>
/// <param name="strWhere"></param>
/// <param name="isRemoveDataCache">是否清除缓存</param>
/// <returns></returns>
Task<bool> UpdateAsync(T entity, List<string> lstColumns, List<string> lstIgnoreColumns,
string strWhere = "", bool isRemoveDataCache = false);
/// <summary>
/// 根据条件更新
/// </summary>
/// <param name="entity"></param>
/// <param name="lstColumns"></param>
/// <param name="lstIgnoreColumns"></param>
/// <param name="strWhere"></param>
/// <param name="isRemoveDataCache">是否清除缓存</param>
/// <returns></returns>
bool Update(T entity, List<string> lstColumns, List<string> lstIgnoreColumns, string strWhere = "", bool isRemoveDataCache = false);
#endregion
#region
@@ -602,7 +474,6 @@ namespace CoreCms.Net.IServices
/// <returns></returns>
Task<bool> DeleteByIdsAsync(string[] ids, bool isRemoveDataCache = false);
/// <summary>
/// 删除指定ID集合的数据(批量删除)
/// </summary>
@@ -619,7 +490,6 @@ namespace CoreCms.Net.IServices
/// <returns></returns>
Task<bool> DeleteByIdsAsync(List<int> ids, bool isRemoveDataCache = false);
/// <summary>
/// 删除指定ID集合的数据(批量删除)
/// </summary>
@@ -636,7 +506,6 @@ namespace CoreCms.Net.IServices
/// <returns></returns>
Task<bool> DeleteByIdsAsync(List<string> ids, bool isRemoveDataCache = false);
/// <summary>
/// 删除指定ID集合的数据(批量删除)
/// </summary>
@@ -653,7 +522,6 @@ namespace CoreCms.Net.IServices
/// <returns></returns>
Task<bool> DeleteByIdsAsync(List<Guid> ids, bool isRemoveDataCache = false);
/// <summary>
/// 删除指定ID集合的数据(批量删除)
/// </summary>
@@ -781,32 +649,6 @@ namespace CoreCms.Net.IServices
#region
/// <summary>
/// 根据条件查询分页数据
/// </summary>
/// <param name="predicate"></param>
/// <param name="orderBy"></param>
/// <param name="pageIndex">当前页面索引</param>
/// <param name="pageSize">分布大小</param>
/// <param name="blUseNoLock">是否使用WITH(NoLock)</param>
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns></returns>
IPageList<T> QueryPage(Expression<Func<T, bool>> predicate, string orderBy = "", int pageIndex = 1, int pageSize = 20, bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue);
/// <summary>
/// 根据条件查询分页数据
/// </summary>
/// <param name="predicate"></param>
/// <param name="orderBy"></param>
/// <param name="pageIndex">当前页面索引</param>
/// <param name="pageSize">分布大小</param>
/// <param name="blUseNoLock">是否使用WITH(NoLock)</param>
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns></returns>
Task<IPageList<T>> QueryPageAsync(Expression<Func<T, bool>> predicate, string orderBy = "", int pageIndex = 1, int pageSize = 20, bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue);
/// <summary>
/// 根据条件查询分页数据
/// </summary>