wgh/coreshoppro
1
0
Fork 0
mirror of http://git.coreshop.cn/jianweie/coreshoppro.git synced 2025-12-06 17:43:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

【优化】移除2个orderBy使用的sql组合方法参数,移除4个仓储基类的所有sql组合方法,全部使用参数化提交,防止出现可能存在的sql注入。

Browse Source
This commit is contained in:
jianweie code
2024-01-17 20:02:06 +08:00
parent f16797adb5
commit a6e345a48b
15 changed files with 77 additions and 883 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
CoreCms.Net.Model/FromBody/FMPage.cs
View File

@@ -26,11 +26,6 @@ namespace CoreCms.Net.Model.FromBody
/// </summary>
public int limit { get; set; } = 10;
/// <summary>
/// 排序
/// </summary>
public string order { get; set; }
/// <summary>
/// 判断条件
/// </summary>
@@ -43,9 +38,14 @@ namespace CoreCms.Net.Model.FromBody
/// </summary>
public class FMPageByIntId
{
/// <summary>
/// 其他数据
/// </summary>
public object otherData { get; set; }
/// <summary>
/// 序列
/// </summary>
public int id { get; set; }
@@ -59,11 +59,6 @@ namespace CoreCms.Net.Model.FromBody
/// </summary>
public int limit { get; set; } = 10;
/// <summary>
/// 排序
/// </summary>
public string order { get; set; }
/// <summary>
/// 判断条件
/// </summary>
@@ -75,9 +70,11 @@ namespace CoreCms.Net.Model.FromBody
/// </summary>
public class FMPageByStringId
{
/// <summary>
/// 序列
/// </summary>
public string id { get; set; }
/// <summary>
/// 当前页码
/// </summary>
@@ -87,16 +84,6 @@ namespace CoreCms.Net.Model.FromBody
/// 每页数据量
/// </summary>
public int limit { get; set; } = 10;
/// <summary>
/// 排序
/// </summary>
public string order { get; set; }
/// <summary>
/// 判断条件
/// </summary>
public string where { get; set; }
}
@@ -105,6 +92,9 @@ namespace CoreCms.Net.Model.FromBody
/// </summary>
public class FMPageByStringIdWhitStatus
{
/// <summary>
/// 序列
/// </summary>
public string id { get; set; }
/// <summary>