wgh/coreshoppro
1
0
Fork 0
mirror of http://git.coreshop.cn/jianweie/coreshoppro.git synced 2025-12-06 19:03:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

【优化】移除2个orderBy使用的sql组合方法参数,移除4个仓储基类的所有sql组合方法,全部使用参数化提交,防止出现可能存在的sql注入。

Browse Source
This commit is contained in:
jianweie code
2024-01-17 20:02:06 +08:00
parent f16797adb5
commit a6e345a48b
15 changed files with 77 additions and 883 deletions
Download Patch File Download Diff File Expand all files Collapse all files

197
CoreCms.Net.Services/BaseServices.cs
View File

@@ -130,62 +130,6 @@ namespace CoreCms.Net.Services
return await BaseDal.QueryAsync(blUseNoLock, isDataCache, cacheTimes);
}
/// <summary>
/// 根据条件查询数据
/// </summary>
/// <param name="strWhere">条件</param>
/// <param name="orderBy">排序字段如name asc,age desc</param>
/// <param name="blUseNoLock">是否使用WITH(NoLock)</param>
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns>泛型实体集合</returns>
public List<T> QueryListByClause(string strWhere, string orderBy = "", bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue)
{
return BaseDal.QueryListByClause(strWhere, orderBy, blUseNoLock, isDataCache, cacheTimes);
}
/// <summary>
/// 根据条件查询数据
/// </summary>
/// <param name="strWhere">条件</param>
/// <param name="orderBy">排序字段如name asc,age desc</param>
/// <param name="blUseNoLock">是否使用WITH(NoLock)</param>
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns>泛型实体集合</returns>
public async Task<List<T>> QueryListByClauseAsync(string strWhere, string orderBy = "", bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue)
{
return await BaseDal.QueryListByClauseAsync(strWhere, orderBy, blUseNoLock, isDataCache, cacheTimes);
}
/// <summary>
/// 根据条件查询数据
/// </summary>
/// <param name="predicate">条件表达式树</param>
/// <param name="orderBy">排序字段如name asc,age desc</param>
/// <param name="blUseNoLock">是否使用WITH(NoLock)</param>
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns>泛型实体集合</returns>
public List<T> QueryListByClause(Expression<Func<T, bool>> predicate, string orderBy = "", bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue)
{
return BaseDal.QueryListByClause(predicate, orderBy, blUseNoLock, isDataCache, cacheTimes);
}
/// <summary>
/// 根据条件查询数据
/// </summary>
/// <param name="predicate">条件表达式树</param>
/// <param name="orderBy">排序字段如name asc,age desc</param>
/// <param name="blUseNoLock">是否使用WITH(NoLock)</param>
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns>泛型实体集合</returns>
public async Task<List<T>> QueryListByClauseAsync(Expression<Func<T, bool>> predicate, string orderBy = "", bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue)
{
return await BaseDal.QueryListByClauseAsync(predicate, orderBy, blUseNoLock, isDataCache, cacheTimes);
}
/// <summary>
/// 根据条件查询数据
/// </summary>
@@ -196,7 +140,7 @@ namespace CoreCms.Net.Services
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns>泛型实体集合</returns>
public List<T> QueryListByClause(Expression<Func<T, bool>> predicate, Expression<Func<T, object>> orderByPredicate, OrderByType orderByType, bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue)
public List<T> QueryListByClause(Expression<Func<T, bool>> predicate, Expression<Func<T, object>> orderByPredicate = null, OrderByType orderByType = OrderByType.Asc, bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue)
{
return BaseDal.QueryListByClause(predicate, orderByPredicate, orderByType, blUseNoLock, isDataCache, cacheTimes);
}
@@ -211,7 +155,7 @@ namespace CoreCms.Net.Services
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns>泛型实体集合</returns>
public async Task<List<T>> QueryListByClauseAsync(Expression<Func<T, bool>> predicate, Expression<Func<T, object>> orderByPredicate, OrderByType orderByType, bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue)
public async Task<List<T>> QueryListByClauseAsync(Expression<Func<T, bool>> predicate, Expression<Func<T, object>> orderByPredicate = null, OrderByType orderByType = OrderByType.Asc, bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue)
{
return await BaseDal.QueryListByClauseAsync(predicate, orderByPredicate, orderByType, blUseNoLock, isDataCache, cacheTimes);
}
@@ -248,36 +192,6 @@ namespace CoreCms.Net.Services
return await BaseDal.QueryListByClauseAsync(predicate, take, orderByPredicate, orderByType, blUseNoLock, isDataCache, cacheTimes);
}
/// <summary>
/// 根据条件查询一定数量数据
/// </summary>
/// <param name="predicate">条件表达式树</param>
/// <param name="take">获取数量</param>
/// <param name="strOrderByFields">排序字段如name asc,age desc</param>
/// <param name="blUseNoLock">是否使用WITH(NoLock)</param>
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns></returns>
public List<T> QueryListByClause(Expression<Func<T, bool>> predicate, int take, string strOrderByFields = "", bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue)
{
return BaseDal.QueryListByClause(predicate, take, strOrderByFields, blUseNoLock, isDataCache, cacheTimes);
}
/// <summary>
/// 根据条件查询一定数量数据
/// </summary>
/// <param name="predicate">条件表达式树</param>
/// <param name="take">获取数量</param>
/// <param name="strOrderByFields">排序字段如name asc,age desc</param>
/// <param name="blUseNoLock">是否使用WITH(NoLock)</param>
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns></returns>
public async Task<List<T>> QueryListByClauseAsync(Expression<Func<T, bool>> predicate, int take, string strOrderByFields = "", bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue)
{
return await BaseDal.QueryListByClauseAsync(predicate, take, strOrderByFields, blUseNoLock, isDataCache, cacheTimes);
}
/// <summary>
/// 根据条件查询数据
/// </summary>
@@ -494,52 +408,6 @@ namespace CoreCms.Net.Services
return await BaseDal.UpdateAsync(entity, isRemoveDataCache);
}
/// <summary>
/// 根据手写条件更新
/// </summary>
/// <param name="entity"></param>
/// <param name="strWhere"></param>
/// <param name="isRemoveDataCache"></param>
/// <returns></returns>
public bool Update(T entity, string strWhere, bool isRemoveDataCache = false)
{
return BaseDal.Update(entity, strWhere, isRemoveDataCache);
}
/// <summary>
/// 根据手写条件更新
/// </summary>
/// <param name="entity"></param>
/// <param name="strWhere"></param>
/// <param name="isRemoveDataCache"></param>
/// <returns></returns>
public async Task<bool> UpdateAsync(T entity, string strWhere, bool isRemoveDataCache = false)
{
return await BaseDal.UpdateAsync(entity, strWhere, isRemoveDataCache);
}
/// <summary>
/// 根据手写sql语句更新数据
/// </summary>
/// <param name="strSql"></param>
/// <param name="parameters"></param>
/// <returns></returns>
public bool Update(string strSql, SugarParameter[] parameters = null)
{
return BaseDal.Update(strSql, parameters);
}
/// <summary>
/// 根据手写sql语句更新数据
/// </summary>
/// <param name="strSql"></param>
/// <param name="parameters"></param>
/// <returns></returns>
public async Task<bool> UpdateAsync(string strSql, SugarParameter[] parameters = null)
{
return await BaseDal.UpdateAsync(strSql, parameters);
}
/// <summary>
/// 更新某个字段
/// </summary>
@@ -564,33 +432,6 @@ namespace CoreCms.Net.Services
return await BaseDal.UpdateAsync(columns, where, isRemoveDataCache);
}
/// <summary>
/// 根据条件更新
/// </summary>
/// <param name="entity"></param>
/// <param name="lstColumns"></param>
/// <param name="lstIgnoreColumns"></param>
/// <param name="strWhere"></param>
/// <param name="isRemoveDataCache"></param>
/// <returns></returns>
public async Task<bool> UpdateAsync(T entity, List<string> lstColumns = null, List<string> lstIgnoreColumns = null, string strWhere = "", bool isRemoveDataCache = false)
{
return await BaseDal.UpdateAsync(entity, lstColumns, lstIgnoreColumns, strWhere, isRemoveDataCache);
}
/// <summary>
/// 根据条件更新
/// </summary>
/// <param name="entity"></param>
/// <param name="lstColumns"></param>
/// <param name="lstIgnoreColumns"></param>
/// <param name="strWhere"></param>
/// <param name="isRemoveDataCache"></param>
/// <returns></returns>
public bool Update(T entity, List<string> lstColumns = null, List<string> lstIgnoreColumns = null, string strWhere = "", bool isRemoveDataCache = false)
{
return BaseDal.Update(entity, lstColumns, lstIgnoreColumns, strWhere, isRemoveDataCache);
}
#endregion
#region
@@ -1006,40 +847,6 @@ namespace CoreCms.Net.Services
#region
/// <summary>
/// 根据条件查询分页数据
/// </summary>
/// <param name="predicate"></param>
/// <param name="orderBy"></param>
/// <param name="pageIndex">当前页面索引</param>
/// <param name="pageSize">分布大小</param>
/// <param name="blUseNoLock">是否使用WITH(NoLock)</param>
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns></returns>
public IPageList<T> QueryPage(Expression<Func<T, bool>> predicate, string orderBy = "", int pageIndex = 1,
int pageSize = 20, bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue)
{
return BaseDal.QueryPage(predicate, orderBy, pageIndex, pageSize, blUseNoLock, isDataCache, cacheTimes);
}
/// <summary>
/// 根据条件查询分页数据
/// </summary>
/// <param name="predicate"></param>
/// <param name="orderBy"></param>
/// <param name="pageIndex">当前页面索引</param>
/// <param name="pageSize">分布大小</param>
/// <param name="blUseNoLock">是否使用WITH(NoLock)</param>
/// <param name="isDataCache">是否启用缓存</param>
/// <param name="cacheTimes">缓存时长(分钟)</param>
/// <returns></returns>
public async Task<IPageList<T>> QueryPageAsync(Expression<Func<T, bool>> predicate, string orderBy = "",
int pageIndex = 1, int pageSize = 20, bool blUseNoLock = false, bool isDataCache = false, int cacheTimes = int.MaxValue)
{
return await BaseDal.QueryPageAsync(predicate, orderBy, pageIndex, pageSize, blUseNoLock, isDataCache, cacheTimes);
}
/// <summary>
/// 根据条件查询分页数据
/// </summary>