wgh/coreshoppro
1
0
Fork 0
mirror of http://git.coreshop.cn/jianweie/coreshoppro.git synced 2025-12-06 19:03:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

【优化】移除2个orderBy使用的sql组合方法参数,移除4个仓储基类的所有sql组合方法,全部使用参数化提交,防止出现可能存在的sql注入。

Browse Source
This commit is contained in:
jianweie code
2024-01-17 20:02:06 +08:00
parent f16797adb5
commit a6e345a48b
15 changed files with 77 additions and 883 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CoreCms.Net.Web.Admin/Controllers/Good/CoreCmsGoodsController.cs
View File

@@ -1243,7 +1243,7 @@ namespace CoreCms.Net.Web.Admin.Controllers
r.AddRange(arr);
});
var labels = _labelServices.QueryListByClause(p => r.Contains(p.id));
var labels =await _labelServices.QueryListByClauseAsync(p => r.Contains(p.id));
jm.code = 0;
jm.data = new