From c24cd14fd700b2846623d0c3e9683adb30c7062b Mon Sep 17 00:00:00 2001
From: RuoYi <yzz_ivy@163.com>
Date: 星期四, 27 五月 2021 17:55:05 +0800
Subject: [PATCH] 修复两处存在SQL注入漏洞问题
---
src/main/java/com/ruoyi/project/system/controller/SysUserController.java | 12 ++++++++----
1 files changed, 8 insertions(+), 4 deletions(-)
diff --git a/src/main/java/com/ruoyi/project/system/controller/SysUserController.java b/src/main/java/com/ruoyi/project/system/controller/SysUserController.java
index ebdb829..ae66a5d 100644
--- a/src/main/java/com/ruoyi/project/system/controller/SysUserController.java
+++ b/src/main/java/com/ruoyi/project/system/controller/SysUserController.java
@@ -127,11 +127,13 @@
{
return AjaxResult.error("鏂板鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛岀櫥褰曡处鍙峰凡瀛樺湪");
}
- else if (UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
+ else if (StringUtils.isNotEmpty(user.getPhonenumber())
+ && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
{
return AjaxResult.error("鏂板鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛屾墜鏈哄彿鐮佸凡瀛樺湪");
}
- else if (UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
+ else if (StringUtils.isNotEmpty(user.getEmail())
+ && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
{
return AjaxResult.error("鏂板鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛岄偖绠辫处鍙峰凡瀛樺湪");
}
@@ -149,11 +151,13 @@
public AjaxResult edit(@Validated @RequestBody SysUser user)
{
userService.checkUserAllowed(user);
- if (UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
+ if (StringUtils.isNotEmpty(user.getPhonenumber())
+ && UserConstants.NOT_UNIQUE.equals(userService.checkPhoneUnique(user)))
{
return AjaxResult.error("淇敼鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛屾墜鏈哄彿鐮佸凡瀛樺湪");
}
- else if (UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
+ else if (StringUtils.isNotEmpty(user.getEmail())
+ && UserConstants.NOT_UNIQUE.equals(userService.checkEmailUnique(user)))
{
return AjaxResult.error("淇敼鐢ㄦ埛'" + user.getUserName() + "'澶辫触锛岄偖绠辫处鍙峰凡瀛樺湪");
}
--
Gitblit v1.9.3