Skip to content
Projects
Groups
Snippets
Help
Loading...
Sign in / Register
Toggle navigation
C
cms_sys
Project
Project
Details
Activity
Cycle Analytics
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
Issues
0
Issues
0
List
Board
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Charts
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
西魏
cms_sys
Commits
0ca41ed7
Commit
0ca41ed7
authored
May 11, 2020
by
sgjj
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
sql注入
parent
32124236
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
5 additions
and
0 deletions
+5
-0
MCmsAction.java
src/main/java/net/mingsoft/cms/action/web/MCmsAction.java
+5
-0
No files found.
src/main/java/net/mingsoft/cms/action/web/MCmsAction.java
View file @
0ca41ed7
...
...
@@ -447,6 +447,11 @@ public class MCmsAction extends net.mingsoft.cms.action.BaseAction {
this
.
outString
(
response
,
content
);
}
/**
* sql语句检测,存在返回true
* @param str
* @return
*/
public
static
boolean
sqlFilter
(
String
str
){
Pattern
pattern
=
Pattern
.
compile
(
"\\b(and|exec|insert|select|drop|grant|alter|delete|update|count|chr|mid|master|truncate|char|declare|or)\\b|(\\*|;|\\+|'|%)"
);
Matcher
matcher
=
pattern
.
matcher
(
str
);
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
