From 76d09bcadbac3d934c228958861a0b24d6f51458 Mon Sep 17 00:00:00 2001
From: 648540858 <648540858@qq.com>
Date: 星期一, 18 十二月 2023 11:14:59 +0800
Subject: [PATCH] 修复sql注入 #1112

---
 src/main/java/com/genersoft/iot/vmp/storager/dao/PlatformChannelMapper.java |    4 ++--
 1 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/main/java/com/genersoft/iot/vmp/storager/dao/PlatformChannelMapper.java b/src/main/java/com/genersoft/iot/vmp/storager/dao/PlatformChannelMapper.java
index f363f66..11aaa08 100755
--- a/src/main/java/com/genersoft/iot/vmp/storager/dao/PlatformChannelMapper.java
+++ b/src/main/java/com/genersoft/iot/vmp/storager/dao/PlatformChannelMapper.java
@@ -117,6 +117,6 @@
             "where dc.channel_id = #{channelId} and pgc.platform_id=#{platformId}")
     List<Device> queryDeviceInfoByPlatformIdAndChannelId(@Param("platformId") String platformId, @Param("channelId") String channelId);
 
-    @Select("SELECT pgc.platform_id from wvp_platform_gb_channel pgc left join wvp_device_channel dc on dc.id = pgc.device_channel_id WHERE dc.channel_id='${channelId}'")
-    List<String> queryParentPlatformByChannelId(String channelId);
+    @Select("SELECT pgc.platform_id from wvp_platform_gb_channel pgc left join wvp_device_channel dc on dc.id = pgc.device_channel_id WHERE dc.channel_id=#{channelId}")
+    List<String> queryParentPlatformByChannelId(@Param("channelId") String channelId);
 }

--
Gitblit v1.8.0