From 7b601a3e8f6de4acc9d6b9885ef23d6c90a4f349 Mon Sep 17 00:00:00 2001
From: xubinbin <1323875150@qq.com>
Date: 星期三, 28 十二月 2022 13:26:33 +0800
Subject: [PATCH] 使用#替代$，防止SQL注入的风险（主要防止模糊查询sql部分的注入）。

---
 src/main/java/com/genersoft/iot/vmp/service/impl/UserServiceImpl.java |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/src/main/java/com/genersoft/iot/vmp/service/impl/UserServiceImpl.java b/src/main/java/com/genersoft/iot/vmp/service/impl/UserServiceImpl.java
index f5dc7b0..aeba9ed 100644
--- a/src/main/java/com/genersoft/iot/vmp/service/impl/UserServiceImpl.java
+++ b/src/main/java/com/genersoft/iot/vmp/service/impl/UserServiceImpl.java
@@ -7,6 +7,7 @@
 import com.github.pagehelper.PageInfo;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
+import org.springframework.util.ObjectUtils;
 import org.springframework.util.StringUtils;
 
 import java.util.List;
@@ -60,7 +61,7 @@
 
     @Override
     public boolean checkPushAuthority(String callId, String sign) {
-        if (StringUtils.isEmpty(callId)) {
+        if (ObjectUtils.isEmpty(callId)) {
             return userMapper.checkPushAuthorityByCallId(sign).size() > 0;
         }else {
             return userMapper.checkPushAuthorityByCallIdAndSign(callId, sign).size() > 0;

--
Gitblit v1.8.0