From 7b601a3e8f6de4acc9d6b9885ef23d6c90a4f349 Mon Sep 17 00:00:00 2001
From: xubinbin <1323875150@qq.com>
Date: 星期三, 28 十二月 2022 13:26:33 +0800
Subject: [PATCH] 使用#替代$，防止SQL注入的风险（主要防止模糊查询sql部分的注入）。

---
 src/main/java/com/genersoft/iot/vmp/web/gb28181/ApiDeviceController.java |   11 ++++++-----
 1 files changed, 6 insertions(+), 5 deletions(-)

diff --git a/src/main/java/com/genersoft/iot/vmp/web/gb28181/ApiDeviceController.java b/src/main/java/com/genersoft/iot/vmp/web/gb28181/ApiDeviceController.java
index a8e0b4e..a5458b0 100644
--- a/src/main/java/com/genersoft/iot/vmp/web/gb28181/ApiDeviceController.java
+++ b/src/main/java/com/genersoft/iot/vmp/web/gb28181/ApiDeviceController.java
@@ -1,7 +1,7 @@
 package com.genersoft.iot.vmp.web.gb28181;
 
-import com.alibaba.fastjson.JSONArray;
-import com.alibaba.fastjson.JSONObject;
+import com.alibaba.fastjson2.JSONArray;
+import com.alibaba.fastjson2.JSONObject;
 import com.genersoft.iot.vmp.gb28181.bean.Device;
 import com.genersoft.iot.vmp.gb28181.bean.DeviceChannel;
 import com.genersoft.iot.vmp.service.IDeviceService;
@@ -94,6 +94,7 @@
 
     @RequestMapping(value = "/channellist")
     public JSONObject channellist( String serial,
+                                   @RequestParam(required = false)String code,
                                    @RequestParam(required = false)String channel_type,
                                    @RequestParam(required = false)String dir_serial ,
                                    @RequestParam(required = false)Integer start,
@@ -148,9 +149,9 @@
                                                      // 1-IETF RFC3261,
                                                      // 2-鍩轰簬鍙ｄ护鐨勫弻鍚戣璇�,
                                                      // 3-鍩轰簬鏁板瓧璇佷功鐨勫弻鍚戣璇�
-            deviceJOSNChannel.put("Status", deviceChannel.getStatus());
-            deviceJOSNChannel.put("Longitude", deviceChannel.getLongitudeWgs84());
-            deviceJOSNChannel.put("Latitude", deviceChannel.getLatitudeWgs84());
+            deviceJOSNChannel.put("Status", deviceChannel.getStatus() == 1 ? "ON":"OFF");
+            deviceJOSNChannel.put("Longitude", deviceChannel.getLongitude());
+            deviceJOSNChannel.put("Latitude", deviceChannel.getLatitude());
             deviceJOSNChannel.put("PTZType ", deviceChannel.getPTZType()); // 浜戝彴绫诲瀷, 0 - 鏈煡, 1 - 鐞冩満, 2 - 鍗婄悆,
                                                                             //   3 - 鍥哄畾鏋満, 4 - 閬ユ帶鏋満
             deviceJOSNChannel.put("CustomPTZType", "");

--
Gitblit v1.8.0