public/MaxKey
1
0
Fork 0
mirror of https://gitee.com/dromara/MaxKey.git synced 2026-05-16 05:20:42 +08:00
Code Issues Packages Projects Releases Wiki Activity

sqlInjection & style

Browse Source 
sqlInjection & style
This commit is contained in:
Crystal.Sea
2020-12-14 23:43:34 +08:00
parent fb8adb82d8
commit 64bed39ee9
22 changed files with 121 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

29
maxkey-core/src/main/java/org/maxkey/util/StringUtils.java
View File

@@ -518,4 +518,33 @@ public final class StringUtils {
return flag;
}
public static ArrayList<String> sqlInjection = null;
static{
sqlInjection = new ArrayList<String>();
sqlInjection.add("--");
sqlInjection.add(";");
sqlInjection.add("/");
sqlInjection.add("\\");
sqlInjection.add("#");
sqlInjection.add("drop");
sqlInjection.add("create");
sqlInjection.add("delete");
sqlInjection.add("alter");
sqlInjection.add("truncate");
sqlInjection.add("update");
sqlInjection.add("insert");
sqlInjection.add("and");
sqlInjection.add("or");
}
public static boolean filtersSQLInjection(String filters) {
for(String s : sqlInjection) {
if(filters.indexOf(s)>-1) {
return true;
}
}
return false;
}
}