温馨提示×

MAP对象转sql如何防止注入

小新
224
2020-12-29 08:20:15
栏目: 云计算

MAP对象转sql如何防止注入

MAP对象转sql防止注入的方法:

通过MAP封装例如:

SqlHelper

getUpdateSql

Map modifymap=new HashMap();

modifymap.put("taxes", taxesnew);

modifymap.put("effectiveprofit", effectiveprofitnew);

modifymap.put("field001", field001new);

modifymap.put("budgetedcost", budgetedcostnew);

modifymap.put("field002", field002new);

modifymap.put("fromdepbudget", null);

modifymap.put("requestid", workflowid);

modifymap.put("effectiveamount2", effectiveamount2);

modifymap.put("contractbudget", contractbudget);

dataService.executeSql(SqlHelper.getUpdateSql("depbudget", modifymap, " id='"+id+"' "));

0