香港服务器MAP对象转sql如何防止注入

已关闭留言

香港服务器MAP对象转sql防止注入的方法:

通过MAP封装例如:

SqlHelper

getUpdateSql

Map modifymap=new HashMap();

modifymap.put(“taxes”, taxesnew);

modifymap.put(“effectiveprofit”, effectiveprofitnew);

modifymap.put(“field001”, field001new);

modifymap.put(“budgetedcost”, budgetedcostnew);

modifymap.put(“field002”, field002new);

modifymap.put(“fromdepbudget”, null);

modifymap.put(“requestid”, workflowid);

modifymap.put(“effectiveamount2”, effectiveamount2);

modifymap.put(“contractbudget”, contractbudget);

dataService.executeSql(SqlHelper.getUpdateSql(“depbudget”, modifymap, ” id='”+id+”‘ “));