From 2e4b74490596118681e8d9086c6b7f3fed786d29 Mon Sep 17 00:00:00 2001
From: 13693261870 <252740454@qq.com>
Date: 星期六, 29 十月 2022 14:58:10 +0800
Subject: [PATCH] 1
---
src/main/java/com/lf/server/helper/StringHelper.java | 17 +++++++++++++++++
1 files changed, 17 insertions(+), 0 deletions(-)
diff --git a/src/main/java/com/lf/server/helper/StringHelper.java b/src/main/java/com/lf/server/helper/StringHelper.java
index 69e73bd..ca4ed8d 100644
--- a/src/main/java/com/lf/server/helper/StringHelper.java
+++ b/src/main/java/com/lf/server/helper/StringHelper.java
@@ -64,6 +64,11 @@
public static Pattern datePattern = Pattern.compile("^((\\d{2}(([02468][048])|([13579][26]))[\\-\\/]((((0?[13578])|(1[02]))[\\-\\/]((0?[1-9])|([1-2][0-9])|(3[01])))|(((0?[469])|(11))[\\-\\/]((0?[1-9])|([1-2][0-9])|(30)))|(0?2[\\-\\/]((0?[1-9])|([1-2][0-9])))))|(\\d{2}(([02468][1235679])|([13579][01345789]))[\\-\\/]((((0?[13578])|(1[02]))[\\-\\/]((0?[1-9])|([1-2][0-9])|(3[01])))|(((0?[469])|(11))[\\-\\/]((0?[1-9])|([1-2][0-9])|(30)))|(0?2[\\-\\/]((0?[1-9])|(1[0-9])|(2[0-8]))))))(\\s(((0?[0-9])|([1-2][0-3]))\\:([0-5]?[0-9])((\\s)|(\\:([0-5]?[0-9])))))?$");
/**
+ * SQL姝e垯
+ */
+ public static Pattern sqlPattern = Pattern.compile("|and|exec|execute|insert|select|delete|update|count|drop|\\*|%|chr|mid|master|truncate|char|declare|sitename|net user|xp_cmdshell|;|or|-|\\+|,|like");
+
+ /**
* 瀛楃涓茶浆涓烘棩鏈�
*/
public static Date parseDate(String str) {
@@ -130,6 +135,18 @@
}
/**
+ * 鍒ゆ柇鍊兼槸鍚﹀瓨鍦⊿QL娉ㄥ叆
+ *
+ * @param str 瀛楃涓�
+ * @return 鏄�/鍚�
+ */
+ public static boolean isSqlInjection(String str) {
+ Matcher m = sqlPattern.matcher(str);
+
+ return m.matches();
+ }
+
+ /**
* 鏍¢獙瀵嗙爜鏄�/鍚﹀悎娉�
*
* @param pwd 瀵嗙爜
--
Gitblit v1.9.3