增加防御代码，防止恶意攻击(优化)

2021-08-22 18:48:02 +08:00
parent 95dfcbead3
commit d21e6a4ffe
2 changed files with 0 additions and 23 deletions
--- a/jshERP-boot/src/main/java/com/jsh/erp/controller/SupplierController.java
+++ b/jshERP-boot/src/main/java/com/jsh/erp/controller/SupplierController.java
@@ -52,26 +52,6 @@ public class SupplierController {
    @Resource
    private UserService userService;
    /**
     * 更新供应商-只更新预付款，其余用原来的值
     * @param supplierId
     * @param advanceIn
     * @param request
     * @return
     */
    @PostMapping(value = "/updateAdvanceIn")
    public String updateAdvanceIn(@RequestParam("supplierId") Long supplierId,
                                            @RequestParam("advanceIn") BigDecimal advanceIn,
                                            HttpServletRequest request)throws Exception {
        Map<String, Object> objectMap = new HashMap<String, Object>();
        int res = supplierService.updateAdvanceIn(supplierId, advanceIn);
        if(res > 0) {
            return returnJson(objectMap, ErpInfo.OK.name, ErpInfo.OK.code);
        } else {
            return returnJson(objectMap, ErpInfo.ERROR.name, ErpInfo.ERROR.code);
        }
    }
    /**
     * 查找客户信息-下拉框
     * @param request
--- a/jshERP-boot/src/main/java/com/jsh/erp/service/supplier/SupplierService.java
+++ b/jshERP-boot/src/main/java/com/jsh/erp/service/supplier/SupplierService.java
@@ -240,9 +240,6 @@ public class SupplierService {
    @Transactional(value = "transactionManager", rollbackFor = Exception.class)
    public int updateAdvanceIn(Long supplierId, BigDecimal advanceIn)throws Exception{
        logService.insertLog("商家",
                new StringBuffer(BusinessConstants.LOG_OPERATION_TYPE_EDIT).append(supplierId).toString(),
                ((ServletRequestAttributes) RequestContextHolder.getRequestAttributes()).getRequest());
        Supplier supplier=null;
        try{
            supplier = supplierMapper.selectByPrimaryKey(supplierId);