com.gitee.cliveyuan.tools.sql.SqlTools Maven / Gradle / Ivy

Go to download

Show more of this group Show more artifacts with this name
Show all versions of java-tools Show documentation

Some commonly used methods in java

There is a newer version: 4.0.6

package com.gitee.cliveyuan.tools.sql;

import com.gitee.cliveyuan.tools.StringTools;

/**
 * @author Clive Yuan
 * @date 2020/06/16
 */
public class SqlTools {

    private SqlTools() {
    }

    /**
     * 仅支持字母、数字、下划线、空格、逗号（支持多个字段排序）
     */
    public static String SQL_PATTERN = "[a-zA-Z0-9_\\ \\,]+";

    /**
     * 检查字符，防止注入绕过
     */
    public static String escapeOrderBySql(String value) {
        if (StringTools.isNotEmpty(value) && !isValidFieldName(value)) {
            return StringTools.EMPTY;
        }
        return value;
    }

    /**
     * 验证字段语法是否符合规范
     */
    public static boolean isValidFieldName(String fieldName) {
        return fieldName.matches(SQL_PATTERN);
    }
}