• Home
• com.kukababy
• jdbc-plus
• 0.0.4
• source code
• Valid.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.kukababy.plus.pager.Valid Maven / Gradle / Ivy

package com.kukababy.plus.pager;

import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

/**
 * 
 * 描述:
 * 
 * @author [email protected]
 * @date 2019年3月5日 下午10:46:38
 */
public class Valid {

	public static void addConds(SqlFilter sqlFilter, Filter filter) {
		List filters = sqlFilter.getFilters();
		if (filters == null) {
			filters = new ArrayList();
			sqlFilter.setFilters(filters);
		}
		filters.add(filter);
	}

	/**
	 * 
	 * 

	 * 
	 * 描述:
	 * 清除表达式里无效的字段命名，阻止无效客户端的攻击
	 * String validFields = "name,a.name;compName,b.name" ;
	 * 
	 * 
	 * @param sqlFilter
	 * @param validFields
	 */

	public static void cleanInvalidField(SqlFilter sqlFilter, String validFields) {

		List filters = sqlFilter.getFilters();
		if (validFields != null) {
			cleanInvalidField(filters, validFields);
		}
	}

	/**
	 * 
	 * 描述: 

	 * 
	 * 
	 * 清除表达式里无效的字段命名，阻止无效客户端的攻击
	 * String validFields = "name,a.name;compName,b.name" ;
	 * 
	 * 
	 * 
	 * 
	 * @param filters
	 * @param validFields
	 */
	public static void cleanInvalidField(List filters, String validFields) {
		if (validFields == null) {
			filters = null;
		}
		Map _validFields = new HashMap();
		if (validFields != null) {
			String dars[] = validFields.split(";");
			for (String dar : dars) {
				String fields[] = dar.split(",");
				_validFields.put(fields[0], fields[1]);
			}
		}

		if (filters != null && !filters.isEmpty()) {
			Iterator it = filters.iterator();
			while (it.hasNext()) {
				Filter filterEL = it.next();
				if (filterEL.getCol() == null) {
					it.remove();
				} else {
					String col = _validFields.get(filterEL.getCol());
					if (col == null) {
						it.remove();
					} else {
						filterEL.setCol(col);// 换成数据库支持的字段名
					}
				}
			}
		}
	}

	/**
	 * 
	 * 

	 * 
	 * 描述:
	 * 验证值是否是字符串或数值类型或集合里必须是字符串或数值
	 * 
	 * 
	 * @param val
	 * @return
	 */
	public static boolean validVal(Object val) {
		if (val instanceof List) {// 是list集合方式
			if (!validListVal(val)) {
				return false;
			}
		}
		if (val instanceof String || val instanceof Number) {// 是字符串或数值
			if (!validSingleVal(val)) {
				return false;
			}
		}
		return true;
	}

	private static boolean validSingleVal(Object val) {
		if (!(val instanceof String) && !(val instanceof Number)) {// 只能是字符串或数值
			return false;
		}
		if (val instanceof String) {
			val = ((String) val).trim();
			if (((String) val).length() == 0) {
				return false;
			}
		}
		return true;
	}

	private static boolean validListVal(Object val) {// 只能是list集合方式
		if (!(val instanceof List)) {
			return false;
		}

		if (val instanceof List) {
			List _val = (List) val;
			if (_val.isEmpty()) {
				return false;
			}
			for (Object obj : _val) {
				if (obj == null || !validSingleVal(obj)) {
					return false;
				}
			}
		}
		return true;
	}

}