You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello, author. I also found some SQL problems in other methods of PageHelper. These parameters are easy to be passed in externally.
PageHelper. startPage(1, 20). setCountColumn(keyword);
This method is written in your test sample.
If the keyword parameter of setcountcolumn method is imported externally, it will cause SQL injection problems.
I'm looking forward to your reply.
The text was updated successfully, but these errors were encountered:
作者您好,我在pageHelper的其他方法上也找到了一些sql的问题,这些参数容易在外部进行传入。
PageHelper.startPage(1, 20).setCountColumn(keyword);
这个方法在您的测试样例中有写到。
setCountColumn方法keyword参数如果是外部传入,会导致sql注入的问题。
期待您的回复。
Hello, author. I also found some SQL problems in other methods of PageHelper. These parameters are easy to be passed in externally.
PageHelper. startPage(1, 20). setCountColumn(keyword);
This method is written in your test sample.
If the keyword parameter of setcountcolumn method is imported externally, it will cause SQL injection problems.
I'm looking forward to your reply.
The text was updated successfully, but these errors were encountered: