true #允許一次批量更新操作,會導緻SQL注入
Caused by: java.sql.SQLException: sql injection violation, syntax error: syntax error, expect EQ, actual IDENTIFIER pos 372, line 22, column 20, token IDENTIFIER id : update sys_role
set
name = ?,
remark = ?,
create_by = ?,
create_time = ?,
last_update_time = ?,
last_update_by = ?,
where id = ?
update sys_role
set
name = ?,
remark = ?,
create_by = ?,
create_time = ?,
last_update_time = ?,
last_update_by = ?,
where id =
("/update/list")
public HttpResult update( @RequestBody List<SysRole> sysRoles){
try{
for(SysRole sysRole: sysRoles){
sysRole.setLastUpdateTime(new Date());
sysRoleService.update(sysRole);
}
return HttpResult.ok(sysRoles);
}catch (Exception e){
e.printStackTrace();
return HttpResult.error("角色修改失敗");
}
}
![JAVA 系列——>開發工具IntelliJ IDEA的安裝以及配置、快捷鍵IDEA 簡介[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)