费用云后端
view | history | commit | commitdiff
zm
2020-05-18 a18bfacbf56b401f6e0fdae8710fbca4df8cff77
commit | author | age
a18bfa 1 package com.changhong.epc.count.service.system.func.set.aggregate;
Z 2
3 import com.changhong.epc.bean.count.MasterInfo;
4 import com.changhong.epc.count.service.data.impl.FormDataServiceImpl;
5 import com.changhong.epc.count.service.system.func.set.AbsFuncSupper;
6 import com.changhong.epc.count.service.tool.SystemFunTool;
7 import com.googlecode.aviator.runtime.type.AviatorBigInt;
8 import com.googlecode.aviator.runtime.type.AviatorObject;
9 import com.googlecode.aviator.runtime.type.AviatorString;
10 import com.iemsoft.framework.cloud.core.tools.Assert;
11 import com.iemsoft.framework.cloud.core.tools.SpringUtil;
12
13 import java.util.Map;
14 import java.util.regex.Pattern;
15
16 import static com.changhong.epc.constter.system.businesscode.BudgetBusinessMeaningCode.BUDGET_START_DATE;
17
18 /**
19  * 获取报销次数
20  * @author DELL
21  *
22  */
23 public class CountFuntion  extends AbsFuncSupper{
24
25     private static String reg = "(?:')|(?:--)|(/\\*(?:.|[\\n\\r])*?\\*/)|"
26             + "(\\b(select|update|union|and|or|delete|insert|trancate|char|into|substr|ascii|declare|exec|count|master|into|drop|execute)\\b)";
27
28     private static Pattern sqlPattern = Pattern.compile(reg, Pattern.CASE_INSENSITIVE);
29
30     private static final String FORBID_SQL_PARAM = "FORBID_SQL_PARAM";
31
32     @Override
33     public AviatorObject call(Map<String, Object> env, AviatorObject arg1) {
34         MasterInfo ma = SystemFunTool.getNumberObject(SystemFunTool.getJourney(env));
35         String formId         = SystemFunTool.getStringVal(arg1, env);
36         String expendDate    = SystemFunTool.getStringVal(new AviatorString(BUDGET_START_DATE), env);
37         isValid(formId);
38         Integer num = SpringUtil.getBean(FormDataServiceImpl.class).CountBudget(formId, ma, expendDate);
39         return new AviatorBigInt(num);
40     }
41     
42     
43     @Override
44     public String getName() {
45         return FUNC_GET_COUNT_EXPENSE;
46     }
47
48     private void isValid(String str)
49     {
50         Assert.condition(sqlPattern.matcher(str).find(),FORBID_SQL_PARAM);
51
52     }
53
54
55 }