package com.changhong.epc.count.service.system.func.set.aggregate;
|
|
import com.changhong.epc.bean.count.MasterInfo;
|
import com.changhong.epc.count.service.data.impl.FormDataServiceImpl;
|
import com.changhong.epc.count.service.system.func.set.AbsFuncSupper;
|
import com.changhong.epc.count.service.tool.SystemFunTool;
|
import com.googlecode.aviator.runtime.type.AviatorBigInt;
|
import com.googlecode.aviator.runtime.type.AviatorObject;
|
import com.googlecode.aviator.runtime.type.AviatorString;
|
import com.iemsoft.framework.cloud.core.tools.Assert;
|
import com.iemsoft.framework.cloud.core.tools.SpringUtil;
|
|
import java.util.Map;
|
import java.util.regex.Pattern;
|
|
import static com.changhong.epc.constter.system.businesscode.BudgetBusinessMeaningCode.BUDGET_START_DATE;
|
|
/**
|
* 获取报销次数
|
* @author DELL
|
*
|
*/
|
public class CountFuntion extends AbsFuncSupper{
|
|
private static String reg = "(?:')|(?:--)|(/\\*(?:.|[\\n\\r])*?\\*/)|"
|
+ "(\\b(select|update|union|and|or|delete|insert|trancate|char|into|substr|ascii|declare|exec|count|master|into|drop|execute)\\b)";
|
|
private static Pattern sqlPattern = Pattern.compile(reg, Pattern.CASE_INSENSITIVE);
|
|
private static final String FORBID_SQL_PARAM = "FORBID_SQL_PARAM";
|
|
@Override
|
public AviatorObject call(Map<String, Object> env, AviatorObject arg1) {
|
MasterInfo ma = SystemFunTool.getNumberObject(SystemFunTool.getJourney(env));
|
String formId = SystemFunTool.getStringVal(arg1, env);
|
String expendDate = SystemFunTool.getStringVal(new AviatorString(BUDGET_START_DATE), env);
|
isValid(formId);
|
Integer num = SpringUtil.getBean(FormDataServiceImpl.class).CountBudget(formId, ma, expendDate);
|
return new AviatorBigInt(num);
|
}
|
|
|
@Override
|
public String getName() {
|
return FUNC_GET_COUNT_EXPENSE;
|
}
|
|
private void isValid(String str)
|
{
|
Assert.condition(sqlPattern.matcher(str).find(),FORBID_SQL_PARAM);
|
|
}
|
|
|
}
|
