|
|
@@ -188,8 +188,11 @@ namespace OASystem.Infrastructure.Repositories.Resource
|
|
|
{
|
|
|
_sqlSugar.BeginTran();
|
|
|
|
|
|
- string selectSql = string.Format(@"select * from Res_OfficialActivities where Client='{0}' and Address='{1}' and IsDel='{2}'", dto.Client, dto.Address, 0);
|
|
|
- var res_InvitationOfficial = await _sqlSugar.SqlQueryable<Res_OfficialActivities>(selectSql).FirstAsync();//查询是否存在
|
|
|
+ //处理sql注入 2024-05-22 袁
|
|
|
+ //string selectSql = string.Format(@"select * from Res_OfficialActivities where Client='{0}' and Address='{1}' and IsDel='{2}'", dto.Client, dto.Address, 0);
|
|
|
+ //var res_InvitationOfficial = await _sqlSugar.SqlQueryable<Res_OfficialActivities>(selectSql).FirstAsync();//查询是否存在
|
|
|
+ var res_InvitationOfficial = await _sqlSugar.Queryable< Res_OfficialActivities >().FirstAsync(x=>x.Client == dto.Client && x.Address == dto.Address && x.IsDel == 0);
|
|
|
+
|
|
|
if (res_InvitationOfficial != null)
|
|
|
{
|
|
|
_sqlSugar.RollbackTran();
|
yuanrf