3 năm trước cách đây · 931888b364
--- a/src/custom/com/alibaba/fastjson/JSONObject.java
+++ b/src/custom/com/alibaba/fastjson/JSONObject.java
@@ -304,7 +304,7 @@ public class JSONObject extends JSON implements Map<String, Object>, Cloneable,
 
				         if (value == null) {
			
 
				             return null;
			
 
				         }
			
 
				-        value = value.toString().replaceAll("([';])+|(--)+", "");
			
 
				+        value = value.toString().replaceAll("([';])+|(--)+", "");//去除特殊字符，防止sql注入
			
 
				         return value.toString();
			
 
				     }
			
 
				 
			
@@ -350,7 +350,7 @@ public class JSONObject extends JSON implements Map<String, Object>, Cloneable,
 
				             if (fieldvalue.length() > maxlength) {
			
 
				                 throw new D3bException(fieldtitle + " 内容超过最大字数" + maxlength + "限制");
			
 
				             }
			
 
				-            fieldvalue = fieldvalue.replaceAll("([';])+|(--)+", "");
			
 
				+            fieldvalue = fieldvalue.replaceAll("([';])+|(--)+", "");//去除特殊字符，防止sql注入
			
 
				         }
			
 
				         return fieldvalue;
			
 
				     }
			
--- a/src/dsb/com/cnd3b/restcontroller/customer/supplyanddemand/supplyanddemand.java
+++ b/src/dsb/com/cnd3b/restcontroller/customer/supplyanddemand/supplyanddemand.java
@@ -27,8 +27,8 @@ public class supplyanddemand extends Controller {
 
				         /**
			
 
				          *排序条件设置
			
 
				          */
			
 
				-        String[] sortfield = {"case when t1.fstatus='已解决'then 0 when t1.fstatus='对接中'then 1 else 2 end desc, t1.tsupplyanddemandid desc"};
			
 
				-        String sort = getSort(sortfield, "case when t1.fstatus='已解决'then 0 when t1.fstatus='对接中'then 1 else 2 end desc, t1.tsupplyanddemandid desc");
			
 
				+        String[] sortfield = {"case when t1.fstatus in('已解决','已过期') then 0 when t1.fstatus='对接中'then 1 else 2 end desc, t1.tsupplyanddemandid desc"};
			
 
				+        String sort = getSort(sortfield, "case when t1.fstatus in('已解决','已过期') then 0 when t1.fstatus='对接中'then 1 else 2 end desc, t1.tsupplyanddemandid desc");
			
 
				         /**
			
 
				          * 过滤条件设置
			
 
				          */
			
@@ -130,8 +130,8 @@ public class supplyanddemand extends Controller {
 
				         /**
			
 
				          *排序条件设置
			
 
				          */
			
 
				-        String[] sortfield = {"case when t1.fstatus='已解决'then 0 when t1.fstatus='对接中'then 1 else 2 end desc, t1.tsupplyanddemandid desc"};
			
 
				-        String sort = getSort(sortfield, "case when t1.fstatus='已解决'then 0 when t1.fstatus='对接中'then 1 else 2 end desc, t1.tsupplyanddemandid desc");
			
 
				+        String[] sortfield = {"case when t1.fstatus in('已解决','已过期') then 0 when t1.fstatus='对接中'then 1 else 2 end desc, t1.tsupplyanddemandid desc"};
			
 
				+        String sort = getSort(sortfield, "case when t1.fstatus in('已解决','已过期') then 0 when t1.fstatus='对接中'then 1 else 2 end desc, t1.tsupplyanddemandid desc");
			
 
				         /**
			
 
				          * 过滤条件设置
			
 
				          */
			
@@ -248,7 +248,7 @@ public class supplyanddemand extends Controller {
 
				         if (rows.isEmpty()) {
			
 
				             return getErrReturnObject().setErrMsg("供需内容不存在").toString();
			
 
				         }
			
 
				-        if (!Arrays.asList(new String[]{"新建", "发布", "待对接", "正在对接", "已解决", "已过期"}).contains(fstatus)) {
			
 
				+        if (!Arrays.asList(new String[]{"新建", "发布", "待对接", "对接中", "已解决", "已过期"}).contains(fstatus)) {
			
 
				             return getErrReturnObject().setErrMsg("无效的供需状态").toString();
			
 
				         }
			
 
				         switch (fstatus) {