Hibernate sql注入

    /**
     * 每周使用率
     * @param start
     * @param end
     * @return
     */
    public Map<String, Object> loadPieByWeek(String start, String end) {
        // 结果集
        Map<String,Object> result = new HashMap<String, Object>();
        Map<String,Object> dataMpa = null;
        List<Map<String,Object>> listData = Lists.newArrayList();
        List<String> legends = new ArrayList();
        SQLQuery query = getSession().createSQLQuery("SELECT COUNT(*) AS count,(SELECT soft.sname FROM t_apply_software_infos AS soft\n" +
                "\tWHERE\n" +
                "\t\tsoft.id = t_custom_monitor_infos.software_id\n" +
                ") AS name\n" +
                "FROM\n" +
                "\tt_custom_monitor_infos\n" +
                "WHERE\n" +
                "\tDATE(created_at) >= :start\n" +
                "AND DATE(created_at) <= :end\n" +
                "GROUP BY\n" +
                "\tsoftware_id");
        query.setParameter("start", start).setParameter("end", end);
        List list = query.addScalar("name", StandardBasicTypes.STRING).addScalar("count", StandardBasicTypes.INTEGER).list();
        for (Iterator iterator = list.iterator(); iterator.hasNext(); ) {
            dataMpa = new HashMap<String, Object>();
            Object[] objects = (Object[]) iterator.next();
            legends.add((String) objects[0]);
            dataMpa.put("name",objects[0]);
            dataMpa.put("value",objects[1]);
            // 对象合并
            JSONObject jsonObject = new JSONObject();
            jsonObject.putAll(dataMpa);
            listData.add(jsonObject);
        }
        result.put("legends",legends);
        result.put("data",listData);
        return result;
    }

image.png
©著作权归作者所有,转载或内容合作请联系作者
平台声明:文章内容(如有图片或视频亦包括在内)由作者上传并发布,文章内容仅代表作者本人观点,简书系信息发布平台,仅提供信息存储服务。

推荐阅读更多精彩内容