主要技术、spring、 springmvc、 springboot、 mybatis 、 jquery 、 layUI、md5 、bootstarp.js tomcat、、拦截器等项目
主要功能:登录、用户、菜单管理、角色管理、权限管理、立项申请、报名、结、经费管理、审核、统计等
用户登录:输入账号密码和验证码登录登录、登陆后根据用户权限显示不同菜单、角色灵活控制。
适用
课程设计,大作业,毕业设计,项目练习,学习演示等
/**
* 删除
*/
@RequestMapping("/delete")
@RequiresPermissions("sys:oss:all")
public R delete(@RequestBody Long[] ids){
sysOssService.removeByIds(Arrays.asList(ids));
return R.ok();
}
}
XSS过滤处理业务:
/**
* XSS过滤处理
public R config(){
CloudStorageConfig config = sysConfigService.getConfigObject(KEY, CloudStorageConfig.class);
return R.ok().put("config", config);
}
/**
* 保存云存储配置信息
*/
@RequestMapping("/saveConfig")
@RequiresPermissions("sys:oss:all")
public R saveConfig(@RequestBody CloudStorageConfig config){
//校验类型
ValidatorUtils.validateEntity(config);
if(config.getType() == Constant.CloudService.QINIU.getValue()){
//校验七牛数据
ValidatorUtils.validateEntity(config, QiniuGroup.class);
}else if(config.getType() == Constant.CloudService.ALIYUN.getValue()){
//校验阿里云数据
ValidatorUtils.validateEntity(config, AliyunGroup.class);
}else if(config.getType() == Constant.CloudService.QCLOUD.getValue()){
//校验腾讯云数据
public XssHttpServletRequestWrapper(HttpServletRequest request) {
super(request);
orgRequest = request;
}
@Override
public ServletInputStream getInputStream() throws IOException {
//非json类型,直接返回
if(!MediaType.APPLICATION_JSON_VALUE.equalsIgnoreCase(super.getHeader(HttpHeaders.CONTENT_TYPE))){
return super.getInputStream();
}
//为空,直接返回
String json = IOUtils.toString(super.getInputStream(), "utf-8");
if (StringUtils.isBlank(json)) {
return super.getInputStream();
* 列表
*/
@RequestMapping("/list")
@RequiresPermissions("sys:oss:all")
public R list(@RequestParam Map<String, Object> params){
PageUtils page = sysOssService.queryPage(params);
return R.ok().put("page", page);
}
/**
* 云存储配置信息
*/
@RequestMapping("/config")
@RequiresPermissions("sys:oss:all")
public R config(){
CloudStorageConfig config = sysConfigService.getConfigObject(KEY, CloudStorageConfig.class);
return R.ok().put("config", config);
}
/**
* 保存云存储配置信息
*/
@RequestMapping("/saveConfig")
@RequiresPermissions("sys:oss:all")
public R saveConfig(@RequestBody CloudStorageConfig config){
//校验类型
ValidatorUtils.validateEntity(config);
if(config.getType() == Constant.CloudService.QINIU.getValue()){
//校验七牛数据
/**
* 修改配置
*/
@SysLog("修改配置")
@RequestMapping("/update")
@RequiresPermissions("sys:config:update")
public R update(@RequestBody SysConfigEntity config){
ValidatorUtils.validateEntity(config);
sysConfigService.update(config);
return R.ok();
}
/**
* 删除配置
*/
@SysLog("删除配置")
@RequestMapping("/delete")
@RequiresPermissions("sys:config:delete")
public R delete(@RequestBody Long[] ids){
sysConfigService.deleteBatch(ids);
return R.ok();
}
}
* SQL注入过滤
* @param str 待验证的字符串
*/
public static String sqlInject(String str){
if(StringUtils.isBlank(str)){
return null;
}
//去掉'|"|;|\字符
str = StringUtils.replace(str, "'", "");
str = StringUtils.replace(str, "\"", "");
str = StringUtils.replace(str, ";", "");
str = StringUtils.replace(str, "\\", "");
//转换成小写
str = str.toLowerCase();
//非法字符
String[] keywords = {"master", "truncate", "insert", "select", "delete", "update", "declare", "alter", "drop"};
//判断是否包含非法字符
for(String keyword : keywords){
if(str.indexOf(keyword) != -1){
throw new RRException("包含非法字符");
}
}
return str;
}
str = StringUtils.replace(str, "'", "");
str = StringUtils.replace(str, "\"", "");
str = StringUtils.replace(str, ";", "");
str = StringUtils.replace(str, "\\", "");
//转换成小写
str = str.toLowerCase();
//非法字符
String[] keywords = {"master", "truncate", "insert", "select", "delete", "update", "declare", "alter", "drop"};
//判断是否包含非法字符
for(String keyword : keywords){
if(str.indexOf(keyword) != -1){
throw new RRException("包含非法字符");
}
}
return str;
}
}
系统用户业务操作:
/**
* 系统用户
*/
@RestController
@RequestMapping("/sys/user")
public class SysUserController extends AbstractController {
@Autowired
private SysUserService sysUserService;
public String getHeader(String name) {
String value = super.getHeader(xssEncode(name));
if (StringUtils.isNotBlank(value)) {
value = xssEncode(value);
}
return value;
}
private String xssEncode(String input) {
return htmlFilter.filter(input);
}
/**
* 获取最原始的request
*/
public HttpServletRequest getOrgRequest() {
return orgRequest;
}
/**
* 获取最原始的request
*/
public static HttpServletRequest getOrgRequest(HttpServletRequest request) {
if (request instanceof XssHttpServletRequestWrapper) {
return ((XssHttpServletRequestWrapper) request).getOrgRequest();
}
/**
* 修改配置
*/
@SysLog("修改配置")
@RequestMapping("/update")
@RequiresPermissions("sys:config:update")
public R update(@RequestBody SysConfigEntity config){
ValidatorUtils.validateEntity(config);
sysConfigService.update(config);
return R.ok();
}
/**
* 删除配置
*/
@SysLog("删除配置")
@RequestMapping("/delete")
@RequiresPermissions("sys:config:delete")
public R delete(@RequestBody Long[] ids){
sysConfigService.deleteBatch(ids);
return R.ok();
}
final ByteArrayInputStream bis = new ByteArrayInputStream(json.getBytes("utf-8"));
return new ServletInputStream() {
@Override
public boolean isFinished() {
return true;
}
@Override
public boolean isReady() {
return true;
}
@Override
public void setReadListener(ReadListener readListener) {
}
@Override
public int read() throws IOException {
return bis.read();
}
};
}
@Override
public String getParameter(String name) {