4 ماه پیش · dbdda892c4
--- a/ibps-provider-root/modules/provider-business/src/main/java/com/lc/ibps/aop/IDataTemplateMsgAop.java
+++ b/ibps-provider-root/modules/provider-business/src/main/java/com/lc/ibps/aop/IDataTemplateMsgAop.java
@@ -210,15 +210,20 @@ public class IDataTemplateMsgAop {
 
				         }
			
 
				         if (REMOVE_METHOD.equals(point.getSignature().getName()) || SAVE_METHOD.equals(point.getSignature().getName())){
			
 
				             Map<String,Object> map = LogAopUtil.log(request, point, result, stopWatch);
			
 
				+            List<Object> params = new ArrayList<>();
			
 
				             map.put("table_name" , tableName);
			
 
				             map.put("table_comment" , tableComment);
			
 
				             map.put("data_" , oldData);
			
 
				             map.put("create_time_" , new SimpleDateFormat("yyyy-MM-dd HH:mm:ss").format(new Date()));
			
 
				             String sql = SqlUtil.buildInsertSql(map,TABLE_NAME);
			
 
				+            String preSql = SqlUtil.buildPreInsertSql(map,params,TABLE_NAME);
			
 
				             try {
			
 
				-                commonDao.execute(sql);
			
 
				+                List<Object[]> paramArray = new ArrayList<>();
			
 
				+                paramArray.add(params.toArray());
			
 
				+                //commonDao.execute(sql); old-version
			
 
				+                commonDao.execute(preSql, paramArray);//new-version 预编译
			
 
				             }catch (Exception e){
			
 
				-                logger.error(e.getMessage());
			
 
				+                logger.error("表[{}]中数据[{}]登记日志表失败",e.getMessage(),tableName,oldData);
			
 
				             }
			
 
				         }
			
 
				         return result;
			
--- a/ibps-provider-root/modules/provider-business/src/main/java/com/lc/ibps/untils/SqlUtil.java
+++ b/ibps-provider-root/modules/provider-business/src/main/java/com/lc/ibps/untils/SqlUtil.java
@@ -1,7 +1,6 @@
 
				 package com.lc.ibps.untils;
			
 
				 
			
 
				-import cn.hutool.json.JSONObject;
			
 
				-
			
 
				+import java.util.List;
			
 
				 import java.util.Map;
			
 
				 
			
 
				 public class SqlUtil {
			
@@ -53,4 +52,29 @@ public class SqlUtil {
 
				         return sql.toString();
			
 
				     }
			
 
				 
			
 
				+    /**
			
 
				+     * 预编译insert，防止
			
 
				+     */
			
 
				+    public static String buildPreInsertSql(Map<String, Object> map,List<Object> params, String tableName) throws Exception {
			
 
				+        StringBuilder sql = new StringBuilder("insert into " + tableName + " (");
			
 
				+        StringBuilder placeholders = new StringBuilder(" values(");
			
 
				+        //List<Object> params = new ArrayList<>();
			
 
				+        int index = 0;
			
 
				+        for (Map.Entry<String, Object> entry : map.entrySet()) {//保证字段key和字段value的顺序一一对应
			
 
				+            sql.append(entry.getKey()).append(",");
			
 
				+            placeholders.append("#{p"+(index++)+"},");//OPINION_=#{p3}
			
 
				+            params.add(entry.getValue());
			
 
				+        }
			
 
				+
			
 
				+        // 删除末尾的逗号
			
 
				+        sql.deleteCharAt(sql.length() - 1);
			
 
				+        placeholders.deleteCharAt(placeholders.length() - 1);
			
 
				+
			
 
				+        sql.append(")");
			
 
				+        placeholders.append(")");
			
 
				+        sql.append(placeholders.toString());
			
 
				+
			
 
				+        return sql.toString();
			
 
				+    }
			
 
				+
			
 
				 }