JeecgBoot 3.1.0 版本发布，基于代码生成器的企业级低代码平台

zhangdaiscott
1 parent 8ce5026d
Showing 3 changed files with 3 additions and 3 deletions
jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/CommonController.java
jeecg-boot/jeecg-boot-module-system/src/main/java/org/jeecg/modules/system/controller/SysUploadController.java
jeecg-boot/jeecg-cloud-module/jeecg-cloud-test/jeecg-cloud-test-shardingsphere/src/main/resources/application-sharding.yml
@@ -76,7 +76,7 @@ public class CommonController {
         String bizPath = request.getParameter("biz");
         //LOWCOD-2580 sys/common/upload接口存在任意文件上传漏洞
-        if(bizPath.contains("../") || bizPath.contains("..\\")){
+        if (oConvertUtils.isNotEmpty(bizPath) && (bizPath.contains("../") || bizPath.contains("..\\"))) {
             throw new JeecgBootException("上传目录bizPath，格式非法！");
         }
@@ -37,7 +37,7 @@ public class SysUploadController {
         String bizPath = request.getParameter("biz");
         //LOWCOD-2580 sys/common/upload接口存在任意文件上传漏洞
-        if(bizPath.contains("../") || bizPath.contains("..\\")){
+        if (oConvertUtils.isNotEmpty(bizPath) && (bizPath.contains("../") || bizPath.contains("..\\"))) {
             throw new JeecgBootException("上传目录bizPath，格式非法！");
         }
@@ -28,7 +28,7 @@ spring:
             props:
               strategy: standard
               # 自定义标准分配算法
-              algorithmClassName: org.jeecg.modules.demo.sharding.algorithm.StandardModTableShardAlgorithm
+              algorithmClassName: org.jeecg.modules.test.sharding.algorithm.StandardModTableShardAlgorithm
             type: CLASS_BASED
         tables:
           # 逻辑表名称