ac.queryBefore不可以用in吗?
小说_北京 发布于101月前 3答/1946阅

ac.where=" userid in(${s})"


[沙发] 烬TMC
 select count(*) from psy_userpsy userid in('21','30','274','275','277','280','283','287','1196')

sql不对  没where
亮点
[地板] Jieven
这个时间有点长,不太确认,可以测试一下,不报错就可以!
${s} 这个东西 肯定是不能识别的!
[地毯] 小说_北京
${s}是字符串的意思,无意义。
测试报错,不能用in,
但程序需要这个逻辑,如何破?

07-28 16:33:26[ERROR]/grid/query/bgqx-bgqxsz
com.jfinal.plugin.activerecord.ActiveRecordException: java.sql.SQLException: sql injection violation, syntax error: syntax error, error in :'erid in('21','30','274','275','277'',expect IN, actual IN in : select count(*) from psy_userpsy userid in('21','30','274','275','277','280','283','287','1196')
	at com.jfinal.plugin.activerecord.DbPro.paginate(DbPro.java:517)
	at com.eova.widget.grid.GridController.query(GridController.java:126)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:606)
	at com.jfinal.aop.Invocation.invoke(Invocation.java:73)
	at com.eova.interceptor.LoginInterceptor.intercept(LoginInterceptor.java:68)
	at com.jfinal.aop.Invocation.invoke(Invocation.java:67)
	at com.jfinal.core.ActionHandler.handle(ActionHandler.java:74)
	at com.jfinal.ext.handler.ContextPathHandler.handle(ContextPathHandler.java:47)
	at com.jfinal.plugin.druid.DruidStatViewHandler.handle(DruidStatViewHandler.java:75)
	at com.jfinal.core.JFinalFilter.doFilter(JFinalFilter.java:72)
提交评论