修改参数

ab11759e · 宋毅 · 7fb3d068 · ab11759e
Commit ab11759e authored Oct 22, 2021 by 宋毅
Show whitespace changes
Inline Side-by-side

Showing with 7 additions and 2 deletions

igirl-channel-web/app/base/controller/impl/trademark/tmqueryCtl.js
+7 -2

No files found.
--- a/igirl-channel-web/app/base/controller/impl/trademark/tmqueryCtl.js
+++ b/igirl-channel-web/app/base/controller/impl/trademark/tmqueryCtl.js
@@ -41,9 +41,13 @@ class tmqueryCtl extends CtlBase {
            if (!pobj.actionType) {
                return system.getResult(null, "actionType不能为空");
            }
-            if (pobj.actionType.indexOf(";")>=0) {
+            let text_keyword_tags = pobj.actionType.replace(/[,`~!@#$%^&*:;><|.\\ \/=]/g, "");
+            if(text_keyword_tags.length!=pobj.actionType.length){
                return system.getResult(null, "非法参数");
            }
+            // if (pobj.actionType.indexOf(";")>=0||pobj.actionType.indexOf("|")>=0) {
+            //     return system.getResult(null, "非法参数");
+            // }
            if (!pobj.actionBody) {
                return system.getResult(null, "actionBody不能为空");
            }
@@ -764,7 +768,6 @@ class tmqueryCtl extends CtlBase {

    //----------------------------gsb------操作------------end

-
    async getUserByPin(pobj, qobj, req) {
        var user = req.session.userPinInfo;
        if (!user) {
@@ -775,6 +778,7 @@ class tmqueryCtl extends CtlBase {
        }
        return system.getResultSuccess(user);
    }
+
 }

 module.exports = tmqueryCtl;
\ No newline at end of file