From 0ca41ed7c0495d3111365d2ffc1c09b6f66ab65d Mon Sep 17 00:00:00 2001
From: sgjj <995959152@qq.com>
Date: Mon, 11 May 2020 16:20:49 +0800
Subject: [PATCH] =?UTF-8?q?sql=E6=B3=A8=E5=85=A5?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/main/java/net/mingsoft/cms/action/web/MCmsAction.java | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/main/java/net/mingsoft/cms/action/web/MCmsAction.java b/src/main/java/net/mingsoft/cms/action/web/MCmsAction.java
index 5918610a..2ad8b959 100644
--- a/src/main/java/net/mingsoft/cms/action/web/MCmsAction.java
+++ b/src/main/java/net/mingsoft/cms/action/web/MCmsAction.java
@@ -447,6 +447,11 @@ public class MCmsAction extends net.mingsoft.cms.action.BaseAction {
 		this.outString(response, content);
 	}
 
+    /**
+     * sql语句检测，存在返回true
+     * @param str
+     * @return
+     */
 	public static boolean sqlFilter(String str){
 		Pattern pattern= Pattern.compile("\\b(and|exec|insert|select|drop|grant|alter|delete|update|count|chr|mid|master|truncate|char|declare|or)\\b|(\\*|;|\\+|'|%)");
 		Matcher matcher=pattern.matcher(str);