代码漏洞修改

zd-modules/zd-modules-laboratory/src/main/java/com/zd/laboratory/config/InjectFilter.java

@@ -22,6 +22,7 @@ public class InjectFilter implements Filter {
     private static Logger log = LoggerFactory.getLogger(InjectFilter.class);
     private static final String REG_EXP = "\\.\\./";
 
+    @Override
     public void doFilter(ServletRequest request, ServletResponse response,
                          FilterChain filterchain) throws IOException, ServletException {
         //判断是否有注入攻击字符

zd-modules/zd-modules-laboratory/src/main/java/com/zd/laboratory/controller/LabAudioSynthesisController.java

@@ -23,7 +23,6 @@ import com.zd.common.core.annotation.PreAuthorize;
 import com.zd.laboratory.domain.LabAudioSynthesis;
 import com.zd.laboratory.service.ILabAudioSynthesisService;
 import com.zd.common.core.web.controller.BaseController;
-import com.zd.model.domain.ResultData;
 import com.zd.common.core.utils.ExcelUtil;
 import io.swagger.annotations.Api;
 import io.swagger.annotations.ApiOperation;

zd-modules/zd-modules-laboratory/src/main/java/com/zd/laboratory/controller/LabBuildFloorController.java

@@ -143,7 +143,7 @@ public class LabBuildFloorController  extends BaseController<LabBuildFloor> {
     @ApiOperation(value = "查询登录人管理的实验室的楼栋(楼层)对象")
     public ResultData getBuildOrFloorInfo(LabBuildFloorVo labBuildFloorVo) {
         List <LabBuildFloorVo> buildFloorList = labBuildFloorService.getBuildOrFloorList(labBuildFloorVo);
-        if(buildFloorList.size()>0){
+        if(!buildFloorList.isEmpty() && buildFloorList.size()>0){
             return ResultData.success(buildFloorList.get(0));
         }
         LabBuildFloorVo buildFloorVo = new LabBuildFloorVo();

zd-modules/zd-modules-laboratory/src/main/java/com/zd/laboratory/controller/LabBuildingController.java

@@ -191,7 +191,7 @@ public class LabBuildingController extends BaseController {
         }
 
         //增加危险等级
-        List<LabSubClassVO> labSubClassVOS = null;
+        //List<LabSubClassVO> labSubClassVOS = null;
 
         //增加地址
         List<Long> layoutids = new ArrayList<>();

zd-modules/zd-modules-laboratory/src/main/java/com/zd/laboratory/controller/LabCheckConfigController.java

@@ -4,7 +4,6 @@ import com.zd.model.domain.ResultData;
 import com.zd.model.domain.per.PerFun;
 import com.zd.model.domain.per.PerPrefix;
 import com.zd.common.core.web.controller.BaseController;
-import com.zd.model.domain.ResultData;
 import com.zd.common.core.annotation.Log;
 import com.zd.common.core.log.BusinessType;
 import com.zd.common.core.annotation.PreAuthorize;

zd-modules/zd-modules-laboratory/src/main/java/com/zd/laboratory/controller/LabCheckMachineMsgController.java

@@ -35,9 +35,6 @@ public class LabCheckMachineMsgController extends BaseController {
     @GetMapping("/list")
     @ApiOperation(value = "查询一体机安全检查通知消息列表")
     public ResultData<List<LabCheckMachineMsgVo>> list(LabCheckMachineMsg labCheckMachineMsg) {
-        // 2.6 弃用
-        //List<LabCheckMachineMsg> list = labCheckMachineMsgService.selectLabCheckMachineMsgList(labCheckMachineMsg);
-
         List<LabCheckMachineMsgVo> list = labCheckMachineMsgService.selectCheckMsg(labCheckMachineMsg);
         return ResultData.success(list);
     }

zd-modules/zd-modules-laboratory/src/main/java/com/zd/laboratory/controller/LabCheckOptionController.java

@@ -11,7 +11,6 @@ import com.zd.laboratory.domain.LabCheckOption;
 import com.zd.laboratory.domain.vo.LabCheckOptionExcelVo;
 import com.zd.laboratory.service.ILabCheckOptionService;
 import com.zd.laboratory.service.impl.WordService;
-import com.zd.model.domain.ResultData;
 import com.zd.model.domain.per.PerFun;
 import com.zd.model.domain.per.PerPrefix;
 import com.zd.model.page.TableDataInfo;

zd-modules/zd-modules-laboratory/src/main/java/com/zd/laboratory/controller/LabCheckRecordController.java

@@ -88,7 +88,7 @@ public class LabCheckRecordController extends BaseController {
             applyvo.setUserId(sysUser.getUserId());
             List<LabSecurityApplyVO> applist = labSecurityApplyService.selectApplyListEffective(applyvo);
             //获取实验室集合
-            if(applist.size()>0){
+            if(!applist.isEmpty() && applist.size()>0){
                 List<Long> ids = new ArrayList<>();
                 for (int i=0;i<applist.size();i++){
                     ids.add(applist.get(i).getSubjectId());
@@ -342,7 +342,7 @@ public class LabCheckRecordController extends BaseController {
         labCheckRecord.setIsFabu(1);//已发布的数据
         List<LabCheckRecord> list = labCheckRecordService.selectLabCheckRecordList(labCheckRecord);
 
-        Map<String,Object> maplist = new HashMap<>();
+        //Map<String,Object> maplist = new HashMap<>();
         //按照日期对数据分组
         if(list!=null){
             Map<String, List<LabCheckRecord>> map = new HashMap<>();

zd-modules/zd-modules-laboratory/src/main/java/com/zd/laboratory/controller/LabCheckRecordDetailsController.java

@@ -251,7 +251,7 @@ public class LabCheckRecordDetailsController extends BaseController {
             applyvo.setUserId(sysUser.getUserId());
             List<LabSecurityApplyVO> applist = labSecurityApplyService.selectApplyListEffective(applyvo);
             //获取实验室集合
-            if(applist.size()>0){
+            if(!applist.isEmpty() && applist.size()>0){
                 List<Long> ids = new ArrayList<>();
                 for (int i=0;i<applist.size();i++){
                     ids.add(applist.get(i).getSubjectId());
@@ -337,7 +337,7 @@ public class LabCheckRecordDetailsController extends BaseController {
             applyvo.setUserId(sysUser.getUserId());
             List<LabSecurityApplyVO> applist = labSecurityApplyService.selectApplyListEffective(applyvo);
             //获取实验室集合
-            if(applist.size()>0){
+            if(!applist.isEmpty() && applist.size()>0){
                 List<Long> ids = new ArrayList<>();
                 for (int i=0;i<applist.size();i++){
                     ids.add(applist.get(i).getSubjectId());