diff --git a/src/main/java/com/weaver/seconddev/jcldoor/cmd/DevCollaborationInfoCmd.java b/src/main/java/com/weaver/seconddev/jcldoor/cmd/DevCollaborationInfoCmd.java index 61a6c5f..acbb338 100644 --- a/src/main/java/com/weaver/seconddev/jcldoor/cmd/DevCollaborationInfoCmd.java +++ b/src/main/java/com/weaver/seconddev/jcldoor/cmd/DevCollaborationInfoCmd.java @@ -1,6 +1,8 @@ package com.weaver.seconddev.jcldoor.cmd; import com.weaver.common.base.entity.result.WeaResult; +import com.weaver.ebuilder.datasource.api.entity.SqlParamEntity; +import com.weaver.ebuilder.datasource.api.enums.SqlParamType; import com.weaver.framework.rpc.annotation.RpcReference; import com.weaver.seconddev.jcldoor.util.DatabaseUtils; import com.weaver.teams.domain.user.SimpleEmployee; @@ -100,22 +102,35 @@ public class DevCollaborationInfoCmd { " from wfc_form_data l\n" + " inner join fto_83 d on d.id = l.dataid\n" + " inner join wfc_requestbase p on p.requestid = l.requestid\n" + - " where d.mutiresource='" + employeeId + "'\n" + - " and d.xsjfrq >='" + startday + "'" + - " and d.xsjfrq <='" + endday + "'" + - " and d.tenant_key='" + tenant_key + "'\n" + + " where d.mutiresource= ?\n" + + " and d.xsjfrq >= ?" + + " and d.xsjfrq <= ?" + + " and d.tenant_key= ?\n" + " and d.is_delete='0'\n" + - " and l.tenant_key='" + tenant_key + "'\n" + + " and l.tenant_key=?\n" + " and l.delete_type=0\n" + - " and p.tenant_key='" + tenant_key + "'\n" + + " and p.tenant_key=?\n" + " and p.delete_type=0\n" + " order by d.id desc "; + List strlist = new ArrayList<>(100); + strlist.add(employeeId); + strlist.add(startday); + strlist.add(endday); + strlist.add(tenant_key); + strlist.add(tenant_key); + strlist.add(tenant_key); + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + + + + log.info("DevDaysCountCmd sql:" + dataSql); - Map result = databaseUtils.execute(sourceType, groupId, dataSql); - List> recordList = databaseUtils.getDataSourceList(result); - if (CollectionUtils.isNotEmpty(recordList)) { + Map result = databaseUtils.executeForQuery(sourceType, groupId, dataSql,sqlparam); + List> recordList = databaseUtils.getDataSourceList(result); + if(recordList.size()>0){ devcou = String.valueOf(recordList.get(0).get("devcou")); } } @@ -157,22 +172,33 @@ public class DevCollaborationInfoCmd { " from wfc_form_data l\n" + " inner join fto_62 d on d.id = l.dataid\n" + " inner join wfc_requestbase p on p.requestid = l.requestid\n" + - " where d.multiresource5='" + employeeId + "'\n" + - " and d.date2 >='" + startday + "'" + - " and d.date2 <='" + endday + "'" + - " and d.tenant_key='" + tenant_key + "'\n" + + " where d.multiresource5=?\n" + + " and d.date2 >=?" + + " and d.date2 <=?" + + " and d.tenant_key=?\n" + " and d.is_delete='0'\n" + - " and l.tenant_key='" + tenant_key + "'\n" + + " and l.tenant_key=?\n" + " and l.delete_type=0\n" + - " and p.tenant_key='" + tenant_key + "'\n" + + " and p.tenant_key=?\n" + " and p.delete_type=0\n" + " order by d.id desc "; log.info("DevQuestCountCmd dataSql:" + dataSql); - Map result = databaseUtils.execute(sourceType, groupId, dataSql); - List> recordList = databaseUtils.getDataSourceList(result); - if (CollectionUtils.isNotEmpty(recordList)) { + + List strlist = new ArrayList<>(100); + strlist.add(employeeId); + strlist.add(startday); + strlist.add(endday); + strlist.add(tenant_key); + strlist.add(tenant_key); + strlist.add(tenant_key); + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + + Map result = databaseUtils.executeForQuery(sourceType, groupId, dataSql,sqlparam); + List> recordList = databaseUtils.getDataSourceList(result); + if(recordList.size()>0){ devcou = String.valueOf(recordList.get(0).get("devcou")); } } @@ -196,30 +222,41 @@ public class DevCollaborationInfoCmd { String sourceType = "LOGIC"; Map dataMap = new HashMap(); - try{ + try { Calendar calendar = Calendar.getInstance(); int year = calendar.get(Calendar.YEAR); - if(StringUtils.isBlank(startday)){ - startday = year+"-01-01"; + if (StringUtils.isBlank(startday)) { + startday = year + "-01-01"; } - if(StringUtils.isBlank(endday)){ + if (StringUtils.isBlank(endday)) { endday = sdf.format(new Date()); } - if(StringUtils.isBlank(employeeId)){ + if (StringUtils.isBlank(employeeId)) { employeeId = String.valueOf(UserContext.getCurrentEmployeeId()); } String sql = " select count(1) as count from cw_content " + - " where CREATOR='"+employeeId+"'\n" + - " and left(CREATE_TIME,10)>='"+startday+"' and left(CREATE_TIME,10) <= '"+endday+"'" ; + " where CREATOR=?\n" + + " and left(CREATE_TIME,10)>=? and left(CREATE_TIME,10) <= ?"; + + log.error("getInteractInfo sql:" + sql); + + + + List strlist = new ArrayList<>(100); + strlist.add(employeeId); + strlist.add(startday); + strlist.add(endday); + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + - log.error("getInteractInfo sql:"+sql); - Map result = databaseUtils.execute(sourceType, groupId, sql); - List> recordList = databaseUtils.getDataSourceList(result); - if(recordList.size()>0){ + Map result = databaseUtils.executeForQuery(sourceType, groupId, sql, sqlparam); + List> recordList = databaseUtils.getDataSourceList(result); + if (recordList.size() > 0) { dataMap = recordList.get(0); } diff --git a/src/main/java/com/weaver/seconddev/jcldoor/cmd/DevDaysCountCmd.java b/src/main/java/com/weaver/seconddev/jcldoor/cmd/DevDaysCountCmd.java index b0f292e..94fd779 100644 --- a/src/main/java/com/weaver/seconddev/jcldoor/cmd/DevDaysCountCmd.java +++ b/src/main/java/com/weaver/seconddev/jcldoor/cmd/DevDaysCountCmd.java @@ -1,10 +1,9 @@ package com.weaver.seconddev.jcldoor.cmd; -import com.weaver.common.base.entity.result.WeaResult; +import com.weaver.ebuilder.datasource.api.entity.SqlParamEntity; import com.weaver.seconddev.jcldoor.util.DatabaseUtils; import com.weaver.teams.domain.user.SimpleEmployee; import com.weaver.teams.security.context.UserContext; -import org.apache.commons.collections.CollectionUtils; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -65,22 +64,32 @@ public class DevDaysCountCmd { " from wfc_form_data l\n" + " inner join fto_83 d on d.id = l.dataid\n" + " inner join wfc_requestbase p on p.requestid = l.requestid\n" + - " where d.mutiresource='" + employeeId + "'\n" + - " and d.xsjfrq >='" + startday + "'" + - " and d.xsjfrq <='" + endday + "'" + - " and d.tenant_key='" + tenant_key + "'\n" + + " where d.mutiresource=?\n" + + " and d.xsjfrq >=?" + + " and d.xsjfrq <=?" + + " and d.tenant_key=?\n" + " and d.is_delete='0'\n" + - " and l.tenant_key='" + tenant_key + "'\n" + + " and l.tenant_key=?\n" + " and l.delete_type=0\n" + - " and p.tenant_key='" + tenant_key + "'\n" + + " and p.tenant_key=?\n" + " and p.delete_type=0\n" + " order by d.id desc "; log.info("DevDaysCountCmd sql:" + dataSql); + List strlist = new ArrayList<>(100); + strlist.add(employeeId); + strlist.add(startday); + strlist.add(endday); + strlist.add(tenant_key); + strlist.add(tenant_key); + strlist.add(tenant_key); - Map result = databaseUtils.execute(sourceType, groupId, dataSql); - List> recordList = databaseUtils.getDataSourceList(result); - if (CollectionUtils.isNotEmpty(recordList)) { + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + + + Map result = databaseUtils.executeForQuery(sourceType, groupId, dataSql,sqlparam); + List> recordList = databaseUtils.getDataSourceList(result); + if(recordList.size()>0){ devcou = String.valueOf(recordList.get(0).get("devcou")); } } diff --git a/src/main/java/com/weaver/seconddev/jcldoor/cmd/DevQuestCountCmd.java b/src/main/java/com/weaver/seconddev/jcldoor/cmd/DevQuestCountCmd.java index e11f815..638ed28 100644 --- a/src/main/java/com/weaver/seconddev/jcldoor/cmd/DevQuestCountCmd.java +++ b/src/main/java/com/weaver/seconddev/jcldoor/cmd/DevQuestCountCmd.java @@ -1,6 +1,8 @@ package com.weaver.seconddev.jcldoor.cmd; import com.weaver.common.base.entity.result.WeaResult; +import com.weaver.ebuilder.datasource.api.entity.SqlParamEntity; +import com.weaver.ebuilder.datasource.api.enums.SqlParamType; import com.weaver.seconddev.jcldoor.util.DatabaseUtils; import com.weaver.teams.domain.user.SimpleEmployee; import com.weaver.teams.security.context.UserContext; @@ -66,21 +68,33 @@ public class DevQuestCountCmd { " from wfc_form_data l\n" + " inner join fto_62 d on d.id = l.dataid\n" + " inner join wfc_requestbase p on p.requestid = l.requestid\n" + - " where d.multiresource5='" + employeeId + "'\n" + - " and d.date2 >='" + startday + "'" + - " and d.date2 <='" + endday + "'" + - " and d.tenant_key='" + tenant_key + "'\n" + + " where d.multiresource5=?\n" + + " and d.date2 >=?" + + " and d.date2 <=?" + + " and d.tenant_key=?\n" + " and d.is_delete='0'\n" + - " and l.tenant_key='" + tenant_key + "'\n" + + " and l.tenant_key=?\n" + " and l.delete_type=0\n" + - " and p.tenant_key='" + tenant_key + "'\n" + + " and p.tenant_key=?\n" + " and p.delete_type=0\n" + " order by d.id desc "; log.info("DevQuestCountCmd dataSql:" + dataSql); - Map result = databaseUtils.execute(sourceType, groupId, dataSql); - List> recordList = databaseUtils.getDataSourceList(result); + List strlist = new ArrayList<>(100); + strlist.add(employeeId); + strlist.add(startday); + strlist.add(endday); + strlist.add(tenant_key); + strlist.add(tenant_key); + strlist.add(tenant_key); + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + + + Map result = databaseUtils.executeForQuery(sourceType, groupId, dataSql,sqlparam); + List> recordList = databaseUtils.getDataSourceList(result); + if (CollectionUtils.isNotEmpty(recordList)) { devcou = String.valueOf(recordList.get(0).get("devcou")); } diff --git a/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalBirthdayWishesCmd.java b/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalBirthdayWishesCmd.java index a48e9b7..a3c67d9 100644 --- a/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalBirthdayWishesCmd.java +++ b/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalBirthdayWishesCmd.java @@ -3,6 +3,8 @@ package com.weaver.seconddev.jcldoor.cmd; import com.alibaba.fastjson.JSONArray; import com.alibaba.fastjson.JSONObject; +import com.weaver.ebuilder.datasource.api.entity.SqlParamEntity; +import com.weaver.ebuilder.datasource.api.enums.SqlParamType; import com.weaver.seconddev.jcldoor.util.CommonUtils; import com.weaver.seconddev.jcldoor.util.DatabaseUtils; import com.weaver.teams.domain.user.SimpleEmployee; @@ -14,10 +16,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import javax.servlet.http.HttpServletRequest; import java.text.SimpleDateFormat; -import java.util.Date; -import java.util.HashMap; -import java.util.List; -import java.util.Map; +import java.util.*; /** * 生日祝福 @@ -71,13 +70,20 @@ public class PortalBirthdayWishesCmd { " inner join eteams.position c on c.id = k.position\n" + "where\n" + " BIRTHDAY is not null\n" + - " and right(left(BIRTHDAY, 10), 5) = '"+day+"'\n" + + " and right(left(BIRTHDAY, 10), 5) = ?\n" + " and k.status = 'normal'\n" + " and k.type = 'inside'\n" + - " and k.tenant_key = '" + tenant_key + "'"; + " and k.tenant_key = ?"; + + List strlist = new ArrayList<>(100); + strlist.add(day); + strlist.add(tenant_key); + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + log.error("getuserIfo--dataSql:" + dataSql); - Map data = databaseUtils.execute(sourceType, groupId, dataSql); + Map data = databaseUtils.executeForQuery(sourceType, groupId, dataSql, sqlparam); List> recordList = databaseUtils.getDataSourceList(data); if (CollectionUtils.isNotEmpty(recordList)) { for(Map map:recordList){ diff --git a/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalCollaborationInfoCmd.java b/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalCollaborationInfoCmd.java index b184025..8b96dae 100644 --- a/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalCollaborationInfoCmd.java +++ b/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalCollaborationInfoCmd.java @@ -1,6 +1,8 @@ package com.weaver.seconddev.jcldoor.cmd; import com.weaver.common.base.entity.result.WeaResult; +import com.weaver.ebuilder.datasource.api.entity.SqlParamEntity; +import com.weaver.ebuilder.datasource.api.enums.SqlParamType; import com.weaver.framework.rpc.annotation.RpcReference; import com.weaver.seconddev.jcldoor.util.DatabaseUtils; import com.weaver.teams.domain.user.SimpleEmployee; @@ -107,16 +109,24 @@ public class PortalCollaborationInfoCmd { String sql =" select count(1) as count\n" + " from blog " + - " where creator='"+employeeId+"'\n" + - " and left(BLOG_TIME,10) >='"+startday+"'\n" + - " and left(BLOG_TIME,10) <='"+endday+"'\n" + + " where creator=?\n" + + " and left(BLOG_TIME,10) >=?\n" + + " and left(BLOG_TIME,10) <=?\n" + " and type='blog'\n" + - " and TENANT_KEY = '"+tenant_key+"'\n" + + " and TENANT_KEY = ?\n" + " and MODULE = 'blog'\n" + " and DELETE_TYPE = 0\n" + " and CONTENT is not null" ; - Map result = databaseUtils.execute(sourceType, groupId, sql); + List strlist = new ArrayList<>(100); + strlist.add(employeeId); + strlist.add(startday); + strlist.add(endday); + strlist.add(tenant_key); + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + + Map result = databaseUtils.executeForQuery(sourceType, groupId, sql,sqlparam); List> recordList = databaseUtils.getDataSourceList(result); if(recordList.size()>0){ dataMap = recordList.get(0); @@ -159,11 +169,18 @@ public class PortalCollaborationInfoCmd { } String sql = " select count(1) as count from document " + - " where CREATOR='"+employeeId+"'\n" + - " and left(create_time,10)>='"+startday+"' and left(create_time,10) <= '"+endday+"'" ; + " where CREATOR=?\n" + + " and left(create_time,10)>=? and left(create_time,10) <= ?" ; log.error("PortalDocCreateCountCmd sql:"+sql); - Map result = databaseUtils.execute(sourceType, groupId, sql); + List strlist = new ArrayList<>(100); + strlist.add(employeeId); + strlist.add(startday); + strlist.add(endday); + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + + Map result = databaseUtils.executeForQuery(sourceType, groupId, sql,sqlparam); List> recordList = databaseUtils.getDataSourceList(result); if(recordList.size()>0){ dataMap = recordList.get(0); @@ -205,11 +222,19 @@ public class PortalCollaborationInfoCmd { } String sql = " select count(1) as count from cw_content " + - " where CREATOR='"+employeeId+"'\n" + - " and left(CREATE_TIME,10)>='"+startday+"' and left(CREATE_TIME,10) <= '"+endday+"'" ; + " where CREATOR=?\n" + + " and left(CREATE_TIME,10)>=? and left(CREATE_TIME,10) <= ?" ; log.error("PortalInteractCountCmd sql:"+sql); - Map result = databaseUtils.execute(sourceType, groupId, sql); + List strlist = new ArrayList<>(100); + strlist.add(employeeId); + strlist.add(startday); + strlist.add(endday); + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + + + Map result = databaseUtils.executeForQuery(sourceType, groupId, sql,sqlparam); List> recordList = databaseUtils.getDataSourceList(result); if(recordList.size()>0){ dataMap = recordList.get(0); diff --git a/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalDailyCountCmd.java b/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalDailyCountCmd.java index fa88a75..af7fd13 100644 --- a/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalDailyCountCmd.java +++ b/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalDailyCountCmd.java @@ -1,5 +1,6 @@ package com.weaver.seconddev.jcldoor.cmd; +import com.weaver.ebuilder.datasource.api.entity.SqlParamEntity; import com.weaver.seconddev.jcldoor.util.DatabaseUtils; import com.weaver.teams.domain.user.SimpleEmployee; import com.weaver.teams.security.context.UserContext; @@ -60,17 +61,25 @@ public class PortalDailyCountCmd { String sql =" select count(1) as count\n" + " from blog " + - " where creator='"+employeeId+"'\n" + - " and left(BLOG_TIME,10) >='"+startday+"'\n" + - " and left(BLOG_TIME,10) <='"+endday+"'\n" + + " where creator=?\n" + + " and left(BLOG_TIME,10) >=?\n" + + " and left(BLOG_TIME,10) <=?\n" + " and type='blog'\n" + - " and TENANT_KEY = '"+tenant_key+"'\n" + + " and TENANT_KEY = ?\n" + " and MODULE = 'blog'\n" + " and DELETE_TYPE = 0\n" + " and CONTENT is not null" ; log.error("PortalDailyCountCmd sql:"+sql); - Map result = databaseUtils.execute(sourceType, groupId, sql); + List strlist = new ArrayList<>(100); + strlist.add(employeeId); + strlist.add(startday); + strlist.add(endday); + strlist.add(tenant_key); + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + Map result = databaseUtils.executeForQuery(sourceType, groupId, sql,sqlparam); + List> recordList = databaseUtils.getDataSourceList(result); if(recordList.size()>0){ dataMap = recordList.get(0); diff --git a/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalDocCreateCountCmd.java b/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalDocCreateCountCmd.java index 17fe983..4ebd353 100644 --- a/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalDocCreateCountCmd.java +++ b/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalDocCreateCountCmd.java @@ -1,5 +1,6 @@ package com.weaver.seconddev.jcldoor.cmd; +import com.weaver.ebuilder.datasource.api.entity.SqlParamEntity; import com.weaver.seconddev.jcldoor.util.DatabaseUtils; import com.weaver.teams.domain.user.SimpleEmployee; import com.weaver.teams.security.context.UserContext; @@ -64,11 +65,19 @@ public class PortalDocCreateCountCmd { } String sql = " select count(1) as count from document " + - " where CREATOR='"+employeeId+"'\n" + - " and left(create_time,10)>='"+startday+"' and left(create_time,10) <= '"+endday+"'" ; + " where CREATOR=?\n" + + " and left(create_time,10)>=? and left(create_time,10) <= ?" ; log.error("PortalDocCreateCountCmd sql:"+sql); - Map result = databaseUtils.execute(sourceType, groupId, sql); + + List strlist = new ArrayList<>(100); + strlist.add(employeeId); + strlist.add(startday); + strlist.add(endday); + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + Map result = databaseUtils.executeForQuery(sourceType, groupId, sql,sqlparam); + List> recordList = databaseUtils.getDataSourceList(result); if(recordList.size()>0){ dataMap = recordList.get(0); diff --git a/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalInteractCountCmd.java b/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalInteractCountCmd.java index 938ca82..389c6b6 100644 --- a/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalInteractCountCmd.java +++ b/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalInteractCountCmd.java @@ -1,5 +1,6 @@ package com.weaver.seconddev.jcldoor.cmd; +import com.weaver.ebuilder.datasource.api.entity.SqlParamEntity; import com.weaver.seconddev.jcldoor.util.DatabaseUtils; import com.weaver.teams.domain.user.SimpleEmployee; import com.weaver.teams.security.context.UserContext; @@ -63,11 +64,19 @@ public class PortalInteractCountCmd { } String sql = " select count(1) as count from cw_content " + - " where CREATOR='"+employeeId+"'\n" + - " and left(CREATE_TIME,10)>='"+startday+"' and left(CREATE_TIME,10) <= '"+endday+"'" ; + " where CREATOR=?\n" + + " and left(CREATE_TIME,10)>= ? and left(CREATE_TIME,10) <= ?" ; log.error("PortalInteractCountCmd sql:"+sql); - Map result = databaseUtils.execute(sourceType, groupId, sql); + + List strlist = new ArrayList<>(100); + strlist.add(employeeId); + strlist.add(startday); + strlist.add(endday); + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + Map result = databaseUtils.executeForQuery(sourceType, groupId, sql,sqlparam); + List> recordList = databaseUtils.getDataSourceList(result); if(recordList.size()>0){ dataMap = recordList.get(0); diff --git a/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalPerformanceInfoCmd.java b/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalPerformanceInfoCmd.java index 382b656..f320940 100644 --- a/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalPerformanceInfoCmd.java +++ b/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalPerformanceInfoCmd.java @@ -1,5 +1,6 @@ package com.weaver.seconddev.jcldoor.cmd; +import com.weaver.ebuilder.datasource.api.entity.SqlParamEntity; import com.weaver.seconddev.jcldoor.util.DatabaseUtils; import com.weaver.teams.domain.user.SimpleEmployee; import com.weaver.teams.security.context.UserContext; @@ -80,17 +81,25 @@ public class PortalPerformanceInfoCmd { String sql =" select left(k.real_period,10) as real_period,left(k.real_period,7) as period_month,k.kpi_scheme,k.score\n" + " from (select real_period,kpi_scheme,score\n" + " from hr_kpi_flow \n" + - " where kpi_user='"+employeeId+"' \n" + + " where kpi_user=? \n" + " and module = 'kpiFlow' \n" + " and date_type = 'month' \n" + " and delete_type = '0' " + - " and tenant_key='"+tenant_key+"'\n" + + " and tenant_key=?\n" + " and FLOW_STATUS in('noApprove','approve','finished')\n" + " order by real_period desc\n" + ") k limit 1 "; log.error("sql20-1:"+sql); - Map result = databaseUtils.execute(sourceType, groupId, sql); + + List strlist = new ArrayList<>(100); + strlist.add(employeeId); + strlist.add(tenant_key); + + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + Map result = databaseUtils.executeForQuery(sourceType, groupId, sql,sqlparam); + List> recordList = databaseUtils.getDataSourceList(result); if(CollectionUtils.isNotEmpty(recordList)){ Map recordMap = recordList.get(0); @@ -116,14 +125,22 @@ public class PortalPerformanceInfoCmd { if(StringUtils.isNotBlank(kpi_scheme)){ String sql =" select indicator_type,indicator_description,weight \n" + " from hr_kpi_scheme_indicator " + - " where scheme_id='"+kpi_scheme+"' " + + " where scheme_id=? " + " and indicator_mode='quantify'\n" + " and status='on' " + " and delete_type = '0'" + - " and tenant_key = '"+tenant_key+"'" ; + " and tenant_key = ?" ; log.error("sql2:"+sql); - Map result = databaseUtils.execute(sourceType, groupId, sql); + + List strlist = new ArrayList<>(100); + strlist.add(kpi_scheme); + strlist.add(tenant_key); + + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + Map result = databaseUtils.executeForQuery(sourceType, groupId, sql,sqlparam); + List> recordList = databaseUtils.getDataSourceList(result); log.error("recordList:"+recordList.size()); @@ -141,13 +158,13 @@ public class PortalPerformanceInfoCmd { " where kpi_details in( " + " select id\n" + " from hr_kpi_details " + - " where KPI_SCHEME='"+kpi_scheme+"'\n" + + " where KPI_SCHEME=?\n" + " and MODULE='kpiSchemeSetting'\n" + - " and TENANT_KEY='"+tenant_key+"'\n" + + " and TENANT_KEY=?\n" + " and DELETE_TYPE = 0" + " )\n" + " and module = 'kpiSchemeSetting'\n" + - " and tenant_key = '"+tenant_key+"'\n" + + " and tenant_key = ?\n" + " and delete_type = '0'\n" + " and property in('weight', 'describe', 'type')\n" + " and data_row in ( \n" + @@ -158,21 +175,34 @@ public class PortalPerformanceInfoCmd { " where kpi_details in ( " + " select id\n" + " from hr_kpi_details " + - " where KPI_SCHEME='"+kpi_scheme+"'\n" + + " where KPI_SCHEME=?\n" + " and MODULE='kpiSchemeSetting'\n" + - " and TENANT_KEY='"+tenant_key+"'\n" + + " and TENANT_KEY=?\n" + " and DELETE_TYPE = 0" + " )\n" + " and PROPERTY = 'weight'\n" + " and MODULE = 'kpiSchemeSetting'\n" + - " and TENANT_KEY = '"+tenant_key+"'\n" + + " and TENANT_KEY = ?\n" + " and DELETE_TYPE = '0'\n" + " order by name desc\n" + " ) w limit 1 \n" + " ) p\n" + " )"; log.error("sql3:"+sql); - Map result2 = databaseUtils.execute(sourceType, groupId, sql); + + List strlist2 = new ArrayList<>(100); + strlist2.add(kpi_scheme); + strlist2.add(tenant_key); + strlist2.add(tenant_key); + strlist2.add(kpi_scheme); + strlist2.add(tenant_key); + strlist2.add(tenant_key); + + + List sqlparam2 = databaseUtils.getSqlParamEntity(strlist2); + Map result2 = databaseUtils.executeForQuery(sourceType, groupId, sql,sqlparam2); + + List> recordList2 = databaseUtils.getDataSourceList(result2); log.error("recordList2:"+recordList2.size()); for(int i=0;i result3 = databaseUtils.execute(sourceType, groupId, sql); + + List strlist3 = new ArrayList<>(100); + strlist3.add(kpi_scheme); + strlist3.add(tenant_key); + strlist3.add(tenant_key); + + List sqlparam3 = databaseUtils.getSqlParamEntity(strlist); + Map result3 = databaseUtils.executeForQuery(sourceType, groupId, sql,sqlparam3); + + List> recordList3 = databaseUtils.getDataSourceList(result3); for(int k=0;k recordMap3 = recordList3.get(k); @@ -232,20 +271,29 @@ public class PortalPerformanceInfoCmd { " where kpi_details in( " + " select id\n" + " from hr_kpi_details " + - " where KPI_SCHEME='"+kpi_scheme+"'\n" + + " where KPI_SCHEME=?\n" + " and MODULE='kpiSchemeSetting'\n" + - " and TENANT_KEY='"+tenant_key+"'\n" + + " and TENANT_KEY=?\n" + " and DELETE_TYPE = 0" + " )\n" + " and MODULE = 'kpiSchemeSetting'\n" + - " and TENANT_KEY = '"+tenant_key+"'\n" + + " and TENANT_KEY = ?\n" + " and DELETE_TYPE = '0'\n" + " and property in('weight', 'describe', 'type')\n" + - " and data_row in("+data_row+")" ; + " and data_row in(?)" ; log.error("sql5:"+sql); - Map result2 = databaseUtils.execute(sourceType, groupId, sql); + List strlist2 = new ArrayList<>(100); + strlist2.add(kpi_scheme); + strlist2.add(tenant_key); + strlist2.add(tenant_key); + strlist2.add(data_row); + + + List sqlparam2 = databaseUtils.getSqlParamEntity(strlist2); + Map result2 = databaseUtils.executeForQuery(sourceType, groupId, sql,sqlparam2); + List> recordList2 = databaseUtils.getDataSourceList(result2); for(int i=0;i= '" +startDay+"'" + - " and left(real_period,10) <='" + endDay +"'" + + " where kpi_user=? " + + " and left(real_period,10) >= ?" + + " and left(real_period,10) <=?" + " and module = 'kpiFlow'" + " and date_type = 'month'" + " and flow_status in('noApprove','approve','finished') \n" + " and delete_type = '0'" + - " and tenant_key='"+tenant_key+"' " ; + " and tenant_key=? " ; log.error("getWholeYearKpi2-sql:"+sql); dataMap = new HashMap(); - Map result = databaseUtils.execute(sourceType, groupId, sql); + List strlist = new ArrayList<>(100); + strlist.add(employeeId); + strlist.add(startDay+""); + strlist.add(endDay+""); + strlist.add(tenant_key); + + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + Map result = databaseUtils.executeForQuery(sourceType, groupId, sql,sqlparam); + + List> recordList = databaseUtils.getDataSourceList(result); if(CollectionUtils.isNotEmpty(recordList)){ Map recordMap = recordList.get(0); diff --git a/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalRiskInfoCmd.java b/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalRiskInfoCmd.java index 7e7ec62..0089406 100644 --- a/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalRiskInfoCmd.java +++ b/src/main/java/com/weaver/seconddev/jcldoor/cmd/PortalRiskInfoCmd.java @@ -1,5 +1,6 @@ package com.weaver.seconddev.jcldoor.cmd; +import com.weaver.ebuilder.datasource.api.entity.SqlParamEntity; import com.weaver.seconddev.jcldoor.util.DatabaseUtils; import com.weaver.teams.domain.user.SimpleEmployee; import com.weaver.teams.security.context.UserContext; @@ -12,6 +13,7 @@ import org.springframework.stereotype.Component; import javax.servlet.http.HttpServletRequest; import java.time.LocalDate; +import java.util.ArrayList; import java.util.HashMap; import java.util.List; import java.util.Map; @@ -83,16 +85,16 @@ public class PortalRiskInfoCmd { " SELECT t.riskid,t.risk_value,t.tenant_key,t.userid\n" + " FROM pr_indrisk_data t \n" + " WHERE t.delete_type = 0 \n" + - " AND t.tenant_key = '"+tenant_key+"'\n" + - " AND t.risk_date >= '"+startDay+"'\n" + - " AND t.userid = '"+employeeId+"'\n" + + " AND t.tenant_key = ?\n" + + " AND t.risk_date >= ?\n" + + " AND t.userid = ?\n" + " union all\n" + " SELECT t.riskid,t.risk_value,t.tenant_key,t.userid \n" + " FROM pr_indrisk_data t \n" + " WHERE t.delete_type = 0 \n" + - " AND t.tenant_key = '"+tenant_key+"' \n" + - " AND t.risk_date >= '"+startDay+"' \n" + - " AND t.userid IN (select cid from eteams.emp_link where pid= '"+employeeId+"' and relation = 'senior') \n" + + " AND t.tenant_key = ? \n" + + " AND t.risk_date >= ? \n" + + " AND t.userid IN (select cid from eteams.emp_link where pid= ? and relation = 'senior') \n" + " ) k \n" + " GROUP BY k.riskid,\n" + " k.risk_value,\n" + @@ -111,7 +113,19 @@ public class PortalRiskInfoCmd { log.error("PortalRiskInfoCmd:"+sql); - Map result = databaseUtils.execute(sourceType, groupId, sql); + List strlist = new ArrayList<>(100); + strlist.add(tenant_key); + strlist.add(startDay+""); + strlist.add(employeeId+""); + strlist.add(tenant_key); + strlist.add(startDay+""); + strlist.add(employeeId+""); + + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + Map result = databaseUtils.executeForQuery(sourceType, groupId, sql,sqlparam); + + List> recordList = databaseUtils.getDataSourceList(result); for(int i=0;i recordMap2 = recordList.get(i); diff --git a/src/main/java/com/weaver/seconddev/jcldoor/cmd/ProjectAcceptanceInfoCmd.java b/src/main/java/com/weaver/seconddev/jcldoor/cmd/ProjectAcceptanceInfoCmd.java index ed864e2..09729e0 100644 --- a/src/main/java/com/weaver/seconddev/jcldoor/cmd/ProjectAcceptanceInfoCmd.java +++ b/src/main/java/com/weaver/seconddev/jcldoor/cmd/ProjectAcceptanceInfoCmd.java @@ -1,6 +1,7 @@ package com.weaver.seconddev.jcldoor.cmd; import com.weaver.common.base.entity.result.WeaResult; +import com.weaver.ebuilder.datasource.api.entity.SqlParamEntity; import com.weaver.seconddev.jcldoor.util.DatabaseUtils; import com.weaver.teams.domain.user.SimpleEmployee; import com.weaver.teams.security.context.UserContext; @@ -67,24 +68,48 @@ public class ProjectAcceptanceInfoCmd { " CONVERT(ifnull(sum(cast(t1.htyxje as decimal(18,2))),0),CHAR) as htyxje," + " CONVERT(ifnull(sum(cast(t1.sumsk as decimal(18,2))),0),CHAR) as sumsk " + " from uf_jxhs_xmys t1 \n" + - " where t1.ysrq>='" +startday+"' and t1.ysrq<='"+endday+"' " + - " and ( t1.qyjl = '"+employeeId+"' "+ - " or t1.qyjl in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= '"+employeeId+"')\n" + - " or t1.ysry = '"+employeeId+"'\n" + - " or t1.ysry in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= '"+employeeId+"')\n" + - " or t1.dqfzr = '"+employeeId+"'\n" + - " or t1.dqfzr in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= '"+employeeId+"')\n" + - " or t1.tdjl = '"+employeeId+"'\n" + - " or t1.tdjl in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= '"+employeeId+"')\n" + - " or t1.tdfzr = '"+employeeId+"'\n" + - " or t1.tdfzr in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= '"+employeeId+"')\n" + - " or t1.jgfzr = '"+employeeId+"'\n" + - " or t1.jgfzr in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= '"+employeeId+"')\n" + - " or t1.dqzj = '"+employeeId+"'\n" + - " or t1.dqzj in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= '"+employeeId+"') " + + " where t1.ysrq>=? and t1.ysrq<=? " + + " and ( t1.qyjl = ? "+ + " or t1.qyjl in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= ?)\n" + + " or t1.ysry = ?\n" + + " or t1.ysry in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= ?)\n" + + " or t1.dqfzr = ?\n" + + " or t1.dqfzr in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= ?)\n" + + " or t1.tdjl = ?\n" + + " or t1.tdjl in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= ?)\n" + + " or t1.tdfzr = ?\n" + + " or t1.tdfzr in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= ?)\n" + + " or t1.jgfzr = ?\n" + + " or t1.jgfzr in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= ?)\n" + + " or t1.dqzj = ?\n" + + " or t1.dqzj in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= ?) " + " ) " ; - Map result = databaseUtils.execute(sourceType, groupId, sql); + List strlist = new ArrayList<>(100); + strlist.add(startday); + strlist.add(endday); + strlist.add(employeeId); + + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + Map result = databaseUtils.executeForQuery(sourceType, groupId, sql,sqlparam); + + + List> recordList = databaseUtils.getDataSourceList(result); dataMap.put("datas",recordList.get(0)); diff --git a/src/main/java/com/weaver/seconddev/jcldoor/cmd/ProjectCollaborationInfoCmd.java b/src/main/java/com/weaver/seconddev/jcldoor/cmd/ProjectCollaborationInfoCmd.java index a2d8171..dbc289b 100644 --- a/src/main/java/com/weaver/seconddev/jcldoor/cmd/ProjectCollaborationInfoCmd.java +++ b/src/main/java/com/weaver/seconddev/jcldoor/cmd/ProjectCollaborationInfoCmd.java @@ -1,5 +1,6 @@ package com.weaver.seconddev.jcldoor.cmd; +import com.weaver.ebuilder.datasource.api.entity.SqlParamEntity; import com.weaver.seconddev.jcldoor.util.DatabaseUtils; import com.weaver.teams.domain.user.SimpleEmployee; import com.weaver.teams.security.context.UserContext; @@ -82,24 +83,46 @@ public class ProjectCollaborationInfoCmd { " CONVERT(ifnull(sum(cast(t1.htyxje as decimal(18,2))),0),CHAR) as htyxje," + " CONVERT(ifnull(sum(cast(t1.sumsk as decimal(18,2))),0),CHAR) as sumsk " + " from uf_jxhs_xmys t1 \n" + - " where t1.ysrq>='" +startday+"' and t1.ysrq<='"+endday+"' " + - " and ( t1.qyjl = '"+employeeId+"' "+ - " or t1.qyjl in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= '"+employeeId+"')\n" + - " or t1.ysry = '"+employeeId+"'\n" + - " or t1.ysry in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= '"+employeeId+"')\n" + - " or t1.dqfzr = '"+employeeId+"'\n" + - " or t1.dqfzr in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= '"+employeeId+"')\n" + - " or t1.tdjl = '"+employeeId+"'\n" + - " or t1.tdjl in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= '"+employeeId+"')\n" + - " or t1.tdfzr = '"+employeeId+"'\n" + - " or t1.tdfzr in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= '"+employeeId+"')\n" + - " or t1.jgfzr = '"+employeeId+"'\n" + - " or t1.jgfzr in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= '"+employeeId+"')\n" + - " or t1.dqzj = '"+employeeId+"'\n" + - " or t1.dqzj in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= '"+employeeId+"') " + + " where t1.ysrq>=? and t1.ysrq<=? " + + " and ( t1.qyjl = ? "+ + " or t1.qyjl in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= ?)\n" + + " or t1.ysry = ?\n" + + " or t1.ysry in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= ?)\n" + + " or t1.dqfzr = ?\n" + + " or t1.dqfzr in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= ?)\n" + + " or t1.tdjl = ?\n" + + " or t1.tdjl in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= ?)\n" + + " or t1.tdfzr = ?\n" + + " or t1.tdfzr in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= ?)\n" + + " or t1.jgfzr = ?\n" + + " or t1.jgfzr in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= ?)\n" + + " or t1.dqzj = ?\n" + + " or t1.dqzj in (select cid from eteams.EMP_LINK where RELATION in ('othersenior','senior') and pid= ?) " + " ) " ; - Map result = databaseUtils.execute(sourceType, groupId, sql); + List strlist = new ArrayList<>(100); + strlist.add(startday); + strlist.add(endday); + strlist.add(employeeId); + + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + Map result = databaseUtils.executeForQuery(sourceType, groupId, sql,sqlparam); + List> recordList = databaseUtils.getDataSourceList(result); dataMap.put("datas",recordList.get(0)); @@ -152,34 +175,53 @@ public class ProjectCollaborationInfoCmd { " LEFT JOIN ebdf_physical_data epd on t1.id = epd.form_data_id and epd.delete_type = 0 \n" + " WHERE t1.skje != 0 \n" + " and t1.skje IS NOT NULL " + - " and t1.xshsny >= '" + startday+"' and t1.xshsny <='"+endday+"' "+ + " and t1.xshsny >= ? and t1.xshsny <=? "+ " and (" + - " '"+employeeId+"' IN ( 2, 27, 166, 10285, 11661, 300, 876, 3593, 1416, 1647, 1844,3044480226941419013,794508876297846787 ) \n" + + " ? IN ( 2, 27, 166, 10285, 11661, 300, 876, 3593, 1416, 1647, 1844,3044480226941419013,794508876297846787 ) \n" + " or cast(t1.xsjl AS decimal(25,0)) in( \n" + - " SELECT cid AS id FROM eteams.emp_link WHERE pid = '"+employeeId+"' and RELATION in ('othersenior','senior') \n" + + " SELECT cid AS id FROM eteams.emp_link WHERE pid = ? and RELATION in ('othersenior','senior') \n" + " UNION " + - " SELECT id FROM eteams.employee WHERE id = '"+employeeId+"' " + + " SELECT id FROM eteams.employee WHERE id = ? " + " )\n" + " or cast(t1.kfry AS decimal(25,0)) in(\n" + - " SELECT cid AS id FROM eteams.emp_link WHERE pid = '"+employeeId+"' and RELATION in ('othersenior','senior') \n" + + " SELECT cid AS id FROM eteams.emp_link WHERE pid = ? and RELATION in ('othersenior','senior') \n" + " UNION " + - " SELECT id FROM eteams.employee WHERE id = '"+employeeId+"' " + + " SELECT id FROM eteams.employee WHERE id = ? " + " )\n" + " or cast(t1.qdjl AS decimal(25,0)) in(\n" + - " SELECT cid AS id FROM eteams.emp_link WHERE pid = '"+employeeId+"' and RELATION in ('othersenior','senior') \n" + + " SELECT cid AS id FROM eteams.emp_link WHERE pid = ? and RELATION in ('othersenior','senior') \n" + " UNION " + - " SELECT id FROM eteams.employee WHERE id = '"+employeeId+"' " + + " SELECT id FROM eteams.employee WHERE id = ? " + " )\n" + " or cast(t1.xmjl AS decimal(25,0)) in(\n" + - " SELECT cid AS id FROM eteams.emp_link WHERE pid = '"+employeeId+"' and RELATION in ('othersenior','senior') \n" + + " SELECT cid AS id FROM eteams.emp_link WHERE pid = ? and RELATION in ('othersenior','senior') \n" + " UNION " + - " SELECT id FROM eteams.employee WHERE id = '"+employeeId+"' " + + " SELECT id FROM eteams.employee WHERE id = ? " + " )\n" + " )\n" + " order by t1.id " ; log.error("PorojectReceiptsInfoCmd sql:"+sql); - Map result = databaseUtils.execute(sourceType, groupId, sql); + + List strlist = new ArrayList<>(100); + strlist.add(startday); + strlist.add(endday); + strlist.add(employeeId); + + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + ; + + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + Map result = databaseUtils.executeForQuery(sourceType, groupId, sql,sqlparam); + List> recordList = databaseUtils.getDataSourceList(result); if(!CollectionUtils.isEmpty(recordList)){ dataMap.put("datas",recordList.get(0)); diff --git a/src/main/java/com/weaver/seconddev/jcldoor/cmd/ProjectReceiptsInfoCmd.java b/src/main/java/com/weaver/seconddev/jcldoor/cmd/ProjectReceiptsInfoCmd.java index 002d75b..700dbf1 100644 --- a/src/main/java/com/weaver/seconddev/jcldoor/cmd/ProjectReceiptsInfoCmd.java +++ b/src/main/java/com/weaver/seconddev/jcldoor/cmd/ProjectReceiptsInfoCmd.java @@ -1,6 +1,7 @@ package com.weaver.seconddev.jcldoor.cmd; import com.weaver.common.base.entity.result.WeaResult; +import com.weaver.ebuilder.datasource.api.entity.SqlParamEntity; import com.weaver.seconddev.jcldoor.util.DatabaseUtils; import com.weaver.teams.domain.user.SimpleEmployee; import com.weaver.teams.security.context.UserContext; @@ -76,34 +77,53 @@ public class ProjectReceiptsInfoCmd { " LEFT JOIN ebdf_physical_data epd on t1.id = epd.form_data_id and epd.delete_type = 0 \n" + " WHERE t1.skje != 0 \n" + " and t1.skje IS NOT NULL " + - " and t1.xshsny >= '" + startday+"' and t1.xshsny <='"+endday+"' "+ + " and t1.xshsny >= ? and t1.xshsny <=? "+ " and (" + - " '"+employeeId+"' IN ( 2, 27, 166, 10285, 11661, 300, 876, 3593, 1416, 1647, 1844,3044480226941419013,794508876297846787 ) \n" + + " ? IN ( 2, 27, 166, 10285, 11661, 300, 876, 3593, 1416, 1647, 1844,3044480226941419013,794508876297846787 ) \n" + " or cast(t1.xsjl AS decimal(25,0)) in( \n" + - " SELECT cid AS id FROM eteams.emp_link WHERE pid = '"+employeeId+"' and RELATION in ('othersenior','senior') \n" + + " SELECT cid AS id FROM eteams.emp_link WHERE pid = ? and RELATION in ('othersenior','senior') \n" + " UNION " + - " SELECT id FROM eteams.employee WHERE id = '"+employeeId+"' " + + " SELECT id FROM eteams.employee WHERE id = ? " + " )\n" + " or cast(t1.kfry AS decimal(25,0)) in(\n" + - " SELECT cid AS id FROM eteams.emp_link WHERE pid = '"+employeeId+"' and RELATION in ('othersenior','senior') \n" + + " SELECT cid AS id FROM eteams.emp_link WHERE pid = ? and RELATION in ('othersenior','senior') \n" + " UNION " + - " SELECT id FROM eteams.employee WHERE id = '"+employeeId+"' " + + " SELECT id FROM eteams.employee WHERE id = ? " + " )\n" + " or cast(t1.qdjl AS decimal(25,0)) in(\n" + - " SELECT cid AS id FROM eteams.emp_link WHERE pid = '"+employeeId+"' and RELATION in ('othersenior','senior') \n" + + " SELECT cid AS id FROM eteams.emp_link WHERE pid = ? and RELATION in ('othersenior','senior') \n" + " UNION " + - " SELECT id FROM eteams.employee WHERE id = '"+employeeId+"' " + + " SELECT id FROM eteams.employee WHERE id = ? " + " )\n" + " or cast(t1.xmjl AS decimal(25,0)) in(\n" + - " SELECT cid AS id FROM eteams.emp_link WHERE pid = '"+employeeId+"' and RELATION in ('othersenior','senior') \n" + + " SELECT cid AS id FROM eteams.emp_link WHERE pid = ? and RELATION in ('othersenior','senior') \n" + " UNION " + - " SELECT id FROM eteams.employee WHERE id = '"+employeeId+"' " + + " SELECT id FROM eteams.employee WHERE id = ? " + " )\n" + " )\n" + " order by t1.id " ; log.error("PorojectReceiptsInfoCmd sql:"+sql); - Map result = databaseUtils.execute(sourceType, groupId, sql); + + List strlist = new ArrayList<>(100); + strlist.add(startday); + strlist.add(endday); + strlist.add(employeeId); + + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + strlist.add(employeeId); + ; + + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + Map result = databaseUtils.executeForQuery(sourceType, groupId, sql,sqlparam); + List> recordList = databaseUtils.getDataSourceList(result); if(!CollectionUtils.isEmpty(recordList)){ dataMap.put("datas",recordList.get(0)); diff --git a/src/main/java/com/weaver/seconddev/jcldoor/cmd/UserInfoCmd.java b/src/main/java/com/weaver/seconddev/jcldoor/cmd/UserInfoCmd.java index d15d2d7..db7acd8 100644 --- a/src/main/java/com/weaver/seconddev/jcldoor/cmd/UserInfoCmd.java +++ b/src/main/java/com/weaver/seconddev/jcldoor/cmd/UserInfoCmd.java @@ -1,6 +1,7 @@ package com.weaver.seconddev.jcldoor.cmd; import com.weaver.common.base.entity.result.WeaResult; +import com.weaver.ebuilder.datasource.api.entity.SqlParamEntity; import com.weaver.framework.rpc.annotation.RpcReference; import com.weaver.seconddev.jcldoor.util.CommonUtils; import com.weaver.seconddev.jcldoor.util.DatabaseUtils; @@ -19,10 +20,7 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Component; import java.text.ParseException; import java.text.SimpleDateFormat; -import java.util.Date; -import java.util.HashMap; -import java.util.List; -import java.util.Map; +import java.util.*; /** * 人员基本信息 @@ -83,13 +81,21 @@ public class UserInfoCmd { " left join eteams.department b on a.department = b.id " + " left join eteams.position c on c.id = a.position " + "where " + - " a.id = '" + userid + "' " + - " and a.tenant_key = '" + tenant_key + "' " + + " a.id = ? " + + " and a.tenant_key = ? " + " and a.status = 'normal' " + " and a.type = 'inside'"; log.error("getuserIfo--dataSql:" + dataSql); - Map result = databaseUtils.execute(sourceType, groupId, dataSql); + + List strlist = new ArrayList<>(100); + strlist.add(userid); + strlist.add(tenant_key); + + + List sqlparam = databaseUtils.getSqlParamEntity(strlist); + Map result = databaseUtils.executeForQuery(sourceType, groupId, dataSql,sqlparam); + List> recordList = databaseUtils.getDataSourceList(result); if (CollectionUtils.isNotEmpty(recordList)) { recordMap = recordList.get(0); diff --git a/src/main/java/com/weaver/seconddev/jcldoor/util/DatabaseUtils.java b/src/main/java/com/weaver/seconddev/jcldoor/util/DatabaseUtils.java index f0d6b6a..9142e25 100644 --- a/src/main/java/com/weaver/seconddev/jcldoor/util/DatabaseUtils.java +++ b/src/main/java/com/weaver/seconddev/jcldoor/util/DatabaseUtils.java @@ -4,6 +4,7 @@ import cn.hutool.core.codec.Base64; import cn.hutool.core.collection.CollectionUtil; import com.alibaba.fastjson.JSONObject; import com.weaver.ebuilder.datasource.api.entity.SqlParamEntity; +import com.weaver.ebuilder.datasource.api.enums.SqlParamType; import com.weaver.ebuilder.datasource.api.query.dto.dw.DynamicParamDto; import com.weaver.ebuilder.datasource.api.query.dto.dw.FieldQuery; import com.weaver.ebuilder.datasource.api.query.dto.dw.GroupQuery; @@ -273,4 +274,20 @@ public class DatabaseUtils { return new StringBuffer().append(sql).append( " LIMIT "+start+","+(end-start)).toString(); } + + /** + * 获取sql入参 + * @param list + * @return + */ + public List getSqlParamEntity(List list){ + List sqlparam = new ArrayList(); + for (String str : list){ + SqlParamEntity sqlParamEntity = new SqlParamEntity(); + sqlParamEntity.setParamType(SqlParamType.VARCHAR); + sqlParamEntity.setValue(str); + sqlparam.add(sqlParamEntity); + } + return sqlparam; + } }