From 95393ab5173277bd8a013b45601b7633ef98a9ef Mon Sep 17 00:00:00 2001 From: ikmkj <1@qq,com> Date: Thu, 8 Jan 2026 19:44:22 +0800 Subject: [PATCH] =?UTF-8?q?refactor(database):=20=E6=9B=B4=E6=96=B0?= =?UTF-8?q?=E6=95=B0=E6=8D=AE=E5=BA=93=E9=85=8D=E7=BD=AE=E5=92=8C=E5=AE=9E?= =?UTF-8?q?=E4=BD=93=E6=98=A0=E5=B0=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - 修改数据库连接URL地址 - 为所有实体类添加@TableField注解映射数据库字段 - 使用反引号标识符包裹表名和字段名 - 更新SQL查询语句使用明确字段列表 - 在配置文件中启用MyBatis安全模式防止SQL注入 - 添加MarkdownFileVO中groupingName字段的exist = false标识 --- .../com/test/bijihoudaun/entity/Grouping.java | 9 +++++-- .../com/test/bijihoudaun/entity/Image.java | 9 ++++++- .../test/bijihoudaun/entity/ImageName.java | 5 ++-- .../test/bijihoudaun/entity/MarkdownFile.java | 18 +++++++++++-- .../bijihoudaun/entity/MarkdownFileVO.java | 2 ++ .../bijihoudaun/entity/RegistrationCode.java | 10 +++++-- .../bijihoudaun/entity/SystemSetting.java | 6 ++++- .../com/test/bijihoudaun/entity/User.java | 20 ++++++++++++-- .../bijihoudaun/mapper/GroupingMapper.java | 12 ++++----- .../test/bijihoudaun/mapper/ImageMapper.java | 2 +- .../bijihoudaun/mapper/ImageNameMapper.java | 4 +-- .../mapper/MarkdownFileMapper.java | 26 +++++++++---------- .../test/bijihoudaun/mapper/UserMapper.java | 4 +-- .../src/main/resources/application-dev.yml | 4 ++- 14 files changed, 93 insertions(+), 38 deletions(-) diff --git a/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/Grouping.java b/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/Grouping.java index f3260ff..59bed50 100644 --- a/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/Grouping.java +++ b/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/Grouping.java @@ -14,11 +14,12 @@ import java.util.Date; @Data @Schema(name = "分组实体") -@TableName("grouping") +@TableName("`grouping`") public class Grouping implements Serializable { @Schema(description = "分组id",implementation = Long.class) @TableId(type = IdType.ASSIGN_ID) @JsonFormat(shape = JsonFormat.Shape.STRING) // 仅作用于此字段 + @TableField("id") private Long id; @Schema(description ="上级id",implementation = Long.class) @@ -27,15 +28,19 @@ public class Grouping implements Serializable { private Long parentId; @Schema(description = "分组名称",implementation = String.class) + @TableField("`grouping`") private String grouping; @Schema(description = "是否删除 0-未删除 1-已删除", implementation = Integer.class) @TableLogic + @TableField("is_deleted") private Integer isDeleted; @Schema(description = "删除时间", implementation = Date.class) + @TableField("deleted_at") private Date deletedAt; @Schema(description = "删除人ID", implementation = Long.class) + @TableField("deleted_by") private Long deletedBy; -} +} \ No newline at end of file diff --git a/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/Image.java b/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/Image.java index 4566762..d8d2e77 100644 --- a/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/Image.java +++ b/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/Image.java @@ -12,13 +12,16 @@ import java.util.Date; @Data @Schema(name = "图片实体") -@TableName("image") +@TableName("`image`") public class Image { @Schema(description = "图片id",implementation = Long.class) @TableId(type = IdType.AUTO) @JsonFormat(shape = JsonFormat.Shape.STRING) // 仅作用于此字段 + @TableField("id") private Long id; + @Schema(description = " 外键,关联Markdown文件ID,标识图片所属文档",implementation = Long.class ) + @TableField("markdown_id") private Long markdownId; @Schema(description = "原始文件名(用户上传时的文件名)",implementation = String.class ) @@ -30,8 +33,11 @@ public class Image { private String storedName; @Schema(description = " 图片访问URL",implementation = String.class ) + @TableField("`url`") private String url; + @Schema(description = "图片大小(字节)",implementation = Long.class ) + @TableField("`size`") private Long size; @Schema(description = "图片MIME类型(如image/jpeg)",implementation = String.class ) @@ -39,5 +45,6 @@ public class Image { private String contentType; @Schema(description = "图片上传时间",implementation = Date.class ) + @TableField("created_at") private Date createdAt; } \ No newline at end of file diff --git a/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/ImageName.java b/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/ImageName.java index 34b0e0d..ae5365f 100644 --- a/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/ImageName.java +++ b/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/ImageName.java @@ -7,11 +7,12 @@ import lombok.Data; @Data @Schema(name = "图片名称实体") -@TableName("image_name") +@TableName("`image_name`") public class ImageName { @Schema(description = "图片名称id", implementation = Long.class) @TableId(type = IdType.AUTO) @JsonFormat(shape = JsonFormat.Shape.STRING) + @TableField("id") private Long id; @Schema(description = "关联的Markdown文件ID", implementation = Long.class) @@ -21,4 +22,4 @@ public class ImageName { @Schema(description = "文件名", implementation = String.class) @TableField("file_name") private String fileName; -} +} \ No newline at end of file diff --git a/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/MarkdownFile.java b/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/MarkdownFile.java index 2b42149..f9d6026 100644 --- a/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/MarkdownFile.java +++ b/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/MarkdownFile.java @@ -14,15 +14,20 @@ import java.util.Date; @Data @Schema(name = "文本实体") -@TableName("markdown_file") +@TableName("`markdown_file`") public class MarkdownFile implements Serializable { @Schema(description = "文本id",implementation = Long.class) @TableId(type = IdType.AUTO) @JsonFormat(shape = JsonFormat.Shape.STRING) // 仅作用于此字段 + @TableField("id") private Long id; + @Schema(description = "分组表id",implementation = Long.class) + @TableField("grouping_id") private Long groupingId; + @Schema(description = "文本标题",implementation = String.class) + @TableField("`title`") private String title; @Schema(description = " 文件名(带.md后缀),用于存储和识别",implementation = String.class) @@ -30,22 +35,31 @@ public class MarkdownFile implements Serializable { private String fileName; @Schema(description = "Markdown内容,存储实际文档内容",implementation = String.class) + @TableField("`content`") private String content; + @Schema(description = "创建时间",implementation = Date.class) + @TableField("created_at") private Date createdAt; + @Schema(description = "更新时间",implementation = Date.class) + @TableField("updated_at") private Date updatedAt; @Schema(description = "是否删除 0-未删除 1-已删除", implementation = Integer.class) @TableLogic + @TableField("is_deleted") private Integer isDeleted; @Schema(description = "删除时间", implementation = Date.class) + @TableField("deleted_at") private Date deletedAt; @Schema(description = "删除人ID", implementation = Long.class) + @TableField("deleted_by") private Long deletedBy; @Schema(description = "是否私密 0-公开 1-私密", implementation = Integer.class) + @TableField("is_private") private Integer isPrivate; -} +} \ No newline at end of file diff --git a/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/MarkdownFileVO.java b/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/MarkdownFileVO.java index 2366a35..b1e1b84 100644 --- a/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/MarkdownFileVO.java +++ b/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/MarkdownFileVO.java @@ -1,10 +1,12 @@ package com.test.bijihoudaun.entity; +import com.baomidou.mybatisplus.annotation.TableField; import lombok.Data; import lombok.EqualsAndHashCode; @Data @EqualsAndHashCode(callSuper = true) public class MarkdownFileVO extends MarkdownFile { + @TableField(exist = false) private String groupingName; } \ No newline at end of file diff --git a/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/RegistrationCode.java b/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/RegistrationCode.java index e78f621..8c7517b 100644 --- a/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/RegistrationCode.java +++ b/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/RegistrationCode.java @@ -1,6 +1,7 @@ package com.test.bijihoudaun.entity; import com.baomidou.mybatisplus.annotation.IdType; +import com.baomidou.mybatisplus.annotation.TableField; import com.baomidou.mybatisplus.annotation.TableId; import com.baomidou.mybatisplus.annotation.TableName; import io.swagger.v3.oas.annotations.media.Schema; @@ -9,7 +10,7 @@ import lombok.Data; import java.io.Serializable; @Data -@TableName("registration_codes") +@TableName("`registration_codes`") @Schema(description = "注册码实体") public class RegistrationCode implements Serializable { @@ -17,17 +18,22 @@ public class RegistrationCode implements Serializable { @TableId(type = IdType.AUTO) @Schema(description = "主键ID", name = "id") + @TableField("id") private Long id; @Schema(description = "注册码", name = "code") + @TableField("`code`") private String code; @Schema(description = "过期时间", name = "expiryTime") + @TableField("expiry_time") private String expiryTime; @Schema(description = "创建者", name = "createdBy") + @TableField("created_by") private String createdBy; @Schema(description = "创建时间", name = "createdAt") + @TableField("created_at") private String createdAt; -} +} \ No newline at end of file diff --git a/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/SystemSetting.java b/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/SystemSetting.java index 700dda3..9249e9e 100644 --- a/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/SystemSetting.java +++ b/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/SystemSetting.java @@ -1,5 +1,6 @@ package com.test.bijihoudaun.entity; +import com.baomidou.mybatisplus.annotation.TableField; import com.baomidou.mybatisplus.annotation.TableId; import com.baomidou.mybatisplus.annotation.TableName; import io.swagger.v3.oas.annotations.media.Schema; @@ -8,7 +9,7 @@ import lombok.Data; import java.io.Serializable; @Data -@TableName("system_settings") +@TableName("`system_settings`") @Schema(description = "系统设置实体") public class SystemSetting implements Serializable { @@ -16,11 +17,14 @@ public class SystemSetting implements Serializable { @TableId @Schema(description = "设置键", name = "settingKey") + @TableField("`setting_key`") private String settingKey; @Schema(description = "设置值", name = "settingValue") + @TableField("`setting_value`") private String settingValue; @Schema(description = "设置描述", name = "description") + @TableField("`description`") private String description; } \ No newline at end of file diff --git a/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/User.java b/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/User.java index 7791475..f74477c 100644 --- a/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/User.java +++ b/biji-houdaun/src/main/java/com/test/bijihoudaun/entity/User.java @@ -1,6 +1,7 @@ package com.test.bijihoudaun.entity; import com.baomidou.mybatisplus.annotation.IdType; +import com.baomidou.mybatisplus.annotation.TableField; import com.baomidou.mybatisplus.annotation.TableId; import com.baomidou.mybatisplus.annotation.TableName; import com.fasterxml.jackson.annotation.JsonFormat; @@ -11,24 +12,39 @@ import java.util.Date; @Data @Schema(name = "用户实体") -@TableName("user") +@TableName("`user`") public class User { @Schema(description = "用户id",implementation = Long.class) @TableId(type = IdType.AUTO) @JsonFormat(shape = JsonFormat.Shape.STRING) // 仅作用于此字段 + @TableField("id") private Long id; + @Schema(description = "用户名",implementation = String.class) + @TableField("`username`") private String username; + @Schema(description = "密码",implementation = String.class) + @TableField("`password`") private String password; + @Schema(description = "邮箱",implementation = String.class) + @TableField("`email`") private String email; + @Schema(description = "用户创建时间",implementation = Date.class) + @TableField("created_at") private Date createdAt; + @Schema(description = "用户更新时间",implementation = Date.class) + @TableField("updated_at") private Date updatedAt; + @Schema(description = "用户token",implementation = String.class) + @TableField("`token`") private String token; + @Schema(description = "用户token过期时间",implementation = Date.class) + @TableField("token_enddata") private Date tokenEnddata; -} +} \ No newline at end of file diff --git a/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/GroupingMapper.java b/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/GroupingMapper.java index c290f5c..03141aa 100644 --- a/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/GroupingMapper.java +++ b/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/GroupingMapper.java @@ -4,8 +4,6 @@ import com.baomidou.mybatisplus.core.mapper.BaseMapper; import com.test.bijihoudaun.entity.Grouping; import org.apache.ibatis.annotations.Delete; import org.apache.ibatis.annotations.Mapper; -import org.apache.ibatis.annotations.Delete; -import org.apache.ibatis.annotations.Mapper; import org.apache.ibatis.annotations.Param; import org.apache.ibatis.annotations.Select; import org.apache.ibatis.annotations.Update; @@ -15,14 +13,14 @@ import java.util.List; @Mapper public interface GroupingMapper extends BaseMapper { - @Select("SELECT * FROM grouping WHERE is_deleted = 1") + @Select("SELECT id, parentId, `grouping`, is_deleted, deleted_at, deleted_by FROM `grouping` WHERE is_deleted = 1") List selectDeleted(); - @Delete("DELETE FROM grouping WHERE id = #{id}") + @Delete("DELETE FROM `grouping` WHERE id = #{id}") void physicalDeleteById(@Param("id") Long id); - @Update("UPDATE grouping SET is_deleted = 0, deleted_at = NULL, deleted_by = NULL WHERE id = #{id}") + @Update("UPDATE `grouping` SET is_deleted = 0, deleted_at = NULL, deleted_by = NULL WHERE id = #{id}") void restoreById(@Param("id") Long id); - @Delete("DELETE FROM grouping WHERE is_deleted = 1") + @Delete("DELETE FROM `grouping` WHERE is_deleted = 1") void physicalDeleteByIsDeleted(); -} +} \ No newline at end of file diff --git a/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/ImageMapper.java b/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/ImageMapper.java index 11d57fe..27ee794 100644 --- a/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/ImageMapper.java +++ b/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/ImageMapper.java @@ -18,6 +18,6 @@ public interface ImageMapper extends BaseMapper { * 获取所有图片记录 * @return 所有图片列表 */ - @Select("SELECT * FROM image") + @Select("SELECT id, markdown_id, original_name, stored_name, `url`, `size`, content_type, created_at FROM `image`") List findAll(); } \ No newline at end of file diff --git a/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/ImageNameMapper.java b/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/ImageNameMapper.java index 5cb7db1..5287eb3 100644 --- a/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/ImageNameMapper.java +++ b/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/ImageNameMapper.java @@ -14,6 +14,6 @@ public interface ImageNameMapper extends BaseMapper { * @param fileName 文件名 * @return 删除的记录数 */ - @Delete("DELETE FROM image_name WHERE file_name = #{fileName}") + @Delete("DELETE FROM `image_name` WHERE file_name = #{fileName}") int deleteByFileName(String fileName); -} +} \ No newline at end of file diff --git a/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/MarkdownFileMapper.java b/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/MarkdownFileMapper.java index c85d32b..f3c8f37 100644 --- a/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/MarkdownFileMapper.java +++ b/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/MarkdownFileMapper.java @@ -15,39 +15,39 @@ import org.apache.ibatis.annotations.Update; @Mapper public interface MarkdownFileMapper extends BaseMapper { - @Select("SELECT mf.*, g.grouping as groupingName " + - "FROM markdown_file mf " + - "LEFT JOIN grouping g ON mf.grouping_id = g.id " + + @Select("SELECT mf.id, mf.grouping_id, mf.`title`, mf.file_name, mf.`content`, mf.created_at, mf.updated_at, mf.is_deleted, mf.deleted_at, mf.deleted_by, mf.is_private, g.`grouping` as groupingName " + + "FROM `markdown_file` mf " + + "LEFT JOIN `grouping` g ON mf.grouping_id = g.id " + "WHERE mf.is_deleted = 0 " + "ORDER BY mf.updated_at DESC " + "LIMIT #{limit}") List selectRecentWithGrouping(@Param("limit") int limit); - @Select("SELECT mf.*, g.grouping as groupingName " + - "FROM markdown_file mf " + - "LEFT JOIN grouping g ON mf.grouping_id = g.id " + + @Select("SELECT mf.id, mf.grouping_id, mf.`title`, mf.file_name, mf.`content`, mf.created_at, mf.updated_at, mf.is_deleted, mf.deleted_at, mf.deleted_by, mf.is_private, g.`grouping` as groupingName " + + "FROM `markdown_file` mf " + + "LEFT JOIN `grouping` g ON mf.grouping_id = g.id " + "WHERE mf.grouping_id = #{groupingId} AND mf.is_deleted = 0 " + "ORDER BY mf.updated_at DESC") List selectByGroupingIdWithGrouping(@Param("groupingId") String groupingId); - @Select("SELECT * FROM markdown_file WHERE is_deleted = 1") + @Select("SELECT id, grouping_id, `title`, file_name, `content`, created_at, updated_at, is_deleted, deleted_at, deleted_by, is_private FROM `markdown_file` WHERE is_deleted = 1") List selectDeleted(); - @Delete("DELETE FROM markdown_file WHERE id = #{id}") + @Delete("DELETE FROM `markdown_file` WHERE id = #{id}") void physicalDeleteById(@Param("id") Long id); - @Delete("DELETE FROM markdown_file WHERE grouping_id = #{groupingId}") + @Delete("DELETE FROM `markdown_file` WHERE grouping_id = #{groupingId}") void physicalDeleteByGroupingId(@Param("groupingId") Long groupingId); - @Update("UPDATE markdown_file SET is_deleted = 0, deleted_at = NULL, deleted_by = NULL WHERE id = #{id}") + @Update("UPDATE `markdown_file` SET is_deleted = 0, deleted_at = NULL, deleted_by = NULL WHERE id = #{id}") void restoreById(@Param("id") Long id); - @Delete("DELETE FROM markdown_file WHERE is_deleted = 1") + @Delete("DELETE FROM `markdown_file` WHERE is_deleted = 1") void physicalDeleteByIsDeleted(); /** * 获取所有笔记ID * @return 所有笔记ID列表 */ - @Select("SELECT id FROM markdown_file WHERE is_deleted = 0") + @Select("SELECT id FROM `markdown_file` WHERE is_deleted = 0") List findAllIds(); -} +} \ No newline at end of file diff --git a/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/UserMapper.java b/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/UserMapper.java index 2fad404..c97f90f 100644 --- a/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/UserMapper.java +++ b/biji-houdaun/src/main/java/com/test/bijihoudaun/mapper/UserMapper.java @@ -8,6 +8,6 @@ import org.apache.ibatis.annotations.Select; @Mapper public interface UserMapper extends BaseMapper { // 自定义查询方法示例 - @Select("SELECT * FROM user WHERE username = #{username}") + @Select("SELECT id, `username`, `password`, `email`, created_at, updated_at, `token`, token_enddata FROM `user` WHERE username = #{username}") User findByUsername(String username); -} +} \ No newline at end of file diff --git a/biji-houdaun/src/main/resources/application-dev.yml b/biji-houdaun/src/main/resources/application-dev.yml index 982cfb9..a7806cc 100644 --- a/biji-houdaun/src/main/resources/application-dev.yml +++ b/biji-houdaun/src/main/resources/application-dev.yml @@ -13,7 +13,7 @@ spring: # driver-class-name: com.mysql.cj.jdbc.Driver - url: jdbc:mysql://panel-jp.998521.xyz:37857/biji_db?useSSL=false&serverTimezone=UTC&characterEncoding=utf8 + url: jdbc:mysql://hdy16-16.311169.xyz:20001/biji_db?useSSL=false&serverTimezone=UTC&characterEncoding=utf8 username: biji_user password: Ll12331100 jpa: @@ -30,6 +30,8 @@ mybatis-plus: mapper-locations: classpath:mapper/*.xml configuration: map-underscore-to-camel-case: true + # 启用安全模式,防止SQL注入 + safe-mode: true global-config: db-config: logic-delete-field: isDeleted # 全局逻辑删除的实体字段名