NutzCN Logo
问答 druid 执行sql语句出现异常, 显示关键字
发布于 81天前 作者 wx_sriuivrra4radv45ruai 333 次浏览 复制 上一个帖子 下一个帖子
标签:

报错如下 :

Caused by: java.sql.SQLException: sql injection violation, syntax error: syntax error, error in :'AS g where 1=1  ORDER BY companycod', expect RPAREN, actual WHERE pos 192, line 1, column 187, token WHERE : select * from  ((select companycode, companycname, comtype,comlevel,enable from ggcompany   )  union  (select companycode, companycname, comtype,comlevel,validind from f_ggcompany ) AS g where 1=1  ORDER BY companycode desc )
	at com.alibaba.druid.wall.WallFilter.checkInternal(WallFilter.java:799)
	at com.alibaba.druid.wall.WallFilter.check(WallFilter.java:781)
	at com.alibaba.druid.wall.WallFilter.statement_executeQuery(WallFilter.java:527)
	at com.alibaba.druid.filter.FilterChainImpl.statement_executeQuery(FilterChainImpl.java:2828)
	at com.alibaba.druid.filter.FilterAdapter.statement_executeQuery(FilterAdapter.java:2503)
	at com.alibaba.druid.filter.FilterEventAdapter.statement_executeQuery(FilterEventAdapter.java:302)
	at com.alibaba.druid.filter.FilterChainImpl.statement_executeQuery(FilterChainImpl.java:2828)
	at com.alibaba.druid.proxy.jdbc.StatementProxyImpl.executeQuery(StatementProxyImpl.java:221)
	at com.alibaba.druid.pool.DruidPooledStatement.executeQuery(DruidPooledStatement.java:291)
	at org.nutz.dao.impl.sql.run.NutDaoExecutor._runSelect(NutDaoExecutor.java:246)
	at org.nutz.dao.impl.sql.run.NutDaoExecutor.exec(NutDaoExecutor.java:53)
	... 81 common frames omitted
Caused by: com.alibaba.druid.sql.parser.ParserException: syntax error, error in :'AS g where 1=1  ORDER BY companycod', expect RPAREN, actual WHERE pos 192, line 1, column 187, token WHERE
	at com.alibaba.druid.sql.parser.SQLParser.printError(SQLParser.java:288)
	at com.alibaba.druid.sql.parser.SQLParser.accept(SQLParser.java:296)
	at com.alibaba.druid.sql.parser.SQLSelectParser.parseTableSource(SQLSelectParser.java:685)
	at com.alibaba.druid.sql.parser.SQLSelectParser.parseFrom(SQLSelectParser.java:666)
	at com.alibaba.druid.sql.dialect.postgresql.parser.PGSelectParser.query(PGSelectParser.java:134)
	at com.alibaba.druid.sql.parser.SQLSelectParser.select(SQLSelectParser.java:59)
	at com.alibaba.druid.sql.dialect.postgresql.parser.PGSQLStatementParser.parseSelect(PGSQLStatementParser.java:331)
	at com.alibaba.druid.sql.dialect.postgresql.parser.PGSQLStatementParser.parseSelect(PGSQLStatementParser.java:40)
	at com.alibaba.druid.sql.parser.SQLStatementParser.parseStatementList(SQLStatementParser.java:149)
	at com.alibaba.druid.sql.parser.SQLStatementParser.parseStatementList(SQLStatementParser.java:83)
	at com.alibaba.druid.wall.WallProvider.checkInternal(WallProvider.java:624)
	at com.alibaba.druid.wall.WallProvider.check(WallProvider.java:578)
	at com.alibaba.druid.wall.WallFilter.checkInternal(WallFilter.java:786)
	... 91 common frames omitted

感觉使用union 这个关键字后, 系统就报错了, SQL在navicat里面运行能够查询出数据, 但是在程序中就报错, 网上也没有找到对应的解决方案, 都是说使用关键字做字段了, 但是我这里面没有用关键词做字段, 是在是不知道怎么解决这个问题了

1 回复

无视就好了,druid防火墙的问题

添加回复
请先登陆
回到顶部