创建合同错误

2019-05-25 23:39:13,627 [ERROR][XNIO-1 task-172][ErpInterceptor.java:51] 响应错误 yyyy-MM-dd HH:mm:ss} [ERROR]-[Thread: XNIO-1 task-172]-[com.kakarote.crm9.common.interceptor.ErpInterceptor.intercept()]: 响应错误 com.jfinal.plugin.activerecord.ActiveRecordException: java.sql.SQLException: sql injection violation, syntax error: syntax error, error in :'ract when num = ? ',expect WHEN, actual WHEN when :     select * from snowerp_crm_contract when num = ?         at com.jfinal.plugin.activerecord.Model.find(Model.java:690)         at com.jfinal.plugin.activerecord.Model.find(Model.java:703)         at com.jfinal.plugin.activerecord.Model.findFirst(Model.java:726)         at com.kakarote.crm9.erp.crm.service.CrmContractService.saveAndUpdate(CrmContractService.java:125)         at com.kakarote.crm9.erp.crm.service.CrmContractService$$EnhancerByCGLIB$$46fbf1f.CGLIB$saveAndUpdate$6()         at com.kakarote.crm9.erp.crm.service.CrmContractService$$EnhancerByCGLIB$$46fbf1f$$FastClassByCGLIB$$2e6d429c.invoke()         at net.sf.cglib.proxy.MethodProxy.invokeSuper(MethodProxy.java:228)         at com.jfinal.aop.Invocation.invoke(Invocation.java:81)         at com.jfinal.plugin.activerecord.tx.Tx.intercept(Tx.java:77)         at com.jfinal.aop.Invocation.invoke(Invocation.java:68)         at com.jfinal.aop.Callback.intercept(Callback.java:68)         at com.kakarote.crm9.erp.crm.service.CrmContractService$$EnhancerByCGLIB$$46fbf1f.saveAndUpdate()         at com.kakarote.crm9.erp.crm.controller.CrmContractController.saveAndUpdate(CrmContractController.java:72)         at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)         at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)         at java.lang.reflect.Method.invoke(Method.java:498)         at com.jfinal.aop.Invocation.invoke(Invocation.java:74)         at com.kakarote.crm9.erp.crm.common.CrmInterceptor.intercept(CrmInterceptor.java:9)         at com.jfinal.aop.Invocation.invoke(Invocation.java:68)         at com.kakarote.crm9.common.interceptor.ErpInterceptor.intercept(ErpInterceptor.java:48)         at com.jfinal.aop.Invocation.invoke(Invocation.java:68)         at com.jfinal.core.ActionHandler.handle(ActionHandler.java:89)         at com.jfinal.plugin.druid.DruidStatViewHandler.handle(DruidStatViewHandler.java:81)         at com.jfinal.core.JFinalFilter.doFilter(JFinalFilter.java:89)         at io.undertow.servlet.core.ManagedFilter.doFilter(ManagedFilter.java:61)         at io.undertow.servlet.handlers.FilterHandler$FilterChainImpl.doFilter(FilterHandler.java:131)         at io.undertow.servlet.handlers.FilterHandler.handleRequest(FilterHandler.java:84)         at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)         at io.undertow.servlet.handlers.ServletChain$1.handleRequest(ServletChain.java:68)         at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)         at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:132)         at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)         at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)         at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)         at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)         at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)         at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)         at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)         at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)         at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)         at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:292)         at io.undertow.servlet.handlers.ServletInitialHandler.access$100(ServletInitialHandler.java:81)         at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:138)         at io.undertow.servlet.handlers.ServletInitialHandler$2.call(ServletInitialHandler.java:135)         at io.undertow.servlet.core.ServletRequestContextThreadSetupAction$1.call(ServletRequestContextThreadSetupAction.java:48)         at io.undertow.servlet.core.ContextClassLoaderSetupAction$1.call(ContextClassLoaderSetupAction.java:43)         at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:272)         at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:81)         at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:104)         at io.undertow.server.Connectors.executeRootHandler(Connectors.java:364)         at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830)         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)         at java.lang.Thread.run(Thread.java:748) Caused by: java.sql.SQLException: sql injection violation, syntax error: syntax error, error in :'ract when num = ? ',expect WHEN, actual WHEN when :     select * from snowerp_crm_contract when num = ?         at com.alibaba.druid.wall.WallFilter.check(WallFilter.java:725)         at com.alibaba.druid.wall.WallFilter.connection_prepareStatement(WallFilter.java:253)         at com.alibaba.druid.filter.FilterChainImpl.connection_prepareStatement(FilterChainImpl.java:448)         at com.alibaba.druid.filter.FilterAdapter.connection_prepareStatement(FilterAdapter.java:928)         at com.alibaba.druid.filter.FilterEventAdapter.connection_prepareStatement(FilterEventAdapter.java:122)         at com.alibaba.druid.filter.FilterChainImpl.connection_prepareStatement(FilterChainImpl.java:448)         at com.alibaba.druid.proxy.jdbc.ConnectionProxyImpl.prepareStatement(ConnectionProxyImpl.java:342)         at com.alibaba.druid.pool.DruidPooledConnection.prepareStatement(DruidPooledConnection.java:346)         at sun.reflect.GeneratedMethodAccessor2.invoke(Unknown Source)         at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)         at java.lang.reflect.Method.invoke(Method.java:498)         at com.jfinal.plugin.activerecord.SqlReporter.invoke(SqlReporter.java:58)         at com.sun.proxy.$Proxy10.prepareStatement(Unknown Source)         at com.jfinal.plugin.activerecord.Model.find(Model.java:676)         at com.jfinal.plugin.activerecord.Model.find(Model.java:688)         ... 54 more Caused by: com.alibaba.druid.sql.parser.ParserException: syntax error, error in :'ract when num = ? ',expect WHEN, actual WHEN when         at com.alibaba.druid.sql.parser.SQLParser.printError(SQLParser.java:239)         at com.alibaba.druid.sql.parser.SQLStatementParser.parseStatementList(SQLStatementParser.java:362)         at com.alibaba.druid.sql.parser.SQLStatementParser.parseStatementList(SQLStatementParser.java:79)         at com.alibaba.druid.wall.WallProvider.checkInternal(WallProvider.java:620)         at com.alibaba.druid.wall.WallProvider.check(WallProvider.java:574)         at com.alibaba.druid.wall.WallFilter.check(WallFilter.java:712)         ... 68 more
已邀请:
请更新到最新版本的程序

要回复问题请先登录注册