From fec73caa165bc53fd38562875c5b53acae085455 Mon Sep 17 00:00:00 2001
From: Administrator <15274802129@163.com>
Date: Wed, 21 May 2025 14:54:16 +0800
Subject: [PATCH] fix:修复会员查询 SQL 注入漏洞

---
 src/main/resources/mapper/modules/MallMemberMapper.xml |    1 +
 1 files changed, 1 insertions(+), 0 deletions(-)

diff --git a/src/main/resources/mapper/modules/MallMemberMapper.xml b/src/main/resources/mapper/modules/MallMemberMapper.xml
index 730ace8..067fd07 100644
--- a/src/main/resources/mapper/modules/MallMemberMapper.xml
+++ b/src/main/resources/mapper/modules/MallMemberMapper.xml
@@ -57,6 +57,7 @@
         left join happy_member_level c on c.code = a.director
         left join mall_member_wallet d on d.member_id = a.id
         <where>
+            and a.phone is not null
             <if test="record != null" >
                 <if test="record.birthdayQuery!=null">
                     and date_format(a.birthday, '%m-%d') = date_format(#{record.birthdayQuery}, '%m-%d')

--
Gitblit v1.9.1