数据库where增加[##]操作

2022-05-27 15:00:44 +08:00 · 2022-05-27 15:00:44 +08:00 · c8a9038efe
commit c8a9038efe
parent b638d8bd65
1 changed files with 3 additions and 0 deletions
--- a/db/hotimedb.go
+++ b/db/hotimedb.go
@ -711,6 +711,9 @@ func (that *HoTimeDB) varCond(k string, v interface{}) (string, []interface{}) {
 				k = "`" + k + "`"
 			}
 			where += " " + k + "=" + ObjToStr(v)
+		case "[##]": //直接添加value到sql，需要考虑防注入，value比如："a>b"
+
+			where += " " + ObjToStr(v)
 		case "[#!]":
 			k = strings.Replace(k, "[#!]", "", -1)
 			if !strings.Contains(k, ".") {