是否包含sql关键字
public static boolean sqlValidate(String str) { if (null == str || "".equals(str)) { return false; } str = str.toLowerCase();// 统一转为小写 String badStr = "'|and|exec|execute|insert|select|delete|update|count|drop|*|%|chr|mid|master|truncate|" + "char|declare|sitename|net user|xp_cmdshell|;|or|-|+|,|like'|and|exec|execute|insert|create|drop|" + "table|from|grant|use|group_concat|column_name|" + "information_schema.columns|table_schema|union|where|select|delete|update|order|by|count|*|" + "chr|mid|master|truncate|char|declare|or|;|-|--|+|,|like|//|/|%|#";// 过滤掉的sql关键字,可以手动添加 String[] badStrs = badStr.split("\\|"); for (int i = 0; i < badStrs.length; i++) { if (str.indexOf(badStrs[i]) >= 0) { return true; } } return false; }
HTTP-GET带header请求
// authorization为授权验证,若无授权验证可删除 private static JSONObject sendGet(String url, String authorization) throws IOException { CloseableHttpClient cHttpClient = HttpClients.createDefault(); HttpGet get = new HttpGet(url); get.addHeader("Content-Type", "application/json"); get.addHeader("Authorization", authorization); CloseableHttpResponse response = cHttpClient.execute(get); logger.info("Http Comunication end ! code --> " + response.getStatusLine().getStatusCode()); HttpEntity entity = response.getEntity(); String responseContent = EntityUtils.toString(entity, "UTF-8"); logger.info("URL=" + url + ",response=" + responseContent); response.close(); cHttpClient.close(); return JSONObject.parseObject(responseContent); }
HTTP-POST带header请求
private static JSONObject sendPost(String businessUrl, JSONObject sendMsgBody, String accessToken) throws IOException { CloseableHttpClient cHttpClient = HttpClients.createDefault(); HttpPost post = new HttpPost(businessUrl); post.addHeader("Content-Type", "application/json"); post.addHeader("Authorization", "Bearer " + accessToken); post.setEntity(new StringEntity(sendMsgBody.toString(), "UTF-8")); CloseableHttpResponse response = cHttpClient.execute(post); logger.info("Http Comunication end ! code --> " + response.getStatusLine().getStatusCode()); HttpEntity entity = response.getEntity(); String responseContent = EntityUtils.toString(entity, "UTF-8"); logger.info("URL=" + businessUrl + ",response=" + responseContent); response.close(); cHttpClient.close(); return JSONObject.parseObject(responseContent); }
HTTPS-POST带header请求
//设置链接超时和请求超时等参数,否则会长期停止或者崩溃 private static RequestConfig requestConfig = RequestConfig.custom().setSocketTimeout(60000).setConnectTimeout(60000).setConnectionRequestTimeout(60000).build(); public static String sendHttpsPost(String url, JSONObject params) { String responseContent = null; CloseableHttpClient httpClient = null; CloseableHttpResponse httpResponse = null; try { HttpPost httpPost = new HttpPost(url); // header httpPost.addHeader("AppKey", SystemConstants.APP_KEY); httpPost.addHeader("Secret", SystemConstants.SECRET); // body httpPost.setEntity(new StringEntity(params.toString(), "UTF-8")); httpClient = HttpClients.custom().setSSLSocketFactory(createSslConnSocketFactory()).setDefaultRequestConfig(requestConfig).build(); httpResponse = httpClient.execute(httpPost); HttpEntity httpEntity = httpResponse.getEntity(); if (httpEntity != null) { responseContent = EntityUtils.toString(httpEntity, "UTF-8"); } } catch (Exception e) { e.printStackTrace(); } finally { try { if(null != httpResponse) { httpResponse.close(); } if (null != httpClient) { httpClient.close(); } } catch (IOException e) { e.printStackTrace(); } } return responseContent; } /** * 创建SSL安全连接 * @return SSLConnectionSocketFactory */ private static SSLConnectionSocketFactory createSslConnSocketFactory() { SSLConnectionSocketFactory sslsf = null; try { SSLContext sslContext = new SSLContextBuilder().loadTrustMaterial(null, (chain, authType) -> true).build(); sslsf = new SSLConnectionSocketFactory(sslContext, new X509HostnameVerifier() { public boolean verify(String arg0, SSLSession arg1) { return true; } public void verify(String host, SSLSocket ssl) { } public void verify(String host, X509Certificate cert) { } public void verify(String host, String[] cns, String[] subjectAlts) { } }); } catch (GeneralSecurityException e) { e.printStackTrace(); } return sslsf; }
