修改接口漏洞

2025-02-21 10:10:45 +08:00 · 2025-02-21 10:10:45 +08:00 · 5606486228
commit 5606486228
parent 99252b5bfe
5 changed files with 18 additions and 18 deletions
--- a/src/main/java/com/syzb/common/config/cache/CacheKey.java
+++ b/src/main/java/com/syzb/common/config/cache/CacheKey.java
@ -356,6 +356,7 @@ public class CacheKey {
        public static final String USER_TOTAL_ONLINE = "user_total_online|";
        public static final String TEMP_READ_LIST = "temp_read_list";
        public static final String GROUP_MESSAGE_DATE_ID_MAP = "group_message_date_id_map|";
        public static final String ONLINE_COUNT = "online_count|";
    }
    public static final String GROUP_ONLINE_USER = "group_online_user";
--- a/src/main/java/com/syzb/group/service/common/GroupCacheService.java
+++ b/src/main/java/com/syzb/group/service/common/GroupCacheService.java
@ -30,8 +30,7 @@ import java.time.LocalDate;
 import java.util.*;
 import java.util.concurrent.TimeUnit;
-import static com.syzb.common.config.cache.CacheKey.GROUP_ONLINE_USER;
+import static com.syzb.common.config.cache.CacheKey.*;
 import static com.syzb.common.config.cache.CacheKey.VIDEO_LIVE;
@Service
 public class GroupCacheService {
@ -172,8 +171,8 @@ public class GroupCacheService {
        return hazelcastInstance.getMap(GROUP_ONLINE_USER);
    }
-    public List<OnlineUser> getTotalOnlineList(Integer videoId) {
+    public List<OnlineUser> getTotalOnlineList(Integer groupId) {
-        String sql = "SELECT * FROM " + GROUP_ONLINE_USER + " WHERE productId = " + videoId;
+        String sql = "SELECT * FROM " + GROUP_ONLINE_USER + " WHERE productId = " + groupId;
        SqlResult result = hazelcastInstance.getSql().execute(sql);
        List<OnlineUser> list = new ArrayList<>();
        for (SqlRow row : result) {
@ -193,8 +192,8 @@ public class GroupCacheService {
        return list;
    }
-    public Set<String> getOnlineUserIds(Integer videoId) {
+    public Set<String> getOnlineUserIds(Integer groupId) {
-        String sql = "SELECT distinct userId FROM " + GROUP_ONLINE_USER + " WHERE videoId = " + videoId;
+        String sql = "SELECT distinct userId FROM " + GROUP_ONLINE_USER + " WHERE productId = " + groupId;
        SqlResult result = hazelcastInstance.getSql().execute(sql);
        Set<String> set = new HashSet<>();
        for (SqlRow row : result) {
@ -206,12 +205,12 @@ public class GroupCacheService {
    /**
     * 获取在线人数
     *
-     * @param videoId 视频ID
+     * @param groupId 视频ID
     * @return 在线人数
     */
-    public int getOnlineCount(Integer videoId) {
+    public int getOnlineCount(Integer groupId) {
-        IMap<String, Object> map = hazelcastInstance.getMap(VIDEO_LIVE);
+        IMap<String, Object> map = hazelcastInstance.getMap(GROUP);
-        String cacheKey = CacheKey.VideoLiveKey.ONLINE_COUNT + videoId;
+        String cacheKey = CacheKey.GroupKey.ONLINE_COUNT + groupId;
        Integer onlineCount = (Integer) map.get(cacheKey);
        if (onlineCount != null) {
            return onlineCount;
@ -222,15 +221,15 @@ public class GroupCacheService {
                return onlineCount;
            }
            long startTime = System.currentTimeMillis();
-            onlineCount = getOnlineCountWithoutCache(videoId);
+            onlineCount = getOnlineCountWithoutCache(groupId);
-            LoggerUtil.websocket.info("getOnlineCount-" + videoId + ":" + (System.currentTimeMillis() - startTime) + "ms");
+            LoggerUtil.websocket.info("getOnlineCount-" + groupId + ":" + (System.currentTimeMillis() - startTime) + "ms");
            map.put(cacheKey, onlineCount, 2, TimeUnit.SECONDS);
        }
        return onlineCount;
    }
-    public int getOnlineCountWithoutCache(Integer videoId) {
+    public int getOnlineCountWithoutCache(Integer groupId) {
-        String sql = "SELECT COUNT(*) FROM " + GROUP_ONLINE_USER + " WHERE videoId = " + videoId + " and isOnline = 1";
+        String sql = "SELECT COUNT(*) FROM " + GROUP_ONLINE_USER + " WHERE productId = " + groupId + " and isOnline = 1";
        SqlResult result = hazelcastInstance.getSql().execute(sql);
        Iterator<SqlRow> iter = result.iterator();
        if (iter.hasNext()) {
--- a/src/main/java/com/syzb/video/query/common/UpdateVideoOptionQuery.java
+++ b/src/main/java/com/syzb/video/query/common/UpdateVideoOptionQuery.java
@ -43,6 +43,7 @@ public class UpdateVideoOptionQuery implements IVideoUserOperateQuery {
        record.setUserName(userName);
        record.setVideoId(videoId);
        record.setNum(num);
        record.setSaleUserId(saleUserId);
        record.setCreateTime(LocalDateTime.now());
        return record;
    }
--- a/src/main/java/com/syzb/video/service/admin/AdminVideoStatisticService.java
+++ b/src/main/java/com/syzb/video/service/admin/AdminVideoStatisticService.java
@ -598,7 +598,7 @@ public class AdminVideoStatisticService {
                .like(StrUtil.isNotEmpty(nickName), "u.user_name", nickName)
                .like(StrUtil.isNotEmpty(userId), "u.user_id", userId);
-//        Map<String, List<UserCoupon>> userCouponMap = Collections.emptyMap();
+//        Map<String, List<UserCoupon>> userCouponMap = couponService.queryVideoCoupon(videoId);
        if (VideoCustomerType.COMPLETE_WATCH.value.equals(type)) {
            wrapper.exists("SELECT 1 FROM video_user_watch_collect w WHERE w.video_id = u.video_id AND w.user_id = u.user_id and w.finish_read_rate >= {0}", finishReadRatio);
@ -614,7 +614,6 @@ public class AdminVideoStatisticService {
            wrapper.exists("SELECT 1 FROM app_order o WHERE o.video_id = u.video_id AND o.user_name = u.user_id AND o.status IN (" + OrderQueryService.UNPAID_STATUS_STR + ")");
        }
 //        if (VideoCustomerType.COUPON_NOT_USED.value.equals(type) || IsOrNot.IS.value.equals(hasGotCoupon)) {
 //            userCouponMap = couponService.queryVideoCoupon(videoId);
 //            if (userCouponMap.isEmpty()) {
 //                return Pager.emptyPager();
 //            }
--- a/src/main/java/com/syzb/video/service/common/VideoCacheService.java
+++ b/src/main/java/com/syzb/video/service/common/VideoCacheService.java
@ -194,7 +194,7 @@ public class VideoCacheService {
    }
    public Set<String> getOnlineUserIds(Integer videoId) {
-        String sql = "SELECT distinct userId FROM " + VIDEO_ONLINE_USER + " WHERE videoId = " + videoId;
+        String sql = "SELECT distinct userId FROM " + VIDEO_ONLINE_USER + " WHERE productId = " + videoId;
        SqlResult result = hazelcastInstance.getSql().execute(sql);
        Set<String> set = new HashSet<>();
        for (SqlRow row : result) {
@ -230,7 +230,7 @@ public class VideoCacheService {
    }
    public int getOnlineCountWithoutCache(Integer videoId) {
-        String sql = "SELECT COUNT(*) FROM " + VIDEO_ONLINE_USER + " WHERE videoId = " + videoId + " and isOnline = 1";
+        String sql = "SELECT COUNT(*) FROM " + VIDEO_ONLINE_USER + " WHERE productId = " + videoId + " and isOnline = 1";
        SqlResult result = hazelcastInstance.getSql().execute(sql);
        Iterator<SqlRow> iter = result.iterator();
        if (iter.hasNext()) {