場景
//防止sql注入 Stream<String> idList =accDocIDList.stream().map((x) -> { if (x.matches("[^a-zA-Z0-9-]")) { //throw new BalanceException("xxx-xxx", "hehe"); throw new RuntimeException("非法憑證ID"); } return String.format("'%1$s'", x); }); parameters = new IDbParameter[] { bqlExecuter.makeInParam("funcID", funcID), bqlExecuter.makeInParam("userID", userID), bqlExecuter.makeInParam("accOrgID", accOrgID), bqlExecuter.makeInParam("AccLedgerID", ledger), bqlExecuter.makeInParam("year", year), bqlExecuter.makeInParam("flag", "1"), bqlExecuter.makeInParam("accPeriodID", accPeriodID), }; //分頁 int pageSize = 900; int pageNum = 0; while (pageNum * pageSize < accDocIDList.size()) { List<String> list = idList.skip(pageNum*pageSize).limit(pageSize).collect(Collectors.toList()); //此處會重新使用流 第二次循環會報錯 stream has already been operated upon or closed String idsql = bql + " and A.ID in (" + String.join(",", list) + ")"; var ret = bqlExecuter.executeBqlStatement(idsql, refEntityIDs, parameters); pageNum++; }
解決方法 使用Supplier
//防止sql注入 Supplier< Stream<String>> idList = ()->accDocIDList.stream().map((x) -> { if (x.matches("[^a-zA-Z0-9-]")) { //throw new BalanceException("xxx-xxx", "hehe"); throw new RuntimeException("非法憑證ID"); } return String.format("'%1$s'", x); }); parameters = new IDbParameter[] { bqlExecuter.makeInParam("funcID", funcID), bqlExecuter.makeInParam("userID", userID), bqlExecuter.makeInParam("accOrgID", accOrgID), bqlExecuter.makeInParam("AccLedgerID", ledger), bqlExecuter.makeInParam("year", year), bqlExecuter.makeInParam("flag", "1"), bqlExecuter.makeInParam("accPeriodID", accPeriodID), }; //分頁 int pageSize = 900; int pageNum = 0; while (pageNum * pageSize < accDocIDList.size()) { List<String> list = idList.get().skip(pageNum*pageSize).limit(pageSize).collect(Collectors.toList()); String idsql = bql + " and A.ID in (" + String.join(",", list) + ")"; var ret = bqlExecuter.executeBqlStatement(idsql, refEntityIDs, parameters); pageNum++; }