diff --git a/core/src/main/java/com/jinrui/reference/core/mapper/NewsMapper.java b/core/src/main/java/com/jinrui/reference/core/mapper/NewsMapper.java
index 8b086bb..3bbfe25 100644
--- a/core/src/main/java/com/jinrui/reference/core/mapper/NewsMapper.java
+++ b/core/src/main/java/com/jinrui/reference/core/mapper/NewsMapper.java
@@ -95,7 +95,7 @@ public interface NewsMapper {
"news.title like concat('%', #{keyword}, '%') " +
"" +
"" +
- "and news_column_rel.column_id in (#{column}) " +
+ "and news_column_rel.column_id in (${column}) " +
"" +
"" +
"and news.status = #{status} " +
@@ -129,7 +129,7 @@ public interface NewsMapper {
"news.title like concat('%', #{keyword}, '%') " +
"" +
"" +
- "and news_column_rel.column_id in (#{column}) " +
+ "and news_column_rel.column_id in (${column}) " +
"" +
"" +
"and news.status = #{status} " +
diff --git a/core/src/main/java/com/jinrui/reference/core/service/NewsService.java b/core/src/main/java/com/jinrui/reference/core/service/NewsService.java
index a66fae9..f8dbf98 100644
--- a/core/src/main/java/com/jinrui/reference/core/service/NewsService.java
+++ b/core/src/main/java/com/jinrui/reference/core/service/NewsService.java
@@ -31,6 +31,7 @@ import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Service;
import org.springframework.util.CollectionUtils;
+import org.springframework.util.StringUtils;
import java.util.ArrayList;
import java.util.Date;
@@ -546,6 +547,17 @@ public class NewsService {
offset = (Math.max(0, page - current)) * size;
}
+ if (StringUtils.hasText(columnParam)) {
+ String[] split = columnParam.split(",");
+ for (String item : split) {
+ try {
+ Integer.parseInt(item);
+ } catch (NumberFormatException e) {
+ return PageObject.failedPage(400, "栏目列表ID异常! column = " + columnParam);
+ }
+ }
+ }
+
List newsList;
try {
newsList = newsMapper.queryNews(keyword, columnParam, status, last, orderBy, direction, size, offset);