Giter Site home page Giter Site logo

zhenfeng13 / perfect-ssm Goto Github PK

View Code? Open in Web Editor NEW
639.0 41.0 283.0 4.98 MB

:grapes:更完善的Spring+SpringMVC+Mybatis+easyUI后台管理系统(RESTful API+redis)

Home Page: http://ssm-cluster.13blog.site

License: Apache License 2.0

Java 93.08% HTML 6.92%
spring springmvc restful restful-api redis easyui mybatis java 13 dubbo

perfect-ssm's Issues

登录不上

使用 admin/123456 登录不上,页面无反应
控制台 xhr cookie 返回数据
{resultCode: 500, message: "请认真核对账号、密码!", data: null}
data
:
null
message
:
"请认真核对账号、密码!"
resultCode
:
500

关于Redis的一个问题

你好,我有一个关于Redis的问题。我单独测试了RedisUtil模块,配置了远程的Redis连接,但是我利用RedisUtil工具增加String的时候,无法在远程的redis查询到,但是调用RedisUtil的get方法可以获取到。这个是什么问题?

关于启动之后无法访问

image

请教一下,perfect-ssm项目用tomcat 启动之后,初始页面的访问地址是什么,为什么我输入 localhost:8080 是404 , localhost:8080/index.html也是404,不知道是我tomcat配置的不对还是什么问题,请回复一下,谢谢
image
image

反射型xss漏洞

您好:
我是360代码安全的工作人员,在我们的开源代码检测项目中发现perfect-ssm中存在两处反射型xss漏洞,详细信息如下:
default
在pictureManage.jsp文件的27、28行处接受了get请求中的type、grade参数,并直接在33、75行等地方进行html拼凑,导致恶意攻击者可以通过构造特定的链接

复现:
构造如下链接:
http://perfect-ssm.13blog.site/views/pictureManage.jsp?type=1&grade=%22%3E%3C/table%3E%3C/body%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E//
当管理员访问时会执行脚本
default
这里以弹框为例,实际攻击场景中会将cookie发送到受控制的服务器上

登陆问题

点击登陆按钮,提示错误:
POST http://localhost:8180/users/cookie 404 (Not Found)
send @ jquery.min.js:4
ajax @ jquery.min.js:4
login @ login.js:13
onclick @ login.jsp:49

看url是Ajax提交post请求时没有把工程路径拼完整,请问该修改哪一块?

java 初学

你好 可以将你的SSM 搭建精美实用的管理系统 这个学习教程公布吗,可以上传到公网上让我们学习吗,大神

你这源码里只有UserDao接口,没有UserDao实现吗?

很开心能学习到您的源码,
我是初学者,
UserServiceImpl类中 方法
public User login(User user) {
return userDao.login(user);
}
其中login(user)方法的实现类呢?
UserContrller类中
@RequestMapping(value = "/cookie", method = RequestMethod.POST)
@responsebody
public Result login(User user) {
System.out.println("进入 users/cookie方法");
try {
String MD5pwd = MD5Util.MD5Encode(user.getPassword(), "UTF-8");
user.setPassword(MD5pwd);
} catch (Exception e) {
user.setPassword("");
}

User resultUser = userService.login(user);
最后一行获取到的resultUser我想不明白从哪里获取而来,望解答,谢谢!

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.