From 3e146061dd7950749679ab3eaeab6ce63075fea2 Mon Sep 17 00:00:00 2001
From: zhangdaiscott <zhangdaiscott@163.com>
Date: Mon, 10 Oct 2022 11:18:34 +0800
Subject: [PATCH] =?UTF-8?q?=E8=A7=A3=E5=86=B3doMultiFieldsOrder()=20?=
 =?UTF-8?q?=E5=A4=9A=E5=AD=97=E6=AE=B5=E6=8E=92=E5=BA=8F=E6=96=B9=E6=B3=95?=
 =?UTF-8?q?=E5=AD=98=E5=9C=A8=E9=97=AE=E9=A2=98=EF=BC=8C=E6=B2=A1=E6=9C=89?=
 =?UTF-8?q?=E8=AF=BB=E5=8F=96=20MybatisPlus=20=E6=B3=A8=E8=A7=A3=20@TableF?=
 =?UTF-8?q?ield=20=E9=87=8C=20value=20=E7=9A=84=E5=80=BC=E3=80=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../common/system/query/QueryGenerator.java    | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)
diff --git a/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/query/QueryGenerator.java b/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/query/QueryGenerator.java
index b8e807b8..45ac9b4a 100644
--- a/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/query/QueryGenerator.java
+++ b/jeecg-boot-base-core/src/main/java/org/jeecg/common/system/query/QueryGenerator.java
@@ -193,7 +193,7 @@ public class QueryGenerator {
 			}
 		}
 		// 排序逻辑 处理
-		doMultiFieldsOrder(queryWrapper, parameterMap, fieldColumnMap.keySet());
+		doMultiFieldsOrder(queryWrapper, parameterMap, fieldColumnMap);
 				
 		//高级查询
 		doSuperQuery(queryWrapper, parameterMap, fieldColumnMap);
@@ -229,7 +229,8 @@ public class QueryGenerator {
 		}
 	}
 	
-	private static void doMultiFieldsOrder(QueryWrapper<?> queryWrapper,Map<String, String[]> parameterMap, Set<String> allFields) {
+	private static void doMultiFieldsOrder(QueryWrapper<?> queryWrapper,Map<String, String[]> parameterMap, Map<String,String> fieldColumnMap) {
+		Set<String> allFields = fieldColumnMap.keySet();
 		String column=null,order=null;
 		if(parameterMap!=null&& parameterMap.containsKey(ORDER_COLUMN)) {
 			column = parameterMap.get(ORDER_COLUMN)[0];
@@ -252,6 +253,19 @@ public class QueryGenerator {
 			}
 			//update-end-author:taoyan date:2022-5-16 for: issues/3676 获取系统用户列表时，使用SQL注入生效
 
+			//update-begin-author:scott date:2022-10-10 for:【jeecg-boot/issues/I5FJU6】doMultiFieldsOrder() 多字段排序方法存在问题
+			//多字段排序方法没有读取 MybatisPlus 注解 @TableField 里 value 的值
+			if (column.contains(",")) {
+				List<String> columnList = Arrays.asList(column.split(","));
+				String columnStrNew = columnList.stream().map(c -> fieldColumnMap.get(c)).collect(Collectors.joining(","));
+				if (oConvertUtils.isNotEmpty(columnStrNew)) {
+					column = columnStrNew;
+				}
+			}else{
+				column = fieldColumnMap.get(column);
+			}
+			//update-end-author:scott date:2022-10-10 for:【jeecg-boot/issues/I5FJU6】doMultiFieldsOrder() 多字段排序方法存在问题
+
 			//SQL注入check
 			SqlInjectionUtil.filterContent(column);
 
