fix: 修复SQL注入漏洞

core/core-backend/src/main/java/io/dataease/datasource/provider/H2EngineProvider.java

@@ -14,6 +14,7 @@ import org.apache.commons.lang3.StringUtils;
 import org.springframework.stereotype.Service;
 
 import java.sql.Connection;
+import java.sql.PreparedStatement;
 import java.sql.Statement;
 import java.util.Arrays;
 import java.util.List;
@@ -28,7 +29,9 @@ public class H2EngineProvider extends EngineProvider {
         CoreDatasource datasource = new CoreDatasource();
         BeanUtils.copyBean(datasource, engineRequest.getEngine());
         try (Connection connection = getConnection(datasource); Statement stat = getStatement(connection, queryTimeout)) {
-            Boolean result = stat.execute(engineRequest.getQuery());
+            PreparedStatement preparedStatement = connection.prepareStatement(engineRequest.getQuery());
+            preparedStatement.setQueryTimeout(queryTimeout);
+            Boolean result = preparedStatement.execute();
         } catch (Exception e) {
             throw e;
         }

core/core-backend/src/main/java/io/dataease/datasource/provider/MysqlEngineProvider.java

@@ -14,6 +14,7 @@ import org.apache.commons.lang3.StringUtils;
 import org.springframework.stereotype.Service;
 
 import java.sql.Connection;
+import java.sql.PreparedStatement;
 import java.sql.Statement;
 import java.util.Arrays;
 import java.util.List;
@@ -32,7 +33,9 @@ public class MysqlEngineProvider extends EngineProvider {
         CoreDatasource datasource = new CoreDatasource();
         BeanUtils.copyBean(datasource, engineRequest.getEngine());
         try (Connection connection = getConnection(datasource); Statement stat = getStatement(connection, queryTimeout)) {
-            Boolean result = stat.execute(engineRequest.getQuery());
+            PreparedStatement preparedStatement = connection.prepareStatement(engineRequest.getQuery());
+            preparedStatement.setQueryTimeout(queryTimeout);
+            Boolean result = preparedStatement.execute();
         } catch (Exception e) {
             throw e;
         }