package com.club.framework.filter;

import com.club.framework.log.ClubLogManager;
import com.club.framework.util.SecurityUtil;
import java.io.IOException;
import java.io.PrintWriter;
import java.util.Enumeration;
import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;

/* loaded from: input_file:com/club/framework/filter/SQLFilter.class */
public class SQLFilter implements Filter {
    private static final ClubLogManager logger = ClubLogManager.getLogger((Class<?>) SQLFilter.class);
    public static String badStr = null;
    FilterConfig config = null;

    public void destroy() {
        this.config = null;
    }

    public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest httpServletRequest = (HttpServletRequest) servletRequest;
        Enumeration parameterNames = httpServletRequest.getParameterNames();
        String str = "";
        while (parameterNames.hasMoreElements()) {
            String[] parameterValues = httpServletRequest.getParameterValues(((String) parameterNames.nextElement()).toString());
            if (null != parameterValues && parameterValues.length > 0) {
                for (String str2 : parameterValues) {
                    str = str + str2;
                }
            }
        }
        badStr = null;
        if (!SecurityUtil.isContainedSQL(str)) {
            filterChain.doFilter(servletRequest, servletResponse);
            return;
        }
        logger.error("[SONGOTECH]::用户发送请求参数中含有非法字符：" + str);
        String str3 = "{\"msg\":\"请勿在表单中输入敏感词汇:" + badStr + "！\",\"success\":false,\"errCode\":\"SQLFilter\"}";
        try {
            servletResponse.setContentType("application/json;charset=utf-8");
            PrintWriter writer = servletResponse.getWriter();
            writer.write(str3);
            writer.flush();
            writer.close();
        } catch (IOException e) {
            logger.error(e);
        }
    }

    public void init(FilterConfig filterConfig) throws ServletException {
        this.config = filterConfig;
    }
}
