package com.hld.query.util;

import com.hld.query.exception.CommonException;
import com.hld.query.exception.ErrorCode;
import java.util.List;

/* loaded from: input_file:com/hld/query/util/SqlFilter.class */
public class SqlFilter {
    public static String sqlInject(String str) {
        if (StringUtils.isBlank(str)) {
            return null;
        }
        String replace = StringUtils.replace(StringUtils.replace(StringUtils.replace(StringUtils.replace(str, SqlParams.SQL_SINGLE_QUOTE, ""), "\"", ""), ";", ""), "\\", "");
        String lowerCase = replace.toLowerCase();
        for (String str2 : new String[]{"master", "truncate", "insert", "select", "delete", "update", "declare", "alter", "drop"}) {
            if (lowerCase.contains(str2)) {
                throw new CommonException(ErrorCode.INVALID_SYMBOL, str2);
            }
        }
        return replace;
    }

    public static List<String> sqlInject(List<String> list) {
        if (list == null || list.size() == 0) {
            return list;
        }
        int size = list.size();
        for (int i = 0; i < size; i++) {
            list.set(i, sqlInject(list.get(i)));
        }
        return list;
    }

    public static List<Object> sqlInjectObject(List<Object> list) {
        if (list == null || list.size() == 0) {
            return list;
        }
        int size = list.size();
        for (int i = 0; i < size; i++) {
            String obj = list.get(i).toString();
            if (!StringUtils.isNumber(obj)) {
                list.set(i, sqlInject(obj));
            }
        }
        return list;
    }
}
