refactor(national-motion-system):修复 MyBatis XML 配置中的 SQL 注入漏洞

-将 {exportConditionDTO.gameId} 和 {exportConditionDTO.projectId} 替换为 #{exportConditionDTO.gameId} 和 #{exportConditionDTO.projectId}
- 使用 #{}

national-motion-module-system/national-motion-system-biz/src/main/java/org/jeecg/modules/system/app/mapper/xml/AppGameMapper.xml

@@ -289,10 +289,10 @@
                 LEFT JOIN nm_category e ON c.category_id = e.id
         WHERE 1=1
         <if test="exportConditionDTO.gameId != null and exportConditionDTO.gameId != '' and exportConditionDTO.gameId != 'ALL'">
-            AND c.game_id = {exportConditionDTO.gameId}
+            AND c.game_id = #{exportConditionDTO.gameId}
         </if>
         <if test="exportConditionDTO.projectId != null and exportConditionDTO.projectId != '' and exportConditionDTO.projectId != 'ALL'">
-            AND c.category_id = {exportConditionDTO.projectId}
+            AND c.category_id = #{exportConditionDTO.projectId}
         </if>
         <if test="exportConditionDTO.startTime != null and exportConditionDTO.startTime != ''">
             AND d.start_time <![CDATA[ >= ]]> #{exportConditionDTO.startTime}

编码规范.md

@@ -47,7 +47,6 @@
 
 #### 项目协同开发公共约定参照
 project
-```java
 
 #### 代码提交说明请按照