diff --git a/framework/src/main/java/cn/lili/modules/search/utils/SqlFilter.java b/framework/src/main/java/cn/lili/modules/search/utils/SqlFilter.java
index 3b266357..5b88478e 100644
--- a/framework/src/main/java/cn/lili/modules/search/utils/SqlFilter.java
+++ b/framework/src/main/java/cn/lili/modules/search/utils/SqlFilter.java
@@ -19,11 +19,13 @@ public class SqlFilter {
 
     // SQL注入过滤
     static final String SQL_KEYWORDS_PATTERN =
-            "(?i)(SELECT|FROM|WHERE|CONCAT|AND|OR|NOT|INSERT|UPDATE|DELETE|CREATE" +
-            "|TABLE|INDEX|VIEW|DROP|ALTER|COLUMN|ADD|SET|GROUP|BY" +
-            "|HAVING|ORDER|ASC|DESC|LIKE|IN|BETWEEN|IS|NULL|TRUE|FALSE" +
-            "|JOIN|LEFT|RIGHT|INNER|OUTER|FULL|ON|AS|DISTINCT|COUNT" +
-            "|MAX|MIN|SUM|AVG|IF|RAND|UPDATEXML|EXTRACTVALUE|LOAD_FILE|SLEEP|OFFSET)";
+            "(?i)(SELECT|FROM|WHERE|CONCAT|AND|NOT|INSERT|UPDATE|DELETE" +
+                    "|TABLE|INDEX|VIEW|DROP|ALTER|COLUMN|ADD|SET|GROUP|BY" +
+                    "|HAVING|ORDER|ASC|DESC|LIKE|IN|BETWEEN|IS|NULL|TRUE|FALSE" +
+                    "|JOIN|LEFT|RIGHT|INNER|OUTER|FULL|ON|AS|DISTINCT|COUNT" +
+                    "|MAX|MIN|SUM|AVG|IF|RAND|UPDATEXML|EXTRACTVALUE|LOAD_FILE|SLEEP|OFFSET)";
+    // OR 影响排序字段 sort，所以暂时不过滤
+    // CREATE 影响常用排序字段， CREATE_TIME，所以暂时不过滤
     static final Pattern keywordPattern = Pattern.compile(SQL_KEYWORDS_PATTERN, Pattern.CASE_INSENSITIVE);