This commit is contained in:
Benjamin Toby 2024-11-18 18:14:15 +01:00
parent 5d9f95f37e
commit aafd76b507
6 changed files with 59 additions and 8 deletions

2
index.d.ts vendored
View File

@ -28,6 +28,7 @@ export namespace sql {
export { sqlGenerator }; export { sqlGenerator };
export { sqlInsertGenerator }; export { sqlInsertGenerator };
export { sqlDeleteGenerator }; export { sqlDeleteGenerator };
export { trimSql as trim };
} }
import uploadImage = require("./utils/upload-image"); import uploadImage = require("./utils/upload-image");
import uploadFile = require("./utils/upload-file"); import uploadFile = require("./utils/upload-file");
@ -47,4 +48,5 @@ import loginWithGithub = require("./users/social/github-auth");
import sqlGenerator = require("./functions/sql/sql-generator"); import sqlGenerator = require("./functions/sql/sql-generator");
import sqlInsertGenerator = require("./functions/sql/sql-insert-generator"); import sqlInsertGenerator = require("./functions/sql/sql-insert-generator");
import sqlDeleteGenerator = require("./functions/sql/sql-delete-generator"); import sqlDeleteGenerator = require("./functions/sql/sql-delete-generator");
import trimSql = require("./package-shared/utils/trim-sql");
export { get, post, getSchema, sanitizeSql, datasquirelClient as client }; export { get, post, getSchema, sanitizeSql, datasquirelClient as client };

View File

@ -31,6 +31,7 @@ const datasquirelClient = require("./client");
const sqlGenerator = require("./functions/sql/sql-generator"); const sqlGenerator = require("./functions/sql/sql-generator");
const sqlInsertGenerator = require("./functions/sql/sql-insert-generator"); const sqlInsertGenerator = require("./functions/sql/sql-insert-generator");
const sqlDeleteGenerator = require("./functions/sql/sql-delete-generator"); const sqlDeleteGenerator = require("./functions/sql/sql-delete-generator");
const trimSql = require("./package-shared/utils/trim-sql");
//////////////////////////////////////// ////////////////////////////////////////
//////////////////////////////////////// ////////////////////////////////////////
@ -72,6 +73,7 @@ const sql = {
sqlGenerator, sqlGenerator,
sqlInsertGenerator, sqlInsertGenerator,
sqlDeleteGenerator, sqlDeleteGenerator,
trim: trimSql,
}; };
/** /**

View File

@ -20,6 +20,7 @@ const addDbEntry = require("./addDbEntry");
const updateDbEntry = require("./updateDbEntry"); const updateDbEntry = require("./updateDbEntry");
const deleteDbEntry = require("./deleteDbEntry"); const deleteDbEntry = require("./deleteDbEntry");
const parseDbResults = require("../parseDbResults"); const parseDbResults = require("../parseDbResults");
const trimSql = require("../../../utils/trim-sql");
/** ****************************************************************************** */ /** ****************************************************************************** */
/** ****************************************************************************** */ /** ****************************************************************************** */
@ -89,10 +90,7 @@ async function runQuery({
*/ */
try { try {
if (typeof query === "string") { if (typeof query === "string") {
const formattedQuery = query const formattedQuery = trimSql(query);
.replace(/\n|\r|\n\r|\r\n/gm, " ")
.replace(/ {2,}/g, " ")
.trim();
/** /**
* Input Validation * Input Validation
@ -101,10 +99,9 @@ async function runQuery({
*/ */
if ( if (
readOnly && readOnly &&
(formattedQuery.match( formattedQuery.match(
/^alter|^delete|information_schema|databases|^create/i /^alter|^delete|information_schema|databases|^create/i
) || )
!formattedQuery.match(/^select|^\( ?select/i))
) { ) {
throw new Error("Wrong Input!"); throw new Error("Wrong Input!");
} }

24
package-shared/utils/trim-sql.d.ts vendored Normal file
View File

@ -0,0 +1,24 @@
export = trimSql;
/**
* @typedef {object} GrabHostNamesReturn
* @property {string} host
* @property {number | string} port
* @property {typeof http | typeof https} scheme
*/
/**
* # Trim SQL
* @description Remove Returns and miltiple spaces from SQL Query
* @param {string} sql
* @returns {string}
*/
declare function trimSql(sql: string): string;
declare namespace trimSql {
export { GrabHostNamesReturn };
}
type GrabHostNamesReturn = {
host: string;
port: number | string;
scheme: typeof http | typeof https;
};
import http = require("http");
import https = require("https");

View File

@ -0,0 +1,26 @@
// @ts-check
const https = require("https");
const http = require("http");
/**
* @typedef {object} GrabHostNamesReturn
* @property {string} host
* @property {number | string} port
* @property {typeof http | typeof https} scheme
*/
/**
* # Trim SQL
* @description Remove Returns and miltiple spaces from SQL Query
* @param {string} sql
* @returns {string}
*/
function trimSql(sql) {
return sql
.replace(/\n|\r|\n\r|\r\n/gm, " ")
.replace(/ {2,}/g, " ")
.trim();
}
module.exports = trimSql;

View File

@ -1,6 +1,6 @@
{ {
"name": "@moduletrace/datasquirel", "name": "@moduletrace/datasquirel",
"version": "2.7.1", "version": "2.7.2",
"description": "Cloud-based SQL data management tool", "description": "Cloud-based SQL data management tool",
"main": "index.js", "main": "index.js",
"bin": { "bin": {