Bugfixes
This commit is contained in:
parent
5d56d41624
commit
ebb6141ec5
@ -41,21 +41,6 @@ async function localGet({ options, dbSchema }) {
|
|||||||
const tableName = options?.tableName ? options.tableName : undefined;
|
const tableName = options?.tableName ? options.tableName : undefined;
|
||||||
const dbFullName = process.env.DSQL_DB_NAME || "";
|
const dbFullName = process.env.DSQL_DB_NAME || "";
|
||||||
|
|
||||||
/**
|
|
||||||
* Input Validation
|
|
||||||
*
|
|
||||||
* @description Input Validation
|
|
||||||
*/
|
|
||||||
if (
|
|
||||||
typeof query == "string" &&
|
|
||||||
(query.match(
|
|
||||||
/^alter|^delete|information_schema|databases|^create/i
|
|
||||||
) ||
|
|
||||||
!query.match(/^select|^\( ?select/i))
|
|
||||||
) {
|
|
||||||
return { success: false, msg: "Wrong Input" };
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Create new user folder and file
|
* Create new user folder and file
|
||||||
*
|
*
|
||||||
@ -71,6 +56,7 @@ async function localGet({ options, dbSchema }) {
|
|||||||
dbSchema,
|
dbSchema,
|
||||||
tableName,
|
tableName,
|
||||||
local: true,
|
local: true,
|
||||||
|
readOnly: true,
|
||||||
});
|
});
|
||||||
|
|
||||||
if (error) throw error;
|
if (error) throw error;
|
||||||
|
@ -21,25 +21,6 @@ async function localPost({ options, dbSchema }) {
|
|||||||
const { query, tableName, queryValues } = options;
|
const { query, tableName, queryValues } = options;
|
||||||
const dbFullName = process.env.DSQL_DB_NAME || "";
|
const dbFullName = process.env.DSQL_DB_NAME || "";
|
||||||
|
|
||||||
/**
|
|
||||||
* Input Validation
|
|
||||||
*
|
|
||||||
* @description Input Validation
|
|
||||||
*/
|
|
||||||
if (
|
|
||||||
typeof query === "string" &&
|
|
||||||
query?.match(/^create |^alter |^drop /i)
|
|
||||||
) {
|
|
||||||
return { success: false, msg: "Wrong Input" };
|
|
||||||
}
|
|
||||||
|
|
||||||
if (
|
|
||||||
typeof query === "object" &&
|
|
||||||
query?.action?.match(/^create |^alter |^drop /i)
|
|
||||||
) {
|
|
||||||
return { success: false, msg: "Wrong Input" };
|
|
||||||
}
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Create new user folder and file
|
* Create new user folder and file
|
||||||
*
|
*
|
||||||
|
@ -94,6 +94,23 @@ async function runQuery({
|
|||||||
.replace(/ {2,}/g, " ")
|
.replace(/ {2,}/g, " ")
|
||||||
.trim();
|
.trim();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Input Validation
|
||||||
|
*
|
||||||
|
* @description Input Validation
|
||||||
|
*/
|
||||||
|
if (
|
||||||
|
readOnly &&
|
||||||
|
(formattedQuery.match(
|
||||||
|
/^alter|^delete|information_schema|databases|^create/i
|
||||||
|
) ||
|
||||||
|
!formattedQuery.match(/^select|^\( ?select/i))
|
||||||
|
) {
|
||||||
|
throw new Error("Wrong Input!");
|
||||||
|
}
|
||||||
|
|
||||||
|
console.log("formattedQuery =>", formattedQuery);
|
||||||
|
|
||||||
if (local) {
|
if (local) {
|
||||||
const rawResults = await LOCAL_DB_HANDLER(
|
const rawResults = await LOCAL_DB_HANDLER(
|
||||||
formattedQuery,
|
formattedQuery,
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
{
|
{
|
||||||
"name": "@moduletrace/datasquirel",
|
"name": "@moduletrace/datasquirel",
|
||||||
"version": "2.6.9",
|
"version": "2.7.0",
|
||||||
"description": "Cloud-based SQL data management tool",
|
"description": "Cloud-based SQL data management tool",
|
||||||
"main": "index.js",
|
"main": "index.js",
|
||||||
"bin": {
|
"bin": {
|
||||||
|
Loading…
Reference in New Issue
Block a user