fabio286/antares
1
1
Fork 0
mirror of https://github.com/Fabio286/antares.git synced 2025-02-18 20:50:48 +01:00
Code Issues Releases Wiki Activity

feat(MySQL): enhance export characters escaping

Browse Source
This commit is contained in:
Giulio Ganci 2022-03-06 19:37:12 +01:00
parent a6f5645a22
commit 3be826df4b
1 changed files with 34 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

42
src/main/libs/exporters/sql/MysqlExporter.js
View File

@ -1,5 +1,5 @@
import { SqlExporter } from './SqlExporter'; import { SqlExporter } from './SqlExporter';
import { BLOB, BIT, DATE, DATETIME, FLOAT, SPATIAL } from 'common/fieldTypes'; import { BLOB, BIT, DATE, DATETIME, FLOAT, SPATIAL, NUMBER } from 'common/fieldTypes';
import hexToBinary from 'common/libs/hexToBinary'; import hexToBinary from 'common/libs/hexToBinary';
import { getArrayDepth } from 'common/libs/getArrayDepth'; import { getArrayDepth } from 'common/libs/getArrayDepth';
import moment from 'moment'; import moment from 'moment';
@ -117,21 +117,20 @@ ${footer}
: val; : val;
} }
else if (DATETIME.includes(column.type)) { else if (DATETIME.includes(column.type)) {
if (typeof val === 'string')
sqlInsertString += this.escapeAndQuote(val);
let datePrecision = ''; let datePrecision = '';
for (let i = 0; i < column.precision; i++) for (let i = 0; i < column.precision; i++)
datePrecision += i === 0 ? '.S' : 'S'; datePrecision += i === 0 ? '.S' : 'S';
sqlInsertString += moment(val).isValid() sqlInsertString += moment(val).isValid()
? this.escapeAndQuote(moment(val).format(`YYYY-MM-DD HH:mm:ss${datePrecision}`)) ? this.escapeAndQuote(moment(val).format(`YYYY-MM-DD HH:mm:ss${datePrecision}`))
: val; : this.escapeAndQuote(val);
} }
else if (BIT.includes(column.type)) else if (BIT.includes(column.type))
sqlInsertString += `b'${hexToBinary(Buffer.from(val).toString('hex'))}'`; sqlInsertString += `b'${hexToBinary(Buffer.from(val).toString('hex'))}'`;
else if (BLOB.includes(column.type)) else if (BLOB.includes(column.type))
sqlInsertString += `X'${val.toString('hex').toUpperCase()}'`; sqlInsertString += `X'${val.toString('hex').toUpperCase()}'`;
else if (NUMBER.includes(column.type))
sqlInsertString += val;
else if (FLOAT.includes(column.type)) else if (FLOAT.includes(column.type))
sqlInsertString += parseFloat(val); sqlInsertString += parseFloat(val);
else if (SPATIAL.includes(column.type)) { else if (SPATIAL.includes(column.type)) {
@ -362,8 +361,35 @@ ${footer}
.join('@'); .join('@');
} }
escapeAndQuote (value) { escapeAndQuote (val) {
if (!value) return null; // eslint-disable-next-line no-control-regex
return `'${value.replaceAll(/'/g, '\'\'')}'`; const CHARS_TO_ESCAPE = /[\0\b\t\n\r\x1a"'\\]/g;
const CHARS_ESCAPE_MAP = {
'\0': '\\0',
'\b': '\\b',
'\t': '\\t',
'\n': '\\n',
'\r': '\\r',
'\x1a': '\\Z',
'"': '\\"',
'\'': '\\\'',
'\\': '\\\\'
};
let chunkIndex = CHARS_TO_ESCAPE.lastIndex = 0;
let escapedVal = '';
let match;
while ((match = CHARS_TO_ESCAPE.exec(val))) {
escapedVal += val.slice(chunkIndex, match.index) + CHARS_ESCAPE_MAP[match[0]];
chunkIndex = CHARS_TO_ESCAPE.lastIndex;
}
if (chunkIndex === 0)
return `'${val}'`;
if (chunkIndex < val.length)
return `'${escapedVal + val.slice(chunkIndex)}'`;
return `'${escapedVal}'`;
} }
} }