precompiled query may write regex
This commit is contained in:
parent
fb9c6b8aaa
commit
cdb4e5f19b
@ -71,7 +71,7 @@ Date.prototype.toJSON = function() {
|
|||||||
s += ( offset < 0 ? '+' : '-' )
|
s += ( offset < 0 ? '+' : '-' )
|
||||||
+ pad(Math.abs(offset / 60))
|
+ pad(Math.abs(offset / 60))
|
||||||
+ pad(Math.abs(offset % 60))
|
+ pad(Math.abs(offset % 60))
|
||||||
|
|
||||||
}
|
}
|
||||||
return s;
|
return s;
|
||||||
}
|
}
|
||||||
@ -165,19 +165,16 @@ app.get(global.settings.base_url+'/version', function(req, res) {
|
|||||||
res.send(getVersion());
|
res.send(getVersion());
|
||||||
});
|
});
|
||||||
|
|
||||||
// Return true of the given query may write to the database
|
var sqlQueryMayWriteRegex = new RegExp("\\b(alter|insert|update|delete|create|drop|reindex|truncate)\\b", "i");
|
||||||
//
|
/**
|
||||||
// NOTE: this is a fuzzy check, the return could be true even
|
* This is a fuzzy check, the return could be true even if the query doesn't really write anything. But you can be
|
||||||
// if the query doesn't really write anything.
|
* pretty sure of a false return.
|
||||||
// But you can be pretty sure of a false return.
|
*
|
||||||
//
|
* @param sql
|
||||||
|
* @returns {boolean} Return true of the given query may write to the database
|
||||||
|
*/
|
||||||
function queryMayWrite(sql) {
|
function queryMayWrite(sql) {
|
||||||
var mayWrite = false;
|
return sqlQueryMayWriteRegex.test(sql);
|
||||||
var pattern = RegExp("\\b(alter|insert|update|delete|create|drop|reindex|truncate)\\b", "i");
|
|
||||||
if ( pattern.test(sql) ) {
|
|
||||||
mayWrite = true;
|
|
||||||
}
|
|
||||||
return mayWrite;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
function sanitize_filename(filename) {
|
function sanitize_filename(filename) {
|
||||||
|
Loading…
Reference in New Issue
Block a user