address-client 4.0.18 → 4.0.20

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/package.json +1 -1
  2. package/src/filiale/meihekou/AreaList.vue +2 -2
  3. package/src/filiale/tongchuan/UserAddress.vue +70 -15
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "address-client",
3
- "version": "4.0.18",
3
+ "version": "4.0.20",
4
4
  "description": "地址管理前台组件",
5
5
  "author": "wanbochao",
6
6
  "license": "ISC",
package/src/filiale/meihekou/AreaList.vue CHANGED
@@ -127,7 +127,7 @@
127
127
  <th v-show="!$parent.$parent.$parent.$parent.areaShow"><nobr>抄表员</nobr></th>
128
128
  <th v-show="!$parent.$parent.$parent.$parent.areaShow"><nobr>房屋类型</nobr></th>
129
129
  <th v-show="!$parent.$parent.$parent.$parent.areaShow"><nobr>安装位置</nobr></th>
130
- <th v-show="!$parent.$parent.$parent.$parent.areaShow"><nobr>片区/管理站 </nobr></th>
130
+ <th v-show="!$parent.$parent.$parent.$parent.areaShow"><nobr>维修片区</nobr></th>
131
131
  <th><nobr>操作人</nobr></th>
132
132
  <th><nobr>操作日期</nobr></th>
133
133
  <th title="该小区下现有的地址数"><nobr>地址数</nobr></th>
@@ -254,7 +254,7 @@ export default {
254
254
  'f_inputtor':'抄表员',
255
255
  'f_house_type':'房屋类型',
256
256
  'f_position':'安装位置',
257
- 'f_slice_area':'片区/管理站',
257
+ 'f_slice_area':'维修片区',
258
258
  'f_operator':'操作人',
259
259
  'f_operate_date':'操作日期',
260
260
  'addressnum':'地址数'
package/src/filiale/tongchuan/UserAddress.vue CHANGED
@@ -97,6 +97,8 @@
97
97
  <input type="text" style="width:40%" v-model="model.f_building" class="input_search"
98
98
  placeholder="楼号"/>
99
99
  <input type="text" style="width:20%" v-model="model.f_building_suffix" class="input_search"
100
+ @input="filterSqlInjection(model.f_building_suffix, 'f_building_suffix')"
101
+ @blur="filterSqlInjection(model.f_building_suffix, 'f_building_suffix')"
100
102
  />
101
103
 
102
104
  </div>
@@ -104,6 +106,8 @@
104
106
  <label for="f_address" class="font_normal_body">单&emsp;&emsp;元</label>
105
107
  <input type="text" style="width:40%" v-model="model.f_unit" class="input_search" placeholder="单元"/>
106
108
  <input type="text" style="width:20%" v-model="model.f_unit_suffix" class="input_search"
109
+ @input="filterSqlInjection(model.f_unit_suffix, 'f_unit_suffix')"
110
+ @blur="filterSqlInjection(model.f_unit_suffix, 'f_unit_suffix')"
107
111
  />
108
112
  </div>
109
113
  <div v-if="!usertype" class="col-sm-6 form-group ">
@@ -111,6 +115,8 @@
111
115
  <input type="text" style="width:40%" v-model="model.f_floor" class="input_search"
112
116
  placeholder="楼层" />
113
117
  <input type="text" style="width:20%" v-model="model.f_floor_suffix" class="input_search"
118
+ @input="filterSqlInjection(model.f_floor_suffix, 'f_floor_suffix')"
119
+ @blur="filterSqlInjection(model.f_floor_suffix, 'f_floor_suffix')"
114
120
  />
115
121
  </div>
116
122
  <div v-if="!usertype" class="col-sm-6 form-group "
@@ -119,6 +125,8 @@
119
125
  <input type="text" style="width:40%" v-model="model.f_room" class="input_search" placeholder="门牌号"
120
126
  v-validate:f_room='{required: true }'/>
121
127
  <input type="text" style="width:20%" v-model="model.f_room_suffix" class="input_search"
128
+ @input="filterSqlInjection(model.f_room_suffix, 'f_room_suffix')"
129
+ @blur="filterSqlInjection(model.f_room_suffix, 'f_room_suffix')"
122
130
  />
123
131
  </div>
124
132
  <div class="col-sm-6 form-group">
@@ -206,75 +214,111 @@
206
214
  <div class="col-sm-6 form-group "
207
215
  :class="[$v.f_building_start.integernum || $v.f_building_start.dctest ?'has-error' : 'has-success']">
208
216
  <label for="f_address" class="font_normal_body">起始楼号</label>
209
- <input type="text" style="width:15%" placeholder="前缀" v-model="model.f_building_prefix" class="input_search"/>
217
+ <input type="text" style="width:15%" placeholder="前缀" v-model="model.f_building_prefix" class="input_search"
218
+ @input="filterSqlInjection(model.f_building_prefix, 'f_building_prefix')"
219
+ @blur="filterSqlInjection(model.f_building_prefix, 'f_building_prefix')"
220
+ />
210
221
  <input type="text" style="width:25%"
211
222
  v-validate:f_building_start='{integernum: true ,dctest: [model.f_building_end, "<=" ]}'
212
223
  v-model="model.f_building_start" class="input_search" placeholder="楼号"/>
213
- <input type="text" style="width:17%" v-model="model.f_building_suffix" class="input_search"/>
224
+ <input type="text" style="width:17%" v-model="model.f_building_suffix" class="input_search"
225
+ @input="filterSqlInjection(model.f_building_suffix, 'f_building_suffix')"
226
+ @blur="filterSqlInjection(model.f_building_suffix, 'f_building_suffix')"
227
+ />
214
228
  </div>
215
229
  <div class="col-sm-6 form-group "
216
230
  :class="[$v.f_building_end.integernum ||$v.f_building_end.dctest ? 'has-error' : 'has-success']">
217
231
  <label for="f_address" class="font_normal_body">截止楼号</label>
218
- <input type="text" style="width:15%" placeholder="前缀" v-model="model.f_building_prefix" class="input_search"/>
232
+ <input type="text" style="width:15%" placeholder="前缀" v-model="model.f_building_prefix" class="input_search"
233
+ @input="filterSqlInjection(model.f_building_prefix, 'f_building_prefix')"
234
+ @blur="filterSqlInjection(model.f_building_prefix, 'f_building_prefix')"/>
219
235
  <input type="text" style="width:25%"
220
236
  v-validate:f_building_end='{integernum: true ,dctest: [model.f_building_start, ">=" ]}'
221
237
  v-model="model.f_building_end" class="input_search" placeholder="楼号"/>
222
238
  <input type="text" style="width:17%" v-model="model.f_building_suffix" class="input_search"
239
+ @input="filterSqlInjection(model.f_building_suffix, 'f_building_suffix')"
240
+ @blur="filterSqlInjection(model.f_building_suffix, 'f_building_suffix')"
223
241
  />
224
242
  </div>
225
243
  <div class="col-sm-6 form-group "
226
244
  :class="[$v.f_unit_start.integernum || $v.f_unit_start.dctest ? 'has-error' : 'has-success']">
227
245
  <label for="f_address" class="font_normal_body">起始单元</label>
228
- <input type="text" style="width:15%" placeholder="前缀" v-model="model.f_unit_prefix" class="input_search" />
246
+ <input type="text" style="width:15%" placeholder="前缀" v-model="model.f_unit_prefix" class="input_search"
247
+ @input="filterSqlInjection(model.f_unit_prefix, 'f_unit_prefix')"
248
+ @blur="filterSqlInjection(model.f_unit_prefix, 'f_unit_prefix')"
249
+ />
229
250
  <input type="text" style="width:25%"
230
251
  v-validate:f_unit_start='{integernum: true ,dctest: [model.f_unit_end, "<=" ]}'
231
252
  v-model="model.f_unit_start" class="input_search" placeholder="单元"/>
232
- <input type="text" style="width:17%" v-model="model.f_unit_suffix" class="input_search" />
253
+ <input type="text" style="width:17%" v-model="model.f_unit_suffix" class="input_search"
254
+ @input="filterSqlInjection(model.f_unit_suffix, 'f_unit_suffix')"
255
+ @blur="filterSqlInjection(model.f_unit_suffix, 'f_unit_suffix')"
256
+ />
233
257
  </div>
234
258
  <div class="col-sm-6 form-group "
235
259
  :class="[$v.f_unit_end.integernum ||$v.f_unit_end.dctest ? 'has-error' : 'has-success']">
236
260
  <label for="f_address" class="font_normal_body">截止单元</label>
237
- <input type="text" style="width:15%" placeholder="前缀" v-model="model.f_unit_prefix" class="input_search" />
261
+ <input type="text" style="width:15%" placeholder="前缀" v-model="model.f_unit_prefix" class="input_search"
262
+ @input="filterSqlInjection(model.f_unit_prefix, 'f_unit_prefix')"
263
+ @blur="filterSqlInjection(model.f_unit_prefix, 'f_unit_prefix')"/>
238
264
  <input type="text" style="width:25%"
239
265
  v-validate:f_unit_end='{integernum: true ,dctest: [model.f_unit_start, ">="]}'
240
266
  v-model="model.f_unit_end" class="input_search" placeholder="单元"/>
241
- <input type="text" style="width:17%" v-model="model.f_unit_suffix" class="input_search"/>
267
+ <input type="text" style="width:17%" v-model="model.f_unit_suffix" class="input_search"
268
+ @input="filterSqlInjection(model.f_unit_suffix, 'f_unit_suffix')"
269
+ @blur="filterSqlInjection(model.f_unit_suffix, 'f_unit_suffix')"/>
242
270
  </div>
243
271
  <div class="col-sm-6 form-group "
244
272
  :class="[$v.f_floor_start.integernum || $v.f_floor_start.dctest ? 'has-error' : 'has-success']">
245
273
  <label for="f_address" class="font_normal_body">起始楼层</label>
246
- <input type="text" style="width:15%" placeholder="前缀" v-model="model.f_floor_prefix" class="input_search"/>
274
+ <input type="text" style="width:15%" placeholder="前缀" v-model="model.f_floor_prefix" class="input_search"
275
+ @input="filterSqlInjection(model.f_floor_prefix, 'f_floor_prefix')"
276
+ @blur="filterSqlInjection(model.f_floor_prefix, 'f_floor_prefix')"/>
247
277
  <input type="text" style="width:25%"
248
278
  v-validate:f_floor_start='{integernum: true,dctest: [model.f_floor_end, "<=" ] }'
249
279
  v-model="model.f_floor_start" class="input_search" placeholder="楼层"/>
250
- <input type="text" style="width:17%" v-model="model.f_floor_suffix" class="input_search"/>
280
+ <input type="text" style="width:17%" v-model="model.f_floor_suffix" class="input_search"
281
+ @input="filterSqlInjection(model.f_floor_suffix, 'f_floor_suffix')"
282
+ @blur="filterSqlInjection(model.f_floor_suffix, 'f_floor_suffix')"/>
251
283
  </div>
252
284
  <div class="col-sm-6 form-group "
253
285
  :class="[$v.f_floor_end.integernum ||$v.f_floor_end.dctest ? 'has-error' : 'has-success']">
254
286
  <label for="f_address" class="font_normal_body">截止楼层</label>
255
- <input type="text" style="width:15%" placeholder="前缀" v-model="model.f_floor_prefix" class="input_search"/>
287
+ <input type="text" style="width:15%" placeholder="前缀" v-model="model.f_floor_prefix" class="input_search"
288
+ @input="filterSqlInjection(model.f_floor_prefix, 'f_floor_prefix')"
289
+ @blur="filterSqlInjection(model.f_floor_prefix, 'f_floor_prefix')"/>
256
290
  <input type="text" style="width:25%" v-model="model.f_floor_end"
257
291
  v-validate:f_floor_end='{integernum: true,dctest: [model.f_floor_start, ">=" ] }'
258
292
  class="input_search" placeholder="楼层"/>
259
- <input type="text" style="width:17%" v-model="model.f_floor_suffix" class="input_search"/>
293
+ <input type="text" style="width:17%" v-model="model.f_floor_suffix" class="input_search"
294
+ @input="filterSqlInjection(model.f_floor_suffix, 'f_floor_suffix')"
295
+ @blur="filterSqlInjection(model.f_floor_suffix, 'f_floor_suffix')"/>
260
296
  </div>
261
297
  <div class="col-sm-6 form-group "
262
298
  :class="[$v.f_room_start.integernum || $v.f_room_start.dctest ? 'has-error' : 'has-success']">
263
299
  <label for="f_address" class="font_normal_body">起始门牌</label>
264
- <input type="text" style="width:15%" placeholder="前缀" v-model="model.f_room_prefix" class="input_search"/>
300
+ <input type="text" style="width:15%" placeholder="前缀" v-model="model.f_room_prefix" class="input_search"
301
+ @input="filterSqlInjection(model.f_room_prefix, 'f_room_prefix')"
302
+ @blur="filterSqlInjection(model.f_room_prefix, 'f_room_prefix')"/>
265
303
  <input type="text" style="width:25%" v-model="model.f_room_start"
266
304
  class="input_search" placeholder="门牌号"
267
305
  v-validate:f_room_start='{integernum: true ,dctest: [model.f_room_end, "<=" ]}'
268
306
  />
269
- <input type="text" style="width:17%" v-model="model.f_room_suffix" class="input_search"/>
307
+ <input type="text" style="width:17%" v-model="model.f_room_suffix" class="input_search"
308
+ @input="filterSqlInjection(model.f_room_suffix, 'f_room_suffix')"
309
+ @blur="filterSqlInjection(model.f_room_suffix, 'f_room_suffix')"/>
270
310
  </div>
271
311
  <div class="col-sm-6 form-group "
272
312
  :class="[$v.f_room_end.integernum ||$v.f_room_end.dctest ? 'has-error' : 'has-success']">
273
313
  <label for="f_address" class="font_normal_body">截止门牌</label>
274
- <input type="text" style="width:15%" placeholder="前缀" v-model="model.f_room_prefix" class="input_search"/>
314
+ <input type="text" style="width:15%" placeholder="前缀" v-model="model.f_room_prefix" class="input_search"
315
+ @input="filterSqlInjection(model.f_room_prefix, 'f_room_prefix')"
316
+ @blur="filterSqlInjection(model.f_room_prefix, 'f_room_prefix')"/>
275
317
  <input type="text" style="width:25%" v-model="model.f_room_end" class="input_search" placeholder="门牌号"
276
318
  v-validate:f_room_end='{integernum: true ,dctest: [model.f_room_start, ">=" ]}'/>
277
- <input type="text" style="width:17%" v-model="model.f_room_suffix" class="input_search"/>
319
+ <input type="text" style="width:17%" v-model="model.f_room_suffix" class="input_search"
320
+ @input="filterSqlInjection(model.f_room_suffix, 'f_room_suffix')"
321
+ @blur="filterSqlInjection(model.f_room_suffix, 'f_room_suffix')"/>
278
322
  </div>
279
323
  <div class="col-sm-6 form-group">
280
324
  <label class="font_normal_body">地址状态</label>
@@ -417,6 +461,17 @@
417
461
  this.model.f_standard_number = ''
418
462
  }
419
463
  },
464
+ // 过滤SQL注入危险字符
465
+ filterSqlInjection(value, fieldName) {
466
+ if (!value) return
467
+ // SQL注入常见危险字符模式
468
+ const sqlPatterns = /(--|;|'|"|`|(\/\*)|(\*\/)|(\@\@)|(\@)|(xp_)|(exec)|(execute)|(select)|(insert)|(update)|(delete)|(drop)|(create)|(alter)|(truncate)|(union)|(join)|(and)|(or)|(\-\-))/gi
469
+ if (sqlPatterns.test(value)) {
470
+ this.$showAlert(`${fieldName}包含非法字符,已自动过滤`, 'warning', 2000)
471
+ // 过滤掉危险字符
472
+ this.model[fieldName] = value.replace(/(--|;|'|"|`|(\/\*)|(\*\/)|(\@\@)|(\@)|(xp_)|(exec)|(execute)|(select)|(insert)|(update)|(delete)|(drop)|(create)|(alter)|(truncate)|(union)|(join)|(and)|(or))/gi, '')
473
+ }
474
+ },
420
475
  contractsyanzheng(){
421
476
  console.log(this.model.f_contracts_number.length)
422
477
  if (this.model.f_contracts_number.length != 5){