badmfck-api-server 3.8.0 → 3.8.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/apiServer/APIService.js +1 -1
  2. package/dist/apiServer/db/MysqlAdapter.d.ts +1 -0
  3. package/dist/apiServer/db/MysqlAdapter.js +10 -7
  4. package/dist/apiServer/helper/Validator.js +1 -1
  5. package/package.json +1 -1
package/dist/apiServer/APIService.js CHANGED
@@ -95,7 +95,7 @@ async function Initializer(services) {
95
95
  exports.Initializer = Initializer;
96
96
  class APIService extends BaseService_1.BaseService {
97
97
  static nextLogID = 0;
98
- version = "3.8.0";
98
+ version = "3.8.2";
99
99
  options;
100
100
  monitor = null;
101
101
  started = new Date();
package/dist/apiServer/db/MysqlAdapter.d.ts CHANGED
@@ -48,6 +48,7 @@ export declare class MysqlAdapter implements IDBAdapter {
48
48
  query(request: IDBQuery, conn?: mysql.PoolConnection): Promise<IDBResult>;
49
49
  finalizeConnection(conn: mysql.PoolConnection): void;
50
50
  prepareQuery(request: IDBQuery): string;
51
+ static safeReplace(query: string, key: string, value: string): string;
51
52
  static prepareQueryFieldValue(field: IDBQueryField): string | number | boolean | null | undefined;
52
53
  prepareCountQuery(query: string): string;
53
54
  commit(trx: ITransaction): Promise<IDBError | null>;
package/dist/apiServer/db/MysqlAdapter.js CHANGED
@@ -519,7 +519,7 @@ class MysqlAdapter {
519
519
  queryField.name = name.replaceAll("`", '').replaceAll('\"', "").replaceAll('\'', "");
520
520
  fields[i] = queryField;
521
521
  const parsed = MysqlAdapter.prepareQueryFieldValue(fields[i]);
522
- query = query.replaceAll("@" + name, parsed + "");
522
+ query = MysqlAdapter.safeReplace(query, "@" + name, parsed + "");
523
523
  }
524
524
  }
525
525
  const tmp = query.toLowerCase();
@@ -538,9 +538,8 @@ class MysqlAdapter {
538
538
  insertFieldNames.push('`' + f.name + '`');
539
539
  insertFieldValues.push(f.__parsedValue);
540
540
  }
541
- query = query
542
- .replaceAll('@fields', insertFieldNames.join(","))
543
- .replaceAll('@values', insertFieldValues.join(","));
541
+ query = MysqlAdapter.safeReplace(query, "@fields", insertFieldNames.join(","));
542
+ query = MysqlAdapter.safeReplace(query, "@values", insertFieldValues.join(","));
544
543
  }
545
544
  if (query.indexOf("@insert") !== -1) {
546
545
  let oninsertNames = [];
@@ -554,7 +553,7 @@ class MysqlAdapter {
554
553
  oninsertNames.push(f.name);
555
554
  oninsertValues.push(f.__parsedValue);
556
555
  }
557
- query = query.replaceAll("@insert", `(${oninsertNames.join(",")}) VALUES (${oninsertValues.join(",")})`);
556
+ query = MysqlAdapter.safeReplace(query, "@insert", `(${oninsertNames.join(",")}) VALUES (${oninsertValues.join(",")})`);
558
557
  }
559
558
  if (query.indexOf("@onupdate") !== -1) {
560
559
  let onUpdate = [];
@@ -566,7 +565,7 @@ class MysqlAdapter {
566
565
  continue;
567
566
  onUpdate.push('`' + f.name + '` = ' + f.__parsedValue);
568
567
  }
569
- query = query.replaceAll("@onupdate", onUpdate.join(" , "));
568
+ query = MysqlAdapter.safeReplace(query, "@onupdate", onUpdate.join(" , "));
570
569
  }
571
570
  if (query.indexOf('@onduplicate') !== -1) {
572
571
  let onDuplicate = [];
@@ -578,10 +577,14 @@ class MysqlAdapter {
578
577
  continue;
579
578
  onDuplicate.push('`' + f.name + '` = ' + f.__parsedValue);
580
579
  }
581
- query = query.replaceAll("@onduplicate", onDuplicate.join(" , "));
580
+ query = MysqlAdapter.safeReplace(query, "@onduplicate", onDuplicate.join(" , "));
582
581
  }
583
582
  return query;
584
583
  }
584
+ static safeReplace(query, key, value) {
585
+ const regex = new RegExp(key + "(?=\\b|\\s|,|\\)|$)", "g");
586
+ return query.replace(regex, value);
587
+ }
585
588
  static prepareQueryFieldValue(field) {
586
589
  let value = field.value;
587
590
  let system = field.system;
package/dist/apiServer/helper/Validator.js CHANGED
@@ -100,7 +100,7 @@ class Validator {
100
100
  if (!optional) {
101
101
  if (Array.isArray(object) && !isNaN(parseInt(`${i}`))) {
102
102
  const p = parentPath.length > 0 ? parentPath.slice(0, -1) : parentPath;
103
- errors.push("no item for '" + parentPath + "[" + i + "]'");
103
+ errors.push("no item for '" + p + "[" + i + "]'");
104
104
  }
105
105
  else {
106
106
  errors.push("no field '" + parentPath + i + "'");
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "badmfck-api-server",
3
- "version": "3.8.0",
3
+ "version": "3.8.2",
4
4
  "description": "Simple API http server based on express",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",