doomiwork 3.7.2 → 3.7.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/package.json +1 -1
  2. package/utilities/requestparser.js +5 -5
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "doomiwork",
3
- "version": "3.7.2",
3
+ "version": "3.7.3",
4
4
  "description": "doomisoft nodejs web framework",
5
5
  "main": "index.js",
6
6
  "scripts": {
package/utilities/requestparser.js CHANGED
@@ -66,7 +66,7 @@ class RequestParser {
66
66
  keyValue = '1=0'
67
67
  }
68
68
  } else { ////数组形式的参数,目前框架不支持,统一认为为sql注入攻击,全部忽略
69
- console.log(`参数非法==>类型${typeof (keyValue)}:${matchValue} = ${keyValue}`)
69
+ // console.log(`参数非法==>类型${typeof (keyValue)}:${matchValue} = ${keyValue}`)
70
70
  parseKeyWordIsNull = true;
71
71
  keyValue = ''
72
72
  }
@@ -161,10 +161,10 @@ class RequestParser {
161
161
  req.footerMapping = req.dataConfig.list.footer;
162
162
  /**解析查询条件 */
163
163
  req.searchCondition = this.getSearchCondition({ request: req, refer: req.dataConfig.list.search });
164
- /**排序方式 */// req.sort || //稍后恢复
165
- req.sort = req.dataConfig.list.sort;
166
- /**来自req请求参数中的过滤条件 */ //稍后恢复
167
- let clientFilter = '';// this.checkSqlInjection(this.parseAndReplaceSql(req,req.query.clientFilter),false);
164
+ /**排序方式 *///
165
+ req.sort = req.sort || req.dataConfig.list.sort;
166
+ /**来自req请求参数中的过滤条件 */
167
+ let clientFilter = this.checkSqlInjection(this.parseAndReplaceSql(req,req.query.clientFilter),false);
168
168
 
169
169
  let listsql = '';
170
170
  ///是否有列表尾部的统计SQL