diff --git a/ui/autoMate/src/main/db/ipc.ts b/ui/autoMate/src/main/db/ipc.ts index c6e3209..00e7dda 100644 --- a/ui/autoMate/src/main/db/ipc.ts +++ b/ui/autoMate/src/main/db/ipc.ts @@ -1,5 +1,5 @@ import { IpcMainInvokeEvent, ipcMain } from "electron"; import * as query from './query' -ipcMain.handle('sql', (_event: IpcMainInvokeEvent, sql: string, type: SqlActionType) => { - return query[type](sql) +ipcMain.handle('sql', (_event: IpcMainInvokeEvent, sql: string, type: SqlActionType, params={}) => { + return query[type](sql, params) }) \ No newline at end of file diff --git a/ui/autoMate/src/main/db/query.ts b/ui/autoMate/src/main/db/query.ts index a120bdb..faf1e42 100644 --- a/ui/autoMate/src/main/db/query.ts +++ b/ui/autoMate/src/main/db/query.ts @@ -12,8 +12,10 @@ export const create = (sql: string) => { return db.prepare(sql).run().lastInsertRowid; } -export const update = (sql: string) => { - return db.prepare(sql).run().changes; + +//使用 params 是为了防止 sql 注入 +export const update = (sql: string, params: Record) => { + return db.prepare(sql).run(params).changes; } export const del = (sql: string) => { diff --git a/ui/autoMate/src/main/db/tables.ts b/ui/autoMate/src/main/db/tables.ts index 6d4fb11..0f2ebb7 100644 --- a/ui/autoMate/src/main/db/tables.ts +++ b/ui/autoMate/src/main/db/tables.ts @@ -10,15 +10,15 @@ CREATE TABLE IF NOT EXISTS categories ( `) -// db.exec(` -// CREATE TABLE IF NOT EXISTS contents ( -// id INTEGER PRIMARY KEY AUTOINCREMENT not null, -// title TEXT not null, -// content TEXT not null, -// category_id INTEGER, -// created_at TEXT not null -// ); -// `) +db.exec(` +CREATE TABLE IF NOT EXISTS contents ( + id INTEGER PRIMARY KEY AUTOINCREMENT not null, + title TEXT not null, + content TEXT not null, + category_id INTEGER, + created_at TEXT not null +); +`) // for (let i = 0; i < 20; i++) { // const name = Random.title(5, 10) diff --git a/ui/autoMate/src/preload/index.d.ts b/ui/autoMate/src/preload/index.d.ts index 0e5e6aa..917d349 100644 --- a/ui/autoMate/src/preload/index.d.ts +++ b/ui/autoMate/src/preload/index.d.ts @@ -8,7 +8,7 @@ declare global { shortCut: (type: 'search', shortCut: string) => Promise, setIgnoreMouseEvents: (ignore: boolean, options?: { forward: boolean }) => void, openConfigWindow: () => void, - sql: (sql: string, type: SqlActionType) => Promise + sql: (sql: string, type: SqlActionType, params?: Record) => Promise } } } diff --git a/ui/autoMate/src/preload/index.ts b/ui/autoMate/src/preload/index.ts index c8f544c..25aae3e 100644 --- a/ui/autoMate/src/preload/index.ts +++ b/ui/autoMate/src/preload/index.ts @@ -15,8 +15,8 @@ const api = { openConfigWindow: () => { ipcRenderer.send("openConfigWindow") }, - sql: (sql: string, type: SqlActionType) => { - return ipcRenderer.invoke("sql", sql, type) + sql: (sql: string, type: SqlActionType, params={}) => { + return ipcRenderer.invoke("sql", sql, type, params) } } diff --git a/ui/autoMate/src/renderer/src/pages/Content/Content.tsx b/ui/autoMate/src/renderer/src/pages/Content/Content.tsx index 8ff0c21..9f0e03a 100644 --- a/ui/autoMate/src/renderer/src/pages/Content/Content.tsx +++ b/ui/autoMate/src/renderer/src/pages/Content/Content.tsx @@ -4,7 +4,7 @@ export const Content = () => { const content = useLoaderData() as ContentType return (
-
+