From c36564f9ae10133863e1bd32d8a1ae04037115e2 Mon Sep 17 00:00:00 2001
From: yuruo <yuruotong1@163.com>
Date: Tue, 18 Jun 2024 14:14:55 +0800
Subject: [PATCH] =?UTF-8?q?=F0=9F=90=9B=20=E4=BF=AE=E5=A4=8D(ipc.ts)?=
 =?UTF-8?q?=EF=BC=9A=E6=9B=B4=E6=96=B0ipcMain.handle('sql')=E5=87=BD?=
 =?UTF-8?q?=E6=95=B0=E4=BB=A5=E6=94=AF=E6=8C=81=E5=B8=A6params=E7=9A=84?=
 =?UTF-8?q?=E6=9F=A5=E8=AF=A2=20=20=20=E2=99=BB=EF=B8=8F=20=E9=87=8D?=
 =?UTF-8?q?=E6=9E=84(query.ts)=EF=BC=9A=E6=9B=B4=E6=96=B0update=E5=87=BD?=
 =?UTF-8?q?=E6=95=B0=E4=BB=A5=E9=98=B2=E6=AD=A2SQL=E6=B3=A8=E5=85=A5=20=20?=
 =?UTF-8?q?=20=F0=9F=94=A7=20=E6=B7=BB=E5=8A=A0(tables.ts)=EF=BC=9A?=
 =?UTF-8?q?=E5=88=9B=E5=BB=BAcontents=E8=A1=A8=20=20=20=F0=9F=94=A7=20?=
 =?UTF-8?q?=E6=B7=BB=E5=8A=A0(preload/index.d.ts)=EF=BC=9A=E6=9B=B4?=
 =?UTF-8?q?=E6=96=B0sql=E6=96=B9=E6=B3=95=E4=BB=A5=E6=94=AF=E6=8C=81params?=
 =?UTF-8?q?=20=20=20=F0=9F=94=A7=20=E6=B7=BB=E5=8A=A0(preload/index.ts)?=
 =?UTF-8?q?=EF=BC=9A=E6=9B=B4=E6=96=B0sql=E6=96=B9=E6=B3=95=E4=BB=A5?=
 =?UTF-8?q?=E6=94=AF=E6=8C=81params=20=20=20=F0=9F=94=A7=20=E6=B7=BB?=
 =?UTF-8?q?=E5=8A=A0(Content.tsx)=EF=BC=9A=E6=9B=B4=E6=96=B0=E5=86=85?=
 =?UTF-8?q?=E5=AE=B9=E9=A1=B5=E7=9A=84key=E5=B1=9E=E6=80=A7=20=20=20?=
 =?UTF-8?q?=F0=9F=94=A7=20=E6=B7=BB=E5=8A=A0(ContentAction.ts)=EF=BC=9A?=
 =?UTF-8?q?=E6=9B=B4=E6=96=B0async=E5=87=BD=E6=95=B0=E4=BB=A5=E6=8E=A5?=
 =?UTF-8?q?=E5=8F=97params=20for=E8=B7=AF=E7=94=B1=E4=BC=A0=E5=8F=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 ui/autoMate/src/main/db/ipc.ts                 |  4 ++--
 ui/autoMate/src/main/db/query.ts               |  6 ++++--
 ui/autoMate/src/main/db/tables.ts              | 18 +++++++++---------
 ui/autoMate/src/preload/index.d.ts             |  2 +-
 ui/autoMate/src/preload/index.ts               |  4 ++--
 .../src/renderer/src/pages/Content/Content.tsx |  2 +-
 .../src/pages/Content/ContentAction.ts         | 13 ++++++++++---
 7 files changed, 29 insertions(+), 20 deletions(-)

diff --git a/ui/autoMate/src/main/db/ipc.ts b/ui/autoMate/src/main/db/ipc.ts
index c6e3209..00e7dda 100644
--- a/ui/autoMate/src/main/db/ipc.ts
+++ b/ui/autoMate/src/main/db/ipc.ts
@@ -1,5 +1,5 @@
 import { IpcMainInvokeEvent, ipcMain } from "electron";
 import * as query from './query'
-ipcMain.handle('sql', (_event: IpcMainInvokeEvent, sql: string, type: SqlActionType) => {
-    return query[type](sql)
+ipcMain.handle('sql', (_event: IpcMainInvokeEvent, sql: string, type: SqlActionType, params={}) => {
+    return query[type](sql, params)
 })
\ No newline at end of file
diff --git a/ui/autoMate/src/main/db/query.ts b/ui/autoMate/src/main/db/query.ts
index a120bdb..faf1e42 100644
--- a/ui/autoMate/src/main/db/query.ts
+++ b/ui/autoMate/src/main/db/query.ts
@@ -12,8 +12,10 @@ export const create = (sql: string) => {
     return db.prepare(sql).run().lastInsertRowid;
 }
 
-export const update = (sql: string) => {
-    return db.prepare(sql).run().changes;
+
+//使用 params 是为了防止 sql 注入
+export const update = (sql: string, params: Record<string, any>) => {
+    return db.prepare(sql).run(params).changes;
 }
 
 export const del = (sql: string) => {
diff --git a/ui/autoMate/src/main/db/tables.ts b/ui/autoMate/src/main/db/tables.ts
index 6d4fb11..0f2ebb7 100644
--- a/ui/autoMate/src/main/db/tables.ts
+++ b/ui/autoMate/src/main/db/tables.ts
@@ -10,15 +10,15 @@ CREATE TABLE IF NOT EXISTS categories (
 `)
 
 
-// db.exec(`
-// CREATE TABLE IF NOT EXISTS contents (
-//     id INTEGER PRIMARY KEY AUTOINCREMENT not null,
-//     title TEXT not null,
-//     content TEXT not null,
-//     category_id INTEGER,
-//     created_at TEXT not null
-// );
-// `)
+db.exec(`
+CREATE TABLE IF NOT EXISTS contents (
+    id INTEGER PRIMARY KEY AUTOINCREMENT not null,
+    title TEXT not null,
+    content TEXT not null,
+    category_id INTEGER,
+    created_at TEXT not null
+);
+`)
 
 // for (let i = 0; i < 20; i++) {
 //     const name = Random.title(5, 10)
diff --git a/ui/autoMate/src/preload/index.d.ts b/ui/autoMate/src/preload/index.d.ts
index 0e5e6aa..917d349 100644
--- a/ui/autoMate/src/preload/index.d.ts
+++ b/ui/autoMate/src/preload/index.d.ts
@@ -8,7 +8,7 @@ declare global {
       shortCut: (type: 'search', shortCut: string) => Promise<boolean>,
       setIgnoreMouseEvents: (ignore: boolean, options?: { forward: boolean }) => void,
       openConfigWindow: () => void,
-      sql: <T>(sql: string, type: SqlActionType) => Promise<T>
+      sql: <T>(sql: string, type: SqlActionType, params?: Record<string, any>) => Promise<T>
     }
   }
 }
diff --git a/ui/autoMate/src/preload/index.ts b/ui/autoMate/src/preload/index.ts
index c8f544c..25aae3e 100644
--- a/ui/autoMate/src/preload/index.ts
+++ b/ui/autoMate/src/preload/index.ts
@@ -15,8 +15,8 @@ const api = {
   openConfigWindow: () => {
     ipcRenderer.send("openConfigWindow")
   },
-  sql: (sql: string, type: SqlActionType) => {
-    return ipcRenderer.invoke("sql", sql, type)
+  sql: (sql: string, type: SqlActionType, params={}) => {
+    return ipcRenderer.invoke("sql", sql, type, params)
   }
 
 }
diff --git a/ui/autoMate/src/renderer/src/pages/Content/Content.tsx b/ui/autoMate/src/renderer/src/pages/Content/Content.tsx
index 8ff0c21..9f0e03a 100644
--- a/ui/autoMate/src/renderer/src/pages/Content/Content.tsx
+++ b/ui/autoMate/src/renderer/src/pages/Content/Content.tsx
@@ -4,7 +4,7 @@ export const Content = () => {
     const content = useLoaderData() as ContentType
     return (
     <Form method="PUT">
-    <main className="content-page">
+    <main className="content-page" key={content.id}>
         <input defaultValue={content.title} name="title"/>
         <textarea defaultValue={content.content} name="content"/>
         <div className="border-t flex items-center justify-center">
diff --git a/ui/autoMate/src/renderer/src/pages/Content/ContentAction.ts b/ui/autoMate/src/renderer/src/pages/Content/ContentAction.ts
index 85cc4e4..9ff928f 100644
--- a/ui/autoMate/src/renderer/src/pages/Content/ContentAction.ts
+++ b/ui/autoMate/src/renderer/src/pages/Content/ContentAction.ts
@@ -1,5 +1,12 @@
-export default async({request}) => {
+export default async({request, params}) => {
+    // params 接收路由中传递过来的数据
     const data = await request.formData()
-    console.log(data.get("content"))
-    return {}
+    const res = window.api.sql(
+        `update contents set title=@title, content=@content where id=@id`, 
+        "update",
+        {title: data.get("title"), 
+        content: data.get("content"), 
+        id: params.id}
+    )
+    return res
 }
\ No newline at end of file