| | |
|---|
| | | static verifySql (sql, type) { |
|---|
| | | if (!sql) return '' |
|---|
| | | let chars = [ |
|---|
| | | {key: 'create', reg: '(^|\\s)create\\s'}, |
|---|
| | | {key: 'insert', reg: '(^|\\s)insert\\s'}, |
|---|
| | | {key: 'delete', reg: '(^|\\s)delete\\s'}, |
|---|
| | | {key: 'update', reg: '(^|\\s)update\\s'}, |
|---|
| | | {key: 'set', reg: '(^|\\s)set\\s'}, |
|---|
| | | {key: 'drop', reg: '(^|\\s)drop\\s'}, |
|---|
| | | {key: 'alter', reg: '(^|\\s)alter\\s'}, |
|---|
| | | {key: 'truncate', reg: '(^|\\s)truncate\\s'}, |
|---|
| | | {key: 'if', reg: '(^|\\s)if\\s'}, |
|---|
| | | {key: 'exec', reg: 'exec'}, |
|---|
| | | {key: 'OBJECT', reg: 'OBJECT'}, |
|---|
| | | {key: 'sys.', reg: 'sys.'}, |
|---|
| | | {key: 'kill', reg: 'kill'}, |
|---|
| | | {key: 'create', reg: /(^|\s)create\s/ig}, |
|---|
| | | {key: 'insert', reg: /(^|\s)insert\s/ig}, |
|---|
| | | {key: 'delete', reg: /(^|\s)delete\s/ig}, |
|---|
| | | {key: 'update', reg: /(^|\s)update\s/ig}, |
|---|
| | | {key: 'set', reg: /(^|\s)set\s/ig}, |
|---|
| | | {key: 'drop', reg: /(^|\s)drop\s/ig}, |
|---|
| | | {key: 'alter', reg: /(^|\s)alter\s/ig}, |
|---|
| | | {key: 'truncate', reg: /(^|\s)truncate\s/ig}, |
|---|
| | | {key: 'if', reg: /(^|\s)if\s/ig}, |
|---|
| | | {key: 'exec', reg: /exec/ig}, |
|---|
| | | {key: 'OBJECT', reg: /object/ig}, |
|---|
| | | {key: 'sys.', reg: /sys\./ig}, |
|---|
| | | {key: 'kill', reg: /kill/ig} |
|---|
| | | ] |
|---|
| | | |
|---|
| | | if (type === 'customscript') { |
|---|
| | |
|---|
| | | |
|---|
| | | let error = '' |
|---|
| | | chars.forEach(char => { |
|---|
| | | if (!error && new RegExp(char.reg, 'ig').test(sql)) { |
|---|
| | | if (!error && char.reg.test(sql)) { |
|---|
| | | error = char.key |
|---|
| | | } |
|---|
| | | }) |
|---|
