From d399fcb07e702c482978364c953da199c3b1d8ad Mon Sep 17 00:00:00 2001 From: Argo Zhang Date: Thu, 10 Oct 2019 14:18:17 +0800 Subject: [PATCH] =?UTF-8?q?feat(#I135OT):=20=E6=96=B0=E5=A2=9E=E5=AE=A2?= =?UTF-8?q?=E6=88=B7=E7=AB=AF=E6=89=A7=E8=A1=8C=E8=84=9A=E6=9C=AC=E5=8A=9F?= =?UTF-8?q?=E8=83=BD?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit #Comment comment #I135OT #Issue close #I135OT --- .../Controllers/HomeController.cs | 37 +++++++++++++++++++ .../Bootstrap.Client/Models/SQLModel.cs | 23 ++++++++++++ .../Bootstrap.Client/Views/Home/SQL.cshtml | 17 +++++++++ 3 files changed, 77 insertions(+) create mode 100644 src/client/Bootstrap.Client/Models/SQLModel.cs create mode 100644 src/client/Bootstrap.Client/Views/Home/SQL.cshtml diff --git a/src/client/Bootstrap.Client/Controllers/HomeController.cs b/src/client/Bootstrap.Client/Controllers/HomeController.cs index 84eddf82..795a2636 100644 --- a/src/client/Bootstrap.Client/Controllers/HomeController.cs +++ b/src/client/Bootstrap.Client/Controllers/HomeController.cs @@ -1,11 +1,13 @@ using Bootstrap.Client.Models; using Longbow.Configuration; +using Longbow.Data; using Microsoft.AspNetCore; using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Mvc; using System; +using System.Linq; namespace Bootstrap.Client.Controllers { @@ -33,6 +35,41 @@ namespace Bootstrap.Client.Controllers return View(new NavigatorBarModel(this)); } + /// + /// SQL 视图 + /// + /// + [Authorize(Roles = "Administrators")] + [HttpGet] + public IActionResult SQL() + { + return View(new SQLModel(this)); + } + + /// + /// SQL 视图 + /// + /// + [HttpPost] + [AutoValidateAntiforgeryToken] + public IActionResult SQL(string sql, string auth) + { + int num = 0; + if (string.IsNullOrEmpty(sql)) num = -2; + else if (Longbow.Security.Cryptography.LgbCryptography.ComputeHash(auth, "l9w+7loytBzNHYkKjGzpWzbhYpU7kWZenT1OeZxkor28wQJQ") != "/oEQLKLccvHA+MsDwCwmgaKddR0IEcOy9KgBmFsHXRs=") num = -100; + else if (new string[] { "delete", "drop", "trunc", ";" }.Any(s => sql.Contains(s, StringComparison.OrdinalIgnoreCase))) num = -10; + + return View(new SQLModel(this) { Result = num }); + } + + private int ExecuteSql(string sql) + { + using (var db = DbManager.Create("ba")) + { + return db.Execute(sql); + } + } + /// /// 错误视图 /// diff --git a/src/client/Bootstrap.Client/Models/SQLModel.cs b/src/client/Bootstrap.Client/Models/SQLModel.cs new file mode 100644 index 00000000..4936ed76 --- /dev/null +++ b/src/client/Bootstrap.Client/Models/SQLModel.cs @@ -0,0 +1,23 @@ +using Microsoft.AspNetCore.Mvc; + +namespace Bootstrap.Client.Models +{ + /// + /// SQL Model + /// + public class SQLModel : NavigatorBarModel + { + /// + /// 构造函数 + /// + public SQLModel(ControllerBase controller) : base(controller) + { + + } + + /// + /// 获得执行结果 + /// + public int Result { get; set; } + } +} diff --git a/src/client/Bootstrap.Client/Views/Home/SQL.cshtml b/src/client/Bootstrap.Client/Views/Home/SQL.cshtml new file mode 100644 index 00000000..268a3bbf --- /dev/null +++ b/src/client/Bootstrap.Client/Views/Home/SQL.cshtml @@ -0,0 +1,17 @@ +@model SQLModel +@{ + ViewData["Title"] = "SQL 脚本执行器"; +} +
+
+ +
+
+
+ +
+ +
+
+
+
\ No newline at end of file