tsai
/
dtm
mirror of https://github.com/dtm-labs/dtm.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

use Escape

pull/251/head
yedf2 4 years ago
parent
419b76c932
commit
37769befc4
4 changed files with 15 additions and 4 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      dtmcli/barrier.go
  2. 2
      dtmcli/dtmimp/trans_base.go
  3. 12
      dtmcli/dtmimp/utils.go
  4. 3
      dtmutil/db.go

2
dtmcli/barrier.go
View File

@ -38,7 +38,7 @@ func (bb *BranchBarrier) newBarrierID() string {
// BarrierFromQuery construct transaction info from request
func BarrierFromQuery(qs url.Values) (*BranchBarrier, error) {
return BarrierFrom(qs.Get("trans_type"), qs.Get("gid"), qs.Get("branch_id"), qs.Get("op"))
return BarrierFrom(dtmimp.EscapeGet(qs, "trans_type"), dtmimp.EscapeGet(qs, "gid"), dtmimp.EscapeGet(qs, "branch_id"), dtmimp.EscapeGet(qs, "op"))
}
// BarrierFrom construct transaction info from request

2
dtmcli/dtmimp/trans_base.go
View File

@ -87,7 +87,7 @@ func (t *TransBase) WithGlobalTransRequestTimeout(timeout int64) {
// TransBaseFromQuery construct transaction info from request
func TransBaseFromQuery(qs url.Values) *TransBase {
return NewTransBase(qs.Get("gid"), qs.Get("trans_type"), qs.Get("dtm"), qs.Get("branch_id"))
return NewTransBase(EscapeGet(qs, "gid"), EscapeGet(qs, "trans_type"), EscapeGet(qs, "dtm"), EscapeGet(qs, "branch_id"))
}
// TransCallDtm TransBase call dtm

12
dtmcli/dtmimp/utils.go
View File

@ -12,6 +12,7 @@ import (
"errors"
"fmt"
"net/http"
"net/url"
"os"
"runtime"
"strconv"
@ -235,3 +236,14 @@ func DeferDo(rerr *error, success func() error, fail func() error) {
}
}()
}
// Escape solve CodeQL reported problem
func Escape(input string) string {
replacer := strings.NewReplacer("'", "", "\n", "", "\r", "", " ", "")
return replacer.Replace(input)
}
// EscapeGet escape get
func EscapeGet(qs url.Values, key string) string {
return Escape(qs.Get(key))
}

3
dtmutil/db.go
View File

@ -3,7 +3,6 @@ package dtmutil
import (
"database/sql"
"fmt"
"strings"
"sync"
"time"
@ -101,7 +100,7 @@ func DbGet(conf dtmcli.DBConf, ops ...func(*gorm.DB)) *DB {
dsn := dtmimp.GetDsn(conf)
db, ok := dbs.Load(dsn)
if !ok {
logger.Debugf("connecting %s", strings.Replace(dsn, conf.Password, "****", 1))
logger.Infof("connecting '%s' '%s' '%s' '%d'", conf.Driver, conf.Host, conf.User, conf.Port)
db1, err := gorm.Open(getGormDialetor(conf.Driver, dsn), &gorm.Config{
SkipDefaultTransaction: true,
})

Write Preview
Loading…
Cancel
Save