mirror of
https://github.com/node-red/node-red-nodes.git
synced 2023-10-10 13:36:58 +02:00
Added a few SQL modes (#360)
This commit is contained in:
parent
b9da5d87d8
commit
babff3ff26
@ -20,22 +20,49 @@
|
||||
|
||||
|
||||
<script type="text/x-red" data-template-name="sqlite">
|
||||
<div class="form-row">
|
||||
<label for="node-input-name"><i class="fa fa-tag"></i> Name</label>
|
||||
<input type="text" id="node-input-name" placeholder="Name">
|
||||
</div>
|
||||
<div class="form-row">
|
||||
<label for="node-input-mydb"><i class="fa fa-database"></i> Database</label>
|
||||
<input type="text" id="node-input-mydb">
|
||||
</div>
|
||||
<div class="form-row">
|
||||
<label for="node-input-name"><i class="fa fa-tag"></i> Name</label>
|
||||
<input type="text" id="node-input-name" placeholder="Name">
|
||||
<label for=""><i class="fa fa-code"></i> SQL Query</label>
|
||||
<select id="node-input-sqlquery">
|
||||
<option value="msg.topic">Via msg.topic</option>
|
||||
<option value="fixed">Fixed Statement</option>
|
||||
<option value="prepared">Prepared Statement</option>
|
||||
</select>
|
||||
</div>
|
||||
<div class="form-row" style="margin-bottom: 0px;">
|
||||
<label for="" style="width: unset;" id="node-input-sqllabel"><i class="fa fa-code"></i> SQL Statement</label>
|
||||
</div>
|
||||
<div>
|
||||
<input type="hidden" id="node-input-sql" autofocus="autofocus">
|
||||
</div>
|
||||
<div class="form-row node-text-editor-row">
|
||||
<div style="height: 250px; min-height:150px;" class="node-text-editor" id="node-input-sql-editor" ></div>
|
||||
</div>
|
||||
</script>
|
||||
|
||||
<script type="text/x-red" data-help-name="sqlite">
|
||||
<p>Allows basic access to a Sqlite database.</p>
|
||||
<p>This node uses the <b>db.all</b> operation against the configured database. This does allow INSERTS, UPDATES and DELETES.
|
||||
<p>Allows access to a Sqlite database.</p>
|
||||
<p>SQL Query sets how the query is passed to the node.</p>
|
||||
<p>SQL Query <i>Via msg.topic</i> and <i>Fixed Statement</i> uses the <b>db.all</b> operation against the configured database. This does allow INSERTS, UPDATES and DELETES.
|
||||
By its very nature it is SQL injection... so <i>be careful out there...</i></p>
|
||||
<p><code>msg.topic</code> must hold the <i>query</i> for the database, and the result is returned in <code>msg.payload</code>.</p>
|
||||
<p><code>msg.payload</code> can contain an array of values to bind to the topic.</p>
|
||||
<p>SQL Type <i>Prepared Statement</i> also uses <b>db.all</b> but sanitizes parameters passed, eliminating the possibility of SQL injection.</p>
|
||||
<p>When using msg.topic <code>msg.topic</code> must hold the <i>query</i> for the database.</p>
|
||||
<p>When using Normal or Prepared the <i>query</i> must be entered in the node config.</p>
|
||||
<p>Pass in the parameters as an object in <code>msg.params</code> for Prepared. Ex:<br />
|
||||
<code>msg.params = {<br />
|
||||
$id:1,<br />
|
||||
$name:"John Doe"<br />
|
||||
}</code><br />
|
||||
Parameter object names must match parameters set up in the Prepared Statement. If you get the error <code>SQLITE_RANGE: bind or column index out of range</code>
|
||||
be sure to include $ on the parameter object key.</p>
|
||||
<p>Using any SQL Query, the result is returned in <code>msg.payload</code></p>
|
||||
<p>Typically the returned payload will be an array of the result rows, (or an error).</p>
|
||||
<p>The reconnect timeout in milliseconds can be changed by adding a line to <b>settings.js</b>
|
||||
<pre>sqliteReconnectTime: 20000,</pre></p>
|
||||
@ -47,6 +74,8 @@
|
||||
color:"#e97b00",
|
||||
defaults: {
|
||||
mydb: {type:"sqlitedb",required:true},
|
||||
sqlquery: {value:"msg.topic",required:true},
|
||||
sql: {value:""},
|
||||
name: {value:""}
|
||||
},
|
||||
inputs:1,
|
||||
@ -56,8 +85,59 @@
|
||||
var dbNode = RED.nodes.node(this.mydb);
|
||||
return this.name||(dbNode?dbNode.label():"sqlite");
|
||||
},
|
||||
labelStyle: function() {
|
||||
labelStyle: function() {
|
||||
return this.name?"node_label_italic":"";
|
||||
},
|
||||
oneditprepare: function() {
|
||||
var ace = this;
|
||||
this.editor = RED.editor.createEditor({
|
||||
id: 'node-input-sql-editor',
|
||||
mode: 'ace/mode/sql',
|
||||
value: $("#node-input-sql").val(),
|
||||
globals: {
|
||||
msg:true,
|
||||
context:true,
|
||||
RED: true,
|
||||
util: true,
|
||||
flow: true,
|
||||
global: true,
|
||||
console: true,
|
||||
Buffer: true,
|
||||
setTimeout: true,
|
||||
clearTimeout: true,
|
||||
setInterval: true,
|
||||
clearInterval: true
|
||||
}
|
||||
});
|
||||
|
||||
$("#node-input-sqlquery").change(function() {
|
||||
if ($("#node-input-sqlquery").val() == "msg.topic"){
|
||||
$("#node-input-sqllabel").hide();
|
||||
$("#node-input-sql-editor").hide();
|
||||
}
|
||||
else{
|
||||
$("#node-input-sqllabel").show();
|
||||
$("#node-input-sql-editor").show();
|
||||
ace.editor.renderer.updateFull();
|
||||
}
|
||||
});
|
||||
$("#node-input-sqlquery").change();
|
||||
},
|
||||
oneditsave: function() {
|
||||
$("#node-input-sql").val(this.editor.getValue());
|
||||
this.editor.destroy();
|
||||
delete this.editor;
|
||||
},
|
||||
oneditresize: function(size) {
|
||||
var rows = $("#dialog-form>div:not(.node-text-editor-row)");
|
||||
var height = $("#dialog-form").height();
|
||||
for (var i=0; i<rows.size(); i++) {
|
||||
height -= $(rows[i]).outerHeight(true);
|
||||
}
|
||||
var editorRow = $("#dialog-form>div.node-text-editor-row");
|
||||
height -= (parseInt(editorRow.css("marginTop"))+parseInt(editorRow.css("marginBottom")));
|
||||
$(".node-text-editor").css("height",height+"px");
|
||||
this.editor.resize();
|
||||
}
|
||||
});
|
||||
</script>
|
||||
|
@ -1,4 +1,3 @@
|
||||
|
||||
module.exports = function(RED) {
|
||||
"use strict";
|
||||
var reconnect = RED.settings.sqliteReconnectTime || 20000;
|
||||
@ -33,26 +32,75 @@ module.exports = function(RED) {
|
||||
function SqliteNodeIn(n) {
|
||||
RED.nodes.createNode(this,n);
|
||||
this.mydb = n.mydb;
|
||||
this.sqlquery = n.sqlquery||"msg.topic";
|
||||
this.sql = n.sql;
|
||||
this.mydbConfig = RED.nodes.getNode(this.mydb);
|
||||
var node = this;
|
||||
node.status({});
|
||||
|
||||
if (this.mydbConfig) {
|
||||
this.mydbConfig.doConnect();
|
||||
var node = this;
|
||||
var bind = [];
|
||||
node.on("input", function(msg) {
|
||||
if (typeof msg.topic === 'string') {
|
||||
//console.log("query:",msg.topic);
|
||||
var bind = Array.isArray(msg.payload) ? msg.payload : [];
|
||||
node.mydbConfig.db.all(msg.topic, bind, function(err, row) {
|
||||
if (err) { node.error(err,msg); }
|
||||
else {
|
||||
msg.payload = row;
|
||||
node.send(msg);
|
||||
if (this.sqlquery == "msg.topic"){
|
||||
if (typeof msg.topic === 'string') {
|
||||
bind = Array.isArray(msg.payload) ? msg.payload : [];
|
||||
node.mydbConfig.db.all(msg.topic, bind, function(err, row) {
|
||||
if (err) { node.error(err,msg); }
|
||||
else {
|
||||
msg.payload = row;
|
||||
node.send(msg);
|
||||
}
|
||||
});
|
||||
}
|
||||
else {
|
||||
if (typeof msg.topic !== 'string') {
|
||||
node.error("msg.topic : the query is not defined as a string",msg);
|
||||
node.status({fill:"red",shape:"dot",text:"msg.topic error"});
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
||||
else {
|
||||
if (typeof msg.topic !== 'string') {
|
||||
node.error("msg.topic : the query is not defined as a string",msg);
|
||||
if (this.sqlquery == "fixed"){
|
||||
if (typeof this.sql === 'string'){
|
||||
bind = Array.isArray(msg.payload) ? msg.payload : [];
|
||||
node.mydbConfig.db.all(this.sql, bind, function(err, row) {
|
||||
if (err) { node.error(err,msg); }
|
||||
else {
|
||||
msg.payload = row;
|
||||
node.send(msg);
|
||||
}
|
||||
});
|
||||
}
|
||||
else{
|
||||
if (this.sql === null || this.sql == ""){
|
||||
node.error("SQL statement config not set up",msg);
|
||||
node.status({fill:"red",shape:"dot",text:"SQL config not set up"});
|
||||
}
|
||||
}
|
||||
}
|
||||
if (this.sqlquery == "prepared"){
|
||||
if (typeof this.sql === 'string' && typeof msg.params !== "undefined" && typeof msg.params === "object"){
|
||||
node.mydbConfig.db.all(this.sql, msg.params, function(err, row) {
|
||||
if (err) { node.error(err,msg); }
|
||||
else {
|
||||
msg.payload = row;
|
||||
node.send(msg);
|
||||
}
|
||||
});
|
||||
}
|
||||
else{
|
||||
if (this.sql === null || this.sql == ""){
|
||||
node.error("Prepared statement config not set up",msg);
|
||||
node.status({fill:"red",shape:"dot",text:"Prepared statement not set up"});
|
||||
}
|
||||
if (typeof msg.params == "undefined"){
|
||||
node.error("msg.params not passed");
|
||||
node.status({fill:"red",shape:"dot",text:"msg.params not passed",msg});
|
||||
}
|
||||
else if (typeof msg.params != "object"){
|
||||
node.error("msg.params not an object");
|
||||
node.status({fill:"red",shape:"dot",text:"msg.params not an object",msg});
|
||||
}
|
||||
}
|
||||
}
|
||||
});
|
||||
|
Loading…
Reference in New Issue
Block a user