|
|
@@ -6,9 +6,20 @@ local skynet = require "skynet"
|
|
|
local cjson = require "cjson"
|
|
|
|
|
|
|
|
|
-function M.add_column( column_name, column_type)
|
|
|
- local sql = string.format("ALTER TABLE `%s` ADD COLUMN `%s` %s",
|
|
|
- 'log', column_name, column_type)
|
|
|
+function M.add_column( msg_body)
|
|
|
+ local isok ,key = tools.checkData({"column_name","column_type","default_value"},msg_body)
|
|
|
+ if not isok then
|
|
|
+ return false,string.format("缺少字段: %s.", key)
|
|
|
+ end
|
|
|
+ local default_param
|
|
|
+ if type(msg_body.default_value) == "string" then
|
|
|
+ default_param = string.format(" DEFAULT '%s' ",msg_body.default_value)
|
|
|
+ elseif type(msg_body.default_value) == "number" then
|
|
|
+ default_param = string.format(" DEFAULT %d ",msg_body.default_value)
|
|
|
+ end
|
|
|
+ local sql = string.format("ALTER TABLE `%s` ADD COLUMN `%s` %s %s",
|
|
|
+ 'log', msg_body.column_name, msg_body.column_type,default_param)
|
|
|
+ skynet.error("sql:",sql)
|
|
|
mysqldbx.query(sql)
|
|
|
return true, {}
|
|
|
end
|
|
|
@@ -18,47 +29,67 @@ function M.add_log(msg_body)
|
|
|
if not isok then
|
|
|
return false,string.format("缺少字段: %s.", key)
|
|
|
end
|
|
|
+ local current_time = os.date("%Y-%m-%d %H:%M:%S")
|
|
|
local sql
|
|
|
- sql = string.format("INSERT INTO `log` (opt_type,user_id,content) VALUES (%d,%d,'%s')",msg_body.opt_type,msg_body.user_id,cjson.encode(msg_body.content))
|
|
|
- mysqldbx.query(sql)
|
|
|
+ sql = string.format("INSERT INTO `log` (opt_type,user_id,content,create_day) VALUES (%d,%d,'%s','%s')",msg_body.opt_type,msg_body.user_id,cjson.encode(msg_body.content),current_time)
|
|
|
+ skynet.error("sql:",sql)
|
|
|
+ tools.dump(mysqldbx.query(sql))
|
|
|
return true, {}
|
|
|
end
|
|
|
|
|
|
|
|
|
function M.diy_add_log(msg_body)
|
|
|
+ local isok ,key = tools.checkData({"data"},msg_body)
|
|
|
+ if not isok then
|
|
|
+ return false,string.format("缺少字段: %s.", key)
|
|
|
+ end
|
|
|
+ local current_time = os.date("%Y-%m-%d %H:%M:%S")
|
|
|
local table_name = 'log'
|
|
|
local data = msg_body.data
|
|
|
- -- 构建SQL语句
|
|
|
- local fields = {}
|
|
|
- local values = {}
|
|
|
- local placeholders = {}
|
|
|
- local updates = {}
|
|
|
-
|
|
|
- -- 处理数据
|
|
|
+ local fields, values_str = {}, {}
|
|
|
+ -- 改用 table.index 判断替代 contains
|
|
|
+ local sql_functions = {
|
|
|
+ ["CURRENT_TIMESTAMP"] = true,
|
|
|
+ ["NOW()"] = true,
|
|
|
+ ["UUID()"] = true
|
|
|
+ }
|
|
|
+ table.insert(fields, "`" .. "create_day" .. "`")
|
|
|
+ table.insert(values_str, "'" .. current_time .. "'" )
|
|
|
for field, value in pairs(data) do
|
|
|
+ -- 过滤字段名中的非法字符
|
|
|
+ field = field:gsub("[%s`'\"]", "")
|
|
|
table.insert(fields, "`" .. field .. "`")
|
|
|
-
|
|
|
- if value == "CURRENT_TIMESTAMP" or value == "NOW()" then
|
|
|
- table.insert(placeholders, value)
|
|
|
+
|
|
|
+ -- 检查是否为 SQL 函数
|
|
|
+ if sql_functions[value] then
|
|
|
+ table.insert(values_str, value)
|
|
|
else
|
|
|
- table.insert(placeholders, "?")
|
|
|
- table.insert(values, value)
|
|
|
+ -- 处理普通值
|
|
|
+ if type(value) == "number" then
|
|
|
+ table.insert(values_str, tostring(value))
|
|
|
+ elseif type(value) == "string" then
|
|
|
+ table.insert(values_str, "'" .. value:gsub("'", "''") .. "'") -- 转义单引号
|
|
|
+ elseif value == nil then
|
|
|
+ table.insert(values_str, "NULL")
|
|
|
+ elseif type(value) == "table" then
|
|
|
+ table.insert(values_str, "'"..cjson.encode(value).."'")
|
|
|
+ else
|
|
|
+ error("不支持的数据类型: " .. type(value))
|
|
|
+ end
|
|
|
end
|
|
|
-
|
|
|
end
|
|
|
|
|
|
- local sql = "INSERT "
|
|
|
- sql = sql .. "INTO `" .. table_name .. "` (" .. table.concat(fields, ", ") .. ") "
|
|
|
- sql = sql .. "VALUES (" .. table.concat(placeholders, ", ") .. ")"
|
|
|
+ local sql = "INSERT INTO `" .. table_name .. "` (" .. table.concat(fields, ", ") .. ") " ..
|
|
|
+ "VALUES (" .. table.concat(values_str, ", ") .. ")"
|
|
|
+ skynet.error("sql:",sql)
|
|
|
mysqldbx.query(sql)
|
|
|
return true, {}
|
|
|
-
|
|
|
-end
|
|
|
|
|
|
+end
|
|
|
|
|
|
|
|
|
function M.search(msg_body)
|
|
|
- local isok ,key = tools.checkData({"opt_type","user_id","page_size", "page_number","start_create_day","end_create_day"},msg_body)
|
|
|
+ local isok ,key = tools.checkData({"data","opt_type","user_id","page_size", "page_number","start_create_day","end_create_day"},msg_body)
|
|
|
if not isok then
|
|
|
return false,string.format("缺少字段: %s.", key)
|
|
|
end
|
|
|
@@ -83,7 +114,33 @@ function M.search(msg_body)
|
|
|
end
|
|
|
|
|
|
|
|
|
- local param = opt_type_param..user_id_param..create_day_param
|
|
|
+ local diy_param = ""
|
|
|
+ if msg_body.data~="" then
|
|
|
+ local data = msg_body.data
|
|
|
+ local fields, values_str = {}, {}
|
|
|
+ for field, value in pairs(data) do
|
|
|
+ -- 过滤字段名中的非法字符
|
|
|
+ field = field:gsub("[%s`'\"]", "")
|
|
|
+ table.insert(fields, "`" .. field .. "`")
|
|
|
+ local cur_param = ""
|
|
|
+ -- 处理普通值
|
|
|
+ if type(value) == "number" then
|
|
|
+ -- table.insert(values_str, tostring(value))
|
|
|
+ cur_param = " AND ".."`" .. field .. "`".." = "..value
|
|
|
+ elseif type(value) == "string" then
|
|
|
+ cur_param = " AND ".."`" .. field .. "`".." = ".."'" .. value:gsub("'", "''") .. "'"
|
|
|
+ -- table.insert(values_str, "'" .. value:gsub("'", "''") .. "'") -- 转义单引号
|
|
|
+ else
|
|
|
+ error("不支持的数据类型: " .. type(value))
|
|
|
+ end
|
|
|
+
|
|
|
+ diy_param = diy_param..cur_param
|
|
|
+ end
|
|
|
+
|
|
|
+ end
|
|
|
+
|
|
|
+
|
|
|
+ local param = diy_param..opt_type_param..user_id_param..create_day_param
|
|
|
|
|
|
local sql = "SELECT * FROM log WHERE 1=1 "..param.."ORDER BY id DESC"..string.format(" LIMIT %d OFFSET %d ",page_size, offset)
|
|
|
|
