'use strict'; /** * 导入验证类 */ const comoValidate = require('como-validator'); /** * [params_handler 转换参数] * @author szjcomo * @createTime 2020-09-04 * @param {[type]} result [description] * @param {[type]} name [description] * @param {[type]} defaults [description] * @param {[type]} handler [description] * @return {[type]} [description] */ const params_handler = async function(result,name = null,defaults = null,handler = null) { if(name === null){ let tmp = {}; Object.getOwnPropertyNames(result).forEach(key => { if(typeof result[key] !== 'string'){ tmp[key] = result[key]; } else { tmp[key] = escapeHtml(result[key]); } }) return tmp; } if(result.hasOwnProperty(name)) { if(typeof handler === 'function') return await handler.call({},result[name]); if(typeof result[name] !== 'string') return result[name]; return escapeHtml(result[name]); } return defaults; } /** * [htmlspecialchars 转义html 免xss攻击] * @author szjcomo * @createTime 2020-09-04 * @param {[type]} html [description] * @return {[type]} [description] */ const escapeHtml = function(html) { let s = ""; if (html.length == 0) return ""; for (let i=0; i": s += ">"; break; case "&": s += "&"; break; case " ": if(html.substr(i + 1, 1) == " "){ s += "  "; i++; } else s += " "; break; case "\"": s += """; break; default: s += html.substr(i,1); break; } } return s; } /** * [unEscapeHtml 转义html] * @author szjcomo * @createTime 2020-09-04 * @param {[type]} html [description] * @return {[type]} [description] */ const unEscapeHtml = function(html,regs = []) { let content = html.replace(/&/g, '&') .replace(/</g, '<') .replace(/>/g, '>') .replace(/"/g, '"') .replace(/ /g,' ') .replace(/'/g, "'"); regs.forEach(item => { content = content.replace(item.reg,item.value); }) return content; } /** * [exports 扩展表单校验证器] * @type {Object} */ module.exports = { // 获取验证规则类 get rules() { return comoValidate.comoRules.getInstance(); }, /** * 表单验证函数 * * @param {*} rules * @param {*} data */ async validate(rules, data) { return await comoValidate.validate(rules, data); }, /** * [appJson description] * @author szjcomo * @createTime 2020-09-04 * @param {Object} data [description] * @return {[type]} [description] */ appJson(result) { let ctx = this; result = result || ctx.app.szjcomo.appResult('There is no data to return'); return ctx.body = result; }, /** * [appDebug 输出调试信息] * @author szjcomo * @createTime 2020-09-04 * @param {[type]} err [description] * @return {[type]} [description] */ appException(err) { this.logger.error(err); }, /** * [allAny 获取所有参数 不管是post还是get] * @author szjcomo * @createTime 2020-09-04 * @param {[type]} name [description] * @param {[type]} defaults [description] * @param {[type]} handler [description] * @return {[type]} [description] */ async anyParse(name = null,defaults = null,handler = null) { let ctx = this; let options = Object.assign(ctx.request.body,ctx.query); return await params_handler(options,name,defaults,handler); }, /** * [postParse 解析post参数] * @author szjcomo * @createTime 2020-09-04 * @param {[type]} name [description] * @param {[type]} defaults [description] * @param {[type]} handler [description] * @return {[type]} [description] */ async postParse(name = null,defaults = null,handler = null) { let options = this.request.body; return await params_handler(options,name,defaults,handler); }, /** * [getParse 解析get参数] * @author szjcomo * @createTime 2020-09-04 * @param {[type]} name [description] * @param {[type]} defaults [description] * @param {[type]} handler [description] * @return {[type]} [description] */ async getParse(name = null,defaults = null,handler = null) { let options = this.query; return await params_handler(options,name,defaults,handler); }, /** * [escapeHtml html转义] * @author szjcomo * @createTime 2020-09-04 * @param {[type]} html [description] * @return {[type]} [description] */ escapeHtml(html) { return escapeHtml(html); }, /** * [unEscapeHtml 反转义html] * @author szjcomo * @createTime 2020-09-04 * @param {[type]} content [description] * @return {[type]} [description] */ unEscapeHtml(content) { return unEscapeHtml(content); } };