|
|
|
@@ -14,6 +14,7 @@ import re |
|
|
|
import frappe.model.meta |
|
|
|
from frappe.utils import now, get_datetime |
|
|
|
from frappe import _ |
|
|
|
import sqlparse |
|
|
|
|
|
|
|
class Database: |
|
|
|
""" |
|
|
|
@@ -181,6 +182,13 @@ class Database: |
|
|
|
else: |
|
|
|
frappe.throw(_("Too many writes in one request. Please send smaller requests"), frappe.ValidationError) |
|
|
|
|
|
|
|
def prevent_multiple_queries(self, query): |
|
|
|
if frappe.flags.in_install_db or frappe.flags.in_install: |
|
|
|
return |
|
|
|
|
|
|
|
if ";" in query and len(sqlparse.parse(query)) > 1: |
|
|
|
frappe.throw(_("Cannot have more than one SQL statement in a query."), frappe.SQLError) |
|
|
|
|
|
|
|
def fetch_as_dict(self, formatted=0, as_utf8=0): |
|
|
|
result = self._cursor.fetchall() |
|
|
|
ret = [] |
|
|
|
@@ -562,23 +570,3 @@ class Database: |
|
|
|
if isinstance(s, unicode): |
|
|
|
s = (s or "").encode("utf-8") |
|
|
|
return unicode(MySQLdb.escape_string(s), "utf-8") |
|
|
|
|
|
|
|
def prevent_multiple_queries(self, query): |
|
|
|
if frappe.flags.in_install_db or frappe.flags.in_install: |
|
|
|
return |
|
|
|
|
|
|
|
query_lower = query.lower().split(";") |
|
|
|
|
|
|
|
if len(query_lower) > 1: |
|
|
|
for q in query_lower[1:]: |
|
|
|
if q.strip() and q.strip().split()[0] in ( |
|
|
|
"update", |
|
|
|
"truncate", |
|
|
|
"alter", |
|
|
|
"drop", |
|
|
|
"create", |
|
|
|
"begin", |
|
|
|
"start transaction", |
|
|
|
"commit" |
|
|
|
): |
|
|
|
frappe.throw(_("Cannot have more than one SQL statement in a query."), frappe.SQLError) |
Anand Doshi
10 лет назад