25 lines
756 B
Python
25 lines
756 B
Python
from rest_framework.exceptions import ParseError
|
|
import json
|
|
from jinja2 import Template
|
|
|
|
forbidden_keywords = ["UPDATE", "DELETE", "DROP", "TRUNCATE"]
|
|
|
|
|
|
def check_sql_safe(sql: str):
|
|
"""检查sql安全性
|
|
"""
|
|
sql_upper = sql.upper()
|
|
for kw in forbidden_keywords:
|
|
if kw in sql_upper:
|
|
raise ParseError('sql查询有风险')
|
|
return sql
|
|
|
|
def format_json_with_placeholders(json_str, **kwargs):
|
|
formatted_json = json_str
|
|
|
|
# 遍历关键字参数,将占位符替换为对应的值
|
|
for key, value in kwargs.items():
|
|
formatted_json = formatted_json.replace("{" + key + "}", json.dumps(value))
|
|
|
|
# 格式化后的字符串依然是 JSON 字符串,没有使用 json.loads()
|
|
return formatted_json |