hicccc77/WeFlow
1
0
Fork 0
mirror of https://github.com/hicccc77/WeFlow.git synced 2026-03-24 23:06:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: 修复更新弹窗无响应、内存泄漏、SQL注入、文件句柄泄漏及并发安全问题;优化导出功能

Browse Source
This commit is contained in:
你的名字
2026-02-23 09:55:33 +08:00
parent b7852a8c07
commit ab2c086e93
9 changed files with 289 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
electron/services/analyticsService.ts
View File

@@ -79,14 +79,14 @@ class AnalyticsService {
const chunkSize = 200
for (let i = 0; i < usernames.length; i += chunkSize) {
const chunk = usernames.slice(i, i + chunkSize)
const inList = chunk.map((u) => `'${this.escapeSqlValue(u)}'`).join(',')
if (!inList) continue
// 使用参数化查询防止SQL注入
const placeholders = chunk.map(() => '?').join(',')
const sql = `
SELECT username, alias
FROM contact
WHERE username IN (${inList})
WHERE username IN (${placeholders})
`
const result = await wcdbService.execQuery('contact', null, sql)
const result = await wcdbService.execQuery('contact', null, sql, chunk)
if (!result.success || !result.rows) continue
for (const row of result.rows as Record<string, any>[]) {
const username = row.username || ''