From 88b2854c40c76750372ae83b862acbb5f5b11776 Mon Sep 17 00:00:00 2001
From: wangky <m1561510467@163.com>
Date: 星期二, 05 十一月 2024 14:57:24 +0800
Subject: [PATCH] 1

---
 Server/王琨元/code/ConnectionPool.cpp |    5 
 Server/王琨元/code/MysqlConn.h        |    5 +
 Server/王琨元/code/MysqlConn.cpp      |  167 ++++++++++++++++++++++++-----------------
 表.docx                             |    0 
 Server/王琨元/log/日志模板_王琨元_1104.doc   |    0 
 Server/王琨元/log/~$模板_王琨元_1104.doc   |    0 
 Server/王琨元/code/ConnectionPool.h   |    4 
 7 files changed, 107 insertions(+), 74 deletions(-)

diff --git "a/Server/\347\216\213\347\220\250\345\205\203/code/ConnectionPool.cpp" "b/Server/\347\216\213\347\220\250\345\205\203/code/ConnectionPool.cpp"
index 548d07f..ce7acb2 100644
--- "a/Server/\347\216\213\347\220\250\345\205\203/code/ConnectionPool.cpp"
+++ "b/Server/\347\216\213\347\220\250\345\205\203/code/ConnectionPool.cpp"
@@ -1,3 +1,4 @@
+#include "stdafx.h"
 #include "ConnectionPool.h"
 
 #include <fstream>
@@ -30,7 +31,7 @@
 
 bool ConnectionPool::parseJsonFile() {
 
-	std::ifstream ifs("dbconf.json");
+	/*std::ifstream ifs("dbconf.json");
 	Reader rd;
 	Value root;
 	rd.parse(ifs, root);
@@ -45,7 +46,7 @@
 		max_del_time = root["maxDleTime"].asInt();
 		m_timeout = root["timeout"].asInt();
 		return true;
-	}
+	}*/
 	return false;
 }
 
diff --git "a/Server/\347\216\213\347\220\250\345\205\203/code/ConnectionPool.h" "b/Server/\347\216\213\347\220\250\345\205\203/code/ConnectionPool.h"
index fe89205..bce6a07 100644
--- "a/Server/\347\216\213\347\220\250\345\205\203/code/ConnectionPool.h"
+++ "b/Server/\347\216\213\347\220\250\345\205\203/code/ConnectionPool.h"
@@ -3,11 +3,11 @@
 #include <queue>
 #include <mutex>
 #include <condition_variable>
-#include <json/json.h>
+//#include <json/json.h>
 
 #include "MysqlConn.h"
 
-using namespace Json;
+//using namespace Json;
 
 class ConnectionPool
 {
diff --git "a/Server/\347\216\213\347\220\250\345\205\203/code/MysqlConn.cpp" "b/Server/\347\216\213\347\220\250\345\205\203/code/MysqlConn.cpp"
index cf3a431..5725af8 100644
--- "a/Server/\347\216\213\347\220\250\345\205\203/code/MysqlConn.cpp"
+++ "b/Server/\347\216\213\347\220\250\345\205\203/code/MysqlConn.cpp"
@@ -1,115 +1,144 @@
+#include "stdafx.h"
 #include "MysqlConn.h"
 #include <regex>
+
+
 // 初始化连接
 MysqlConn::MysqlConn() {
-	mysql_ = mysql_init( mysql_ );
-	// 设置字符集
-	if( mysql_ )   mysql_set_character_set(mysql_ , "gbk");
+    mysql_ = mysql_init(mysql_);
+    // 设置字符集
+    if (mysql_) mysql_set_character_set(mysql_, "gbk");
 }
 
 // 连接数据库
-bool MysqlConn::connect( std::string ip, std::string userName, std::string passwd, std::string db, int port ) {
-	mysql_ = mysql_real_connect(mysql_, ip.c_str(), userName.c_str(), passwd.c_str(), db.c_str(), port, nullptr, 0);
-	if (!mysql_) {
-		return false;
-	}
-	return true;
+bool MysqlConn::connect(std::string ip, std::string userName, std::string passwd, std::string db, int port) {
+    mysql_ = mysql_real_connect(mysql_, ip.c_str(), userName.c_str(), passwd.c_str(), db.c_str(), port, nullptr, 0);
+    if (!mysql_) {
+        return false;
+    }
+    return true;
 }
 
 // 释放资源
 MysqlConn::~MysqlConn() {
-	if (mysql_) {
-		mysql_close(mysql_);
-		mysql_ = nullptr;
-	}
-	freeRes();
+    if (mysql_) {
+        mysql_close(mysql_);
+        mysql_ = nullptr;
+    }
+    freeRes();
 }
+
 // 更新数据
-bool MysqlConn::update( std::string sql ) {
-	if (!isSqlSafe(sql))
-	{
-		return false;
-	}
-	int ret = mysql_query( mysql_ , sql.c_str());
-	if( ret != 0 ){
-		return false;
-	}
-	return true;
+bool MysqlConn::update(std::string sql) {
+    // 参数化查询优化后的安全检查
+    MYSQL_STMT* stmt = mysql_stmt_init(mysql_);
+    if (!stmt) {
+        return false;
+    }
+    if (mysql_stmt_prepare(stmt, sql.c_str(), sql.length())) {
+        mysql_stmt_close(stmt);
+        return false;
+    }
+    int paramCount = mysql_stmt_param_count(stmt);
+    if (paramCount > 0) {
+        // 如果有参数，需要进行参数绑定等操作，这里暂不实现
+        mysql_stmt_close(stmt);
+        return false;
+    }
+    if (mysql_stmt_execute(stmt)) {
+        mysql_stmt_close(stmt);
+        return false;
+    }
+    mysql_stmt_close(stmt);
+    return true;
 }
 
 // 查询数据库
 bool MysqlConn::query(std::string sql) {
-	freeRes( );
-	if (!isSqlSafe(sql))
-	{
-		return false;
-	}
-	int ret = mysql_query(mysql_, sql.c_str());
-	if (ret != 0)   return false;
-	
-	// 获取查询结果
-	res_ = mysql_store_result(mysql_);
-	if (!res_)   return false;
-	return true;
+    freeRes();
+    // 参数化查询优化后的安全检查
+    MYSQL_STMT* stmt = mysql_stmt_init(mysql_);
+    if (!stmt) {
+        return false;
+    }
+    if (mysql_stmt_prepare(stmt, sql.c_str(), sql.length())) {
+        mysql_stmt_close(stmt);
+        return false;
+    }
+    int paramCount = mysql_stmt_param_count(stmt);
+    if (paramCount > 0) {
+        // 如果有参数，需要进行参数绑定等操作，这里暂不实现
+        mysql_stmt_close(stmt);
+        return false;
+    }
+    if (mysql_stmt_execute(stmt)) {
+        mysql_stmt_close(stmt);
+        return false;
+    }
+    res_ = mysql_stmt_result_metadata(stmt);
+    if (!res_) {
+        mysql_stmt_close(stmt);
+        return false;
+    }
+    mysql_stmt_close(stmt);
+    return true;
 }
 
 // 得到结果集
 bool MysqlConn::getResult() {
-	if (res_) {
-		row_ = mysql_fetch_row(res_);
-		if(row_)  return true;
-	}
-	return false;
+    if (res_) {
+        row_ = mysql_fetch_row(res_);
+        if (row_) return true;
+    }
+    return false;
 }
 
 // 获取结果集的字段
-std::string MysqlConn::getField( int index ) {
-	int cols = mysql_num_fields(res_);
-	if ( index >= cols || index < 0 )   return std::string("");
-	
-	char* value = row_[index];
-	unsigned long  len = mysql_fetch_lengths(res_)[index];
-	return  std::string(value, len);
+std::string MysqlConn::getField(int index) {
+    int cols = mysql_num_fields(res_);
+    if (index >= cols || index < 0) return std::string("");
+
+    char* value = row_[index];
+    unsigned long len = mysql_fetch_lengths(res_)[index];
+    return std::string(value, len);
 }
 
 // 事务操作
 bool MysqlConn::transaction() {
-	return mysql_autocommit(mysql_ ,false );
+    return mysql_autocommit(mysql_, false);
 }
 
 // 提交事务
 bool MysqlConn::commit() {
-	return mysql_commit(mysql_);
+    return mysql_commit(mysql_);
 }
 
 // 事务回滚
 bool MysqlConn::rollback() {
-	return mysql_rollback(mysql_);
+    return mysql_rollback(mysql_);
 }
 
-void MysqlConn::refreshActiveTime()
-{
-	activeTime_  = std::chrono::steady_clock::now();
+void MysqlConn::refreshActiveTime() {
+    activeTime_ = std::chrono::steady_clock::now();
 }
 
-long long MysqlConn::getActiveTime()
-{
-	 // 纳米
-	 std::chrono::nanoseconds  nased =  std::chrono::steady_clock::now() - activeTime_;
-	 // 转换成毫米
-	 std::chrono::microseconds millsed = std::chrono::duration_cast<std::chrono::microseconds>( nased );
-	 return millsed.count( );   // 多少毫秒
+long long MysqlConn::getActiveTime() {
+    // 纳米
+    std::chrono::nanoseconds nased = std::chrono::steady_clock::now() - activeTime_;
+    // 转换成毫米
+    std::chrono::microseconds millsed = std::chrono::duration_cast<std::chrono::microseconds>(nased);
+    return millsed.count();   // 多少毫秒
 }
+
 // 安全校验实现，这里简单使用正则表达式判断是否包含危险字符
-bool MysqlConn::isSqlSafe(const std::string& sql)
-{
-	std::regex dangerousPattern(".*(['\";\\-+=]).*");
-	return!std::regex_search(sql, dangerousPattern);
+bool MysqlConn::isSqlSafe(const std::string& sql) {
+    std::regex dangerousPattern(".*(['\";\\-+=]).*");
+    return!std::regex_search(sql, dangerousPattern);
 }
 
 void MysqlConn::freeRes() {
-	if (res_) {
-		mysql_free_result(res_);
-		res_ = nullptr;
-	}
+    if (res_) {
+        mysql_free_result(res_);
+        res_ = nullptr;
+    }
 }
\ No newline at end of file
diff --git "a/Server/\347\216\213\347\220\250\345\205\203/code/MysqlConn.h" "b/Server/\347\216\213\347\220\250\345\205\203/code/MysqlConn.h"
index 577bb2c..00c9917 100644
--- "a/Server/\347\216\213\347\220\250\345\205\203/code/MysqlConn.h"
+++ "b/Server/\347\216\213\347\220\250\345\205\203/code/MysqlConn.h"
@@ -2,10 +2,13 @@
 
 #include <string>
 #include <WinSock2.h>
-#include <mysql.h>
+//#include <mysql.h>
+#include "MySQL/include/mysql.h"
 #include <string.h>
 #include <chrono>
 
+#pragma comment(lib,"./MySQL/lib/libmysql.lib")
+
 class MysqlConn
 {
 public:
diff --git "a/Server/\347\216\213\347\220\250\345\205\203/log/~$\346\250\241\346\235\277_\347\216\213\347\220\250\345\205\203_1104.doc" "b/Server/\347\216\213\347\220\250\345\205\203/log/~$\346\250\241\346\235\277_\347\216\213\347\220\250\345\205\203_1104.doc"
new file mode 100644
index 0000000..8b245e2
--- /dev/null
+++ "b/Server/\347\216\213\347\220\250\345\205\203/log/~$\346\250\241\346\235\277_\347\216\213\347\220\250\345\205\203_1104.doc"
Binary files differ
diff --git "a/Server/\347\216\213\347\220\250\345\205\203/log/\346\227\245\345\277\227\346\250\241\346\235\277_\347\216\213\347\220\250\345\205\203_1104.doc" "b/Server/\347\216\213\347\220\250\345\205\203/log/\346\227\245\345\277\227\346\250\241\346\235\277_\347\216\213\347\220\250\345\205\203_1104.doc"
new file mode 100644
index 0000000..9461d22
--- /dev/null
+++ "b/Server/\347\216\213\347\220\250\345\205\203/log/\346\227\245\345\277\227\346\250\241\346\235\277_\347\216\213\347\220\250\345\205\203_1104.doc"
Binary files differ
diff --git "a/\350\241\250.docx" "b/\350\241\250.docx"
index 5677713..bb4ce96 100644
--- "a/\350\241\250.docx"
+++ "b/\350\241\250.docx"
Binary files differ

--
Gitblit v1.8.0