muffin/bot
1
2
Fork 0
Code Issues Pull requests Projects Releases 7 Packages Wiki Activity Actions

fix: sql injection

Browse source
This commit is contained in:
Siwoo Jeon 2023-01-24 20:27:40 +09:00
parent bf32ecefad
commit 78cba77b35
Signed by: migan
GPG key ID: C4151385FFD2082A
5 changed files with 28 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
package.json
View file

@ -7,6 +7,7 @@
"dependencies": { "dependencies": {
"array-shuffle": "^3.0.0", "array-shuffle": "^3.0.0",
"discord.js": "^14.7.1", "discord.js": "^14.7.1",
"dokdo": "^0.6.2",
"dotenv": "^16.0.3", "dotenv": "^16.0.3",
"sqlite3": "^5.1.4" "sqlite3": "^5.1.4"
}, },

2
src/ChatBot.ts
View file

@ -41,7 +41,7 @@ export default class ChatBot {
if (!msg.content.startsWith('머핀아 ')) return if (!msg.content.startsWith('머핀아 ')) return
const sql = `INSERT INTO statement(text) VALUES('${msg.content const sql = `INSERT INTO statement(text) VALUES('${msg.content
.replace('머핀아 ', '') .replace('머핀아 ', '')
.replace("'", '')}');` .replaceAll("'", '')}');`
this.db.run(sql, err => { this.db.run(sql, err => {
if (err) throw err if (err) throw err
}) })

16
src/Client.ts
View file

@ -2,6 +2,7 @@ import { ActivityType, Client, GatewayIntentBits } from 'discord.js'
import ChatBot from './ChatBot.js' import ChatBot from './ChatBot.js'
import { join, dirname } from 'node:path' import { join, dirname } from 'node:path'
import { fileURLToPath } from 'node:url' import { fileURLToPath } from 'node:url'
import Dokdo from 'dokdo'
import 'dotenv/config' import 'dotenv/config'
export default class MuffinAI extends Client { export default class MuffinAI extends Client {
@ -28,6 +29,21 @@ export default class MuffinAI extends Client {
console.log(`먹힐 준비 완료`) console.log(`먹힐 준비 완료`)
}).on('messageCreate', msg => { }).on('messageCreate', msg => {
if (msg.author.bot) return if (msg.author.bot) return
new Dokdo(this, {
prefix: '멒힌아 ',
noPerm: msg =>
msg.reply({
content: '당신은 내 남자친구가 아니야!',
allowedMentions: {
repliedUser: false,
parse: [],
users: [],
roles: [],
},
}),
aliases: ['테스트'],
owners: ['415135882006495242'],
}).run(msg)
if (msg.content.startsWith('머핀아 ')) this.chatBot.getResponse(msg, true) if (msg.content.startsWith('머핀아 ')) this.chatBot.getResponse(msg, true)
else if (msg.content.startsWith('멒힌아 봇꺼')) { else if (msg.content.startsWith('멒힌아 봇꺼')) {
if (msg.author.id !== '415135882006495242') { if (msg.author.id !== '415135882006495242') {

4
tsconfig.json
View file

@ -11,7 +11,7 @@
// "disableReferencedProjectLoad": true, /* Reduce the number of projects loaded automatically by TypeScript. */ // "disableReferencedProjectLoad": true, /* Reduce the number of projects loaded automatically by TypeScript. */
/* Language and Environment */ /* Language and Environment */
"target": "es2020", "target": "es2021",
/* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */ /* Set the JavaScript language version for emitted JavaScript and include compatible library declarations. */
// "lib": [], /* Specify a set of bundled library declaration files that describe the target runtime environment. */ // "lib": [], /* Specify a set of bundled library declaration files that describe the target runtime environment. */
// "jsx": "preserve", /* Specify what JSX code is generated. */ // "jsx": "preserve", /* Specify what JSX code is generated. */
@ -29,7 +29,7 @@
"module": "Node16", "module": "Node16",
/* Specify what module code is generated. */ /* Specify what module code is generated. */
// "rootDir": "./", /* Specify the root folder within your source files. */ // "rootDir": "./", /* Specify the root folder within your source files. */
"moduleResolution": "Node16", /* Specify how TypeScript looks up a file from a given module specifier. */ "moduleResolution": "Node16" /* Specify how TypeScript looks up a file from a given module specifier. */,
// "baseUrl": "./", /* Specify the base directory to resolve non-relative module names. */ // "baseUrl": "./", /* Specify the base directory to resolve non-relative module names. */
// "paths": {}, /* Specify a set of entries that re-map imports to additional lookup locations. */ // "paths": {}, /* Specify a set of entries that re-map imports to additional lookup locations. */
// "rootDirs": [], /* Allow multiple folders to be treated as one when resolving modules. */ // "rootDirs": [], /* Allow multiple folders to be treated as one when resolving modules. */

9
yarn.lock
View file

@ -472,6 +472,13 @@ discord.js@^14.7.1:
undici "^5.13.0" undici "^5.13.0"
ws "^8.11.0" ws "^8.11.0"
dokdo@^0.6.2:
version "0.6.2"
resolved "https://registry.yarnpkg.com/dokdo/-/dokdo-0.6.2.tgz#1e276999f9230f0df54f561992f33a79044d31dc"
integrity sha512-o0m3SSFok+OOvX+Oh8hD17Gx4K/AXSeIv7nZtLPmjkUWDzXO4d4mgQK1s82PDy/QOkDEipV9mm5x8gUNoYHRqA==
dependencies:
node-fetch "^2.6.1"
dotenv@^16.0.3: dotenv@^16.0.3:
version "16.0.3" version "16.0.3"
resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-16.0.3.tgz#115aec42bac5053db3c456db30cc243a5a836a07" resolved "https://registry.yarnpkg.com/dotenv/-/dotenv-16.0.3.tgz#115aec42bac5053db3c456db30cc243a5a836a07"
@ -1114,7 +1121,7 @@ node-addon-api@^4.2.0:
resolved "https://registry.yarnpkg.com/node-addon-api/-/node-addon-api-4.3.0.tgz#52a1a0b475193e0928e98e0426a0d1254782b77f" resolved "https://registry.yarnpkg.com/node-addon-api/-/node-addon-api-4.3.0.tgz#52a1a0b475193e0928e98e0426a0d1254782b77f"
integrity sha512-73sE9+3UaLYYFmDsFZnqCInzPyh3MqIwZO9cw58yIqAZhONrrabrYyYe3TuIqtIiOuTXVhsGau8hcrhhwSsDIQ== integrity sha512-73sE9+3UaLYYFmDsFZnqCInzPyh3MqIwZO9cw58yIqAZhONrrabrYyYe3TuIqtIiOuTXVhsGau8hcrhhwSsDIQ==
node-fetch@^2.6.7: node-fetch@^2.6.1, node-fetch@^2.6.7:
version "2.6.8" version "2.6.8"
resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.8.tgz#a68d30b162bc1d8fd71a367e81b997e1f4d4937e" resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.8.tgz#a68d30b162bc1d8fd71a367e81b997e1f4d4937e"
integrity sha512-RZ6dBYuj8dRSfxpUSu+NsdF1dpPpluJxwOp+6IoDp/sH2QNDSvurYsAa+F1WxY2RjA1iP93xhcsUoYbF2XBqVg== integrity sha512-RZ6dBYuj8dRSfxpUSu+NsdF1dpPpluJxwOp+6IoDp/sH2QNDSvurYsAa+F1WxY2RjA1iP93xhcsUoYbF2XBqVg==