|
@@ -250,15 +250,17 @@ async def generate_import_template(table_id: int, db: Session = Depends(get_db))
|
|
|
|
|
|
|
|
# 数据批量导入
|
|
# 数据批量导入
|
|
|
@router.post("/import_data/{table_id}")
|
|
@router.post("/import_data/{table_id}")
|
|
|
-async def import_data(table_id: int, filename :str, db: Session = Depends(get_db)):
|
|
|
|
|
|
|
+async def import_data(table_id: int,
|
|
|
|
|
+ body = Depends(remove_xss_json), db: Session = Depends(get_db)):
|
|
|
# 获取表结构
|
|
# 获取表结构
|
|
|
table_structure = get_data_field(table_id, db)
|
|
table_structure = get_data_field(table_id, db)
|
|
|
table_name = table_structure["table_name"]
|
|
table_name = table_structure["table_name"]
|
|
|
schema_name = table_structure["schema_name"]
|
|
schema_name = table_structure["schema_name"]
|
|
|
columns = table_structure["columns"]
|
|
columns = table_structure["columns"]
|
|
|
|
|
+ filename = body['filename']
|
|
|
if '../' in filename or '/' in filename:
|
|
if '../' in filename or '/' in filename:
|
|
|
return JSONResponse(status_code=400, content={'code': 400, "msg": '警告:禁止篡改文件路径'})
|
|
return JSONResponse(status_code=400, content={'code': 400, "msg": '警告:禁止篡改文件路径'})
|
|
|
- file_path = f'/data/upload/mergefile/{filename}'
|
|
|
|
|
|
|
+ file_path = f'/data/upload/mergefile/uploads/{filename}'
|
|
|
if not os.path.exists(file_path):
|
|
if not os.path.exists(file_path):
|
|
|
return JSONResponse(status_code=404, content={'code': 404, 'msg': f"文件不存在"})
|
|
return JSONResponse(status_code=404, content={'code': 404, 'msg': f"文件不存在"})
|
|
|
# print("文件不存在,请检查路径!")
|
|
# print("文件不存在,请检查路径!")
|
