0

请查看以下代码,如果我不执行函数中的“卫生”步骤,则代码不会替换字符串值。

有人可以帮助我理解这一点吗?

完整代码:

<script type="text/javascript">
function replaceString(orgStr,oldStr,newStr){

//############# Sanitary Steps #############//
oldStr = oldStr .replace(/[ ]+/g,"$");
oldStr = oldStr .replace(/[$]+/g," ");
orgStr = orgStr .replace(/[ ]+/g,"$");
orgStr = orgStr .replace(/[$]+/g," ");
newStr = newStr .replace(/[ ]+/g,"$");
newStr = newStr .replace(/[$]+/g," ");
//############# Sanitary Steps #############//

orgStr = orgStr.replace(oldStr,newStr);
if(orgStr.indexOf(oldStr) != -1){
orgStr = replaceString(orgStr,oldStr,newStr)
}
return orgStr;
}
var fields = ['"Employee Expense Facts"."Total Expense"','"Expense Amount by Expense Type Facts"."Airfare Expense Amount"'];
var selectedField = 0;
var selectedField = 0;
var qry = 'SELECT rcount(1) s_0, "Employee Expenses"."Time"."Date" s_1, "Employee Expenses"."Employee Expense Facts"."Total Expense" s_2 FROM "Employee Expenses" WHERE ("Employee Expense Facts"."Total Expense" IS NOT NULL) ORDER BY 1, 2 ASC NULLS LAST WHERE ("Employee Expense Facts"."Total Expense" IS NOT NULL) ORDER BY 1, 2 ASC NULLS LAST';
qry = qry .replace(/[\n\t\r]+/g," ");
var qry2 = replaceString(qry,""+fields[0],""+fields[1]);
console.log(qry2);

</script>

帮助我了解为什么我需要执行这些卫生步骤???我通过试错法找到了解决方案。

4

2 回答 2

1

我的建议是:扔掉所有的代码!

现在重新开始,通过普通的表单提交或 ajax 调用将数据从客户端传递到服务器。现在在服务器端处理它们。

永远记住第一条规则:

1) 你永远不能相信所有用户都按照你想要的方式行事。

这就是为什么永远不要创建你的 SQL 客户端!

于 2012-07-11T07:43:07.853 回答
0

问题在于 SQL 本身:

SELECT rcount(1) s_0,
       "Employee Expenses"."Time"."Date" s_1,
       "Employee Expenses"."Employee Expense Facts"."Total Expense" s_2 
FROM   "Employee Expenses" 
WHERE ("Employee Expense Facts"."Total Expense" IS NOT NULL)
       ORDER BY 1, 2 ASC NULLS LAST 
WHERE ("Employee Expense Facts"."Total Expense" IS NOT NULL)
       ORDER BY 1, 2 ASC NULLS LAST

我发现有双引号,即使在使用转义字符后也不会被替换。我尝试用特殊字符替换 ("),然后执行字符串替换,但未能成功。

令人惊讶的是,如果您在本地 HTML 文件上创建此函数,则无需卫生代码即可工作。但是当我在服务器上上传相同的代码时它不起作用。为此,我必须安装卫生管道。

如果有人知道这是为什么造成的,请告诉我:)

谢谢vx

于 2012-07-20T07:23:17.537 回答