From 9e69de3db17d8952f62270f08b5a0765a61eff58 Mon Sep 17 00:00:00 2001 From: root Date: Mon, 26 Feb 2018 15:50:32 +0100 Subject: [PATCH] Add sql query support --- database.py | 15 +++++++++++++++ worker.py | 20 ++++++++++++++++++++ 2 files changed, 35 insertions(+) diff --git a/database.py b/database.py index a6c0745..df11487 100755 --- a/database.py +++ b/database.py @@ -125,6 +125,21 @@ class DataBase: result = self.execute(sql) return(result) + def command(self, sql): + if 'DELETE' in sql.upper() \ + or 'INSERT' in sql.upper() \ + or 'UPDATE' in sql.upper() \ + or 'CREATE' in sql.upper() \ + or 'ALTER' in sql.upper(): + return('gtfo') + try: + if 'LIMIT' in sql.upper()[-9:]: + result = self.execute(sql) + else: + result = self.execute(sql + ' limit 20') + except Exception as err: + result = err + return(result) def close(self): self.conn.close() diff --git a/worker.py b/worker.py index df58202..239eeb5 100755 --- a/worker.py +++ b/worker.py @@ -45,6 +45,25 @@ class MessageWorker: user_id=user_id) return True + if msg['message']['text'][:4] == '/sql': + conf_id = msg['message']['chat']['id'] + user_id = msg['message']['from']['id'] + chat_title = msg['message']['chat']['title'] + self.db.add_conf(conf_id, chat_title) + sql = msg['message']['text'][5:] + + res = self.db.command(sql) + try: + msg = '```\n' + for z in res: + for i in z: + msg = msg + str(i) + '\t' + msg = msg + '\n' + except: + msg = res + self.send(id=conf_id, msg=msg + ' ```') + return True + if msg['message']['text'] == '@here': conf_id = msg['message']['chat']['id'] user_id = msg['message']['from']['id'] @@ -123,6 +142,7 @@ class MessageWorker: return collection def send(self, id, msg): + print(msg) url = settings.parser.get('bot', 'telegram_api') + \ 'bot'+ settings.parser.get('bot', 'telegram_key') \ + '/sendMessage'