2 years ago · ac2620d7b4
--- a/sql/archive.py
+++ b/sql/archive.py
@@ -7,8 +7,6 @@ from typing import Optional
 
				 
			
 
				 def create_archive(name: str, describe: str):
			
 
				     """ 创建新归档 """
			
 
				-    name = name.replace("'", "''")
			
 
				-    describe = describe.replace("'", "''")
			
 
				     cur = db.insert("INSERT INTO archive(Name, DescribeText) "
			
 
				                     "VALUES (%s, %s)", name, describe)
			
 
				     if cur is None or cur.rowcount == 0:
			
--- a/sql/blog.py
+++ b/sql/blog.py
@@ -20,9 +20,6 @@ def create_blog(auth_id: int, title: str, subtitle: str, content: str,
 
				     delete_user_blog_count_from_cache(auth_id)
			
 
				     # archive cache 在下面循环删除
			
 
				 
			
 
				-    title = title.replace("'", "''")
			
 
				-    subtitle = subtitle.replace("'", "''")
			
 
				-    content = content.replace("'", "''")
			
 
				     cur = db.insert("INSERT INTO blog(Auth, Title, SubTitle, Content) "
			
 
				                     "VALUES (%s, %s, %s, %s)", auth_id, title, subtitle, content)
			
 
				     if cur is None or cur.rowcount == 0:
			
@@ -41,7 +38,6 @@ def update_blog(blog_id: int, content: str) -> bool:
 
				     """ 更新博客文章 """
			
 
				     delete_blog_from_cache(blog_id)
			
 
				 
			
 
				-    content = content.replace("'", "''")
			
 
				     cur = db.update("Update blog "
			
 
				                     "SET UpdateTime=CURRENT_TIMESTAMP(), Content=%s "
			
 
				                     "WHERE ID=%s", content, blog_id)
			
--- a/sql/comment.py
+++ b/sql/comment.py
@@ -19,7 +19,6 @@ def create_comment(blog_id: int, user_id: int, content: str):
 
				     """ 新建 comment """
			
 
				     delete_user_comment_count_from_cache(user_id)
			
 
				 
			
 
				-    content = content.replace("'", "''")
			
 
				     cur = db.insert("INSERT INTO comment(BlogID, Auth, Content) "
			
 
				                     "VALUES (%s, %s, %s)", blog_id, user_id, content)
			
 
				     if cur is None or cur.rowcount == 0:
			
--- a/sql/msg.py
+++ b/sql/msg.py
@@ -42,7 +42,6 @@ def create_msg(auth: int, content: str, secret: bool = False):
 
				     delete_msg_count_from_cache()
			
 
				     delete_user_msg_count_from_cache(auth)
			
 
				 
			
 
				-    content = content.replace("'", "''")
			
 
				     cur = db.insert("INSERT INTO message(Auth, Content, Secret) "
			
 
				                     "VALUES (%s, %s, %s)", auth, content, 1 if secret else 0)
			
 
				     if cur is None or cur.rowcount != 1:
			
--- a/sql/user.py
+++ b/sql/user.py
@@ -31,7 +31,6 @@ def read_user(email: str):
 
				 
			
 
				 def create_user(email: str, passwd: str):
			
 
				     """ 创建用户 """
			
 
				-    email = email.replace("'", "''")
			
 
				     if len(email) == 0:
			
 
				         return None
			
 
				 
			
@@ -105,7 +104,6 @@ def __authority_to_sql(authority):
 
				 
			
 
				 
			
 
				 def create_role(name: str, authority: List[str]):
			
 
				-    name = name.replace("'", "''")
			
 
				     cur = db.insert("INSERT INTO role(RoleName) VALUES (%s)", name)
			
 
				     if cur is None or cur.rowcount == 0:
			
 
				         return False