堆栈内存溢出
  简体   繁体   English

如何将JavaScript字符串隐藏为node.js中的可执行代码

[英]How to covert JavaScript string to executable code in node.js

 原文  2019-01-19 22:52:17       javascript/ node.js/ ecmascript-6

问题描述

I have saved query in database. 我已将查询保存在数据库中。 I can get query as a string. 我可以查询字符串。 

INSERT INTO alertsV SET Instance_ID = ${body.add.Instance_ID}

But ${body.add.Instance_ID} is not replacing with value. 但是${body.add.Instance_ID}不会替换为值。

expected result should be INSERT INTO alertsV SET Instance_ID = 1234 预期结果应为INSERT INTO alertsV SET Instance_ID = 1234

I am using nodejs. 我正在使用nodejs。 Please help me how to fix this. 请帮助我解决此问题。 Here is the function. 这是功能。 

  saveFormData: async function (req, res) {
     let form_id = parseInt(req.body.form_id);
     let body = req.body.form_data;
     let saveQuery = await sails.orientDb.command('select actions.save as 
     saveQuery from form where form_id=' + form_id).one();

     saveQuery = saveQuery.saveQuery; // i can get string here 'INSERT INTO alertsV SET Instance_ID = ${body.add.Instance_ID}'
     let result = await sails.orientDb.command(saveQuery).one();
     return res.json(result);
  }

1 个解决方案

解决方案1
 0 已采纳  2019-01-19 23:03:00

You can wrap a string in the template literal backticks and pass it to eval to run string interpolation: 您可以将字符串包装在模板文字反引号中,并将其传递给eval以运行字符串插值: 

saveQuery = eval('`' + saveQuery.saveQuery + '`'); 


 const a = 10; const str = 'test ${a} test'; console.log(eval('`' + str + '`')); /* if it's required to wrap the interpolated value into a quotes, you can do that by wrapping the embedded expression, prior to interpolation: */ console.log(eval('`' + str.replace(/(\\${.*})/, '\\'$1\\'') + '`'));

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Node.js 隐蔽字符串字符集 - Node js covert string charset 如何将 node.js 代码转换为常规浏览器 javascript? - How to convert node.js code to regular browser javascript? 如何调试从 CoffeeScript 生成的 Node.js/JavaScript 代码? - How to debug Node.js/JavaScript code generated from CoffeeScript? 如何在Node.js中安全地执行未知的Javascript代码? - How to safely execute unknown Javascript code in Node.js? 如何处理JavaScript代码及其源映射(在node.js中)? - How to manipulate JavaScript code together with its sourcemap (in node.js)? 如何在node.js和MongoDb中的javascript中混合同步和异步代码 - How to mix sync and async code in javascript in node.js and MongoDb 如何让javascript代码与node.js一起工作? - How to make javascript code to work witn node.js? 如何在Javascript(Node.js)中进行字符串增量? - How to do string increment in Javascript(Node.js)? 使用node.js执行javascript代码 - Executing javascript code with node.js Node.js JavaScript代码段中的跳过代码 - Skipped Code in Node.js JavaScript Snippet
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM