timxx/CloudSearch
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(audit): 修复3个审计发现的bug

Browse Source 
- migrateCloudConfigs 缺 } 导致 notify_config/cloud_type_uid 嵌套在 promotion_account 内不迁移
- cloud_configs_v2 INSERT/SELECT 缺 cloud_type_uid/cookie_uid 导致数据丢失
- deploy.sh 密码嵌入改成 docker exec -e 传参(防特殊字符注入)
This commit is contained in:
admin
2026-05-19 14:23:26 +08:00
parent 288d30698a
commit 39724e6e73
4 changed files with 7 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
source_clean/deploy.sh
View File

@@ -97,11 +97,11 @@ done
# -- 强制写入管理员密码 --
info "同步管理员密码..."
sleep 3
docker exec CloudSearch_App node -e '
docker exec -e ADMIN_PASSWORD="$ADMIN_PASSWORD" CloudSearch_App node -e '
var bcrypt = require("bcryptjs");
var Database = require("better-sqlite3");
var db = new Database("/data/database.sqlite");
var hash = bcrypt.hashSync("'"${ADMIN_PASSWORD}"'", 10);
var pw = process.env.ADMIN_PASSWORD || ""; var hash = bcrypt.hashSync(pw, 10);
var existing = db.prepare("SELECT id FROM admins WHERE username = ?").get("admin");
if (existing) {
db.prepare("UPDATE admins SET password_hash = ? WHERE username = ?").run(hash, "admin");