docker https://hub.docker.com/r/googlesky/sqlmap
執行指令:
docker run --rm -it -v /tmp/sqlmap:/root/.sqlmap/ googlesky/sqlmap -h GET
docker run --rm -it -v /tmp/sqlmap:/root/.sqlmap/ googlesky/sqlmap --url='https://test.com/date=2020-04-01' --level=5 --risk=3 POST & header token
docker run --rm -it -v /tmp/sqlmap:/root/.sqlmap/ googlesky/sqlmap --url='http://oo.xx.oo.xx:5000/user/info' --headers='Authorization: bearer eyJhbGcoooooxxxxxoooooxx......' --data='{id: "u123"}' --level=5 --risk=3
const typeorm = require("typeorm"); const connectionManager = require("typeorm").getConnectionManager(); //const connectionManager = typeorm.getConnectionManager(); const connected = connectionManager.has("default"); if(!connected){ // ? load connection options from ormconfig or environment //const connectionOptions = await getConnectionOptions(); connectionManager.create({ //name: "default", type: "mysql", // "extra": { // "socketPath": "/cloudsql/ooxxooxx" // }, host: "oo.xx.oo.xx", port: 3306, username: "root", password: "ooxxooxx", database: "ooxxdb", synchronize: false, logging: true, // this.env === 'dev' ? true : false ssl: SSL, keepConnectionAlive: false, }); } try { db = connectionManager.
# Sequelize 基本認識
## 1. Timestamps
https://sequelize.org/v5/manual/models-definition.html#timestamps
## 2. Database synchronization
https://sequelize.org/v5/manual/models-definition.html#database-synchronization
建議不要直接使用於正式環境,應該在測試建立後,取得對應 sql 碼後,在正式上線時,手動更新正式 DB 資料結構
**2.1** 使用 sync 建立的 table name 會加上 s
**2.2** 正常情況下,對 table 操作盡可能還是已手動為主,雖然 Sequelize 有提供一些操作,但減少使用比較安全,當手動操作完畢後,應該把 raw sql 匯出備份,正式上線時,再手動更新
## 3. Modeling a table 建立
https://sequelize.org/v5/manual/getting-started.html
```
const Model = Sequelize.Model;
class User extends Model {}
User.init({
```
建議使用
```
sequelize.define:‘user’, {
// attributes
firstName: {
```
原因,看起來簡單多了
3.1 Model 操作
https://sequelize.org/v5/manual/models-usage.html
## 4. Raw queries
https://github.com/centminmod/centminmod/tree/123.09beta01/config/mysql
https://www.howtoforge.com/tutorial/how-to-install-and-configure-galera-cluster-on-ubuntu-1604/
http://dockone.io/article/128
http://container42.com/2014/11/18/data-only-container-madness/
http://dockone.io/article/129
在volume产生时,是docker run的准备阶段(create),而执行entrypoint.sh则是在启动阶段(start)
