admin/shop-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

base commit

Browse Source
This commit is contained in:
@kirill.komarov
2026-05-10 14:28:35 +05:00
parent 1e376caecc
commit 5ddde15fd3
102 changed files with 332 additions and 7657 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/src/lib/escape-html.js
+8
View File
@@ -0,0 +1,8 @@
/** Минимальное экранирование для безопасного HTML из пользовательского ввода. */
export function escapeHtml(input) {
return String(input ?? '')
.replace(/&/g, '&')
.replace(/</g, '&lt;')
.replace(/>/g, '&gt;')
.replace(/"/g, '&quot;')
}
server/src/lib/upload-images.js
+16
View File
@@ -42,3 +42,19 @@ export async function persistMultipartImages(request, { maxFiles = 10 } = {}) {
return urls
}
/** Сохранить один буфер изображения в uploads/, вернуть путь `/uploads/...`. */
export async function saveImageBufferToUploads(originalFilename, buffer) {
const ext = safeImageExt(originalFilename)
if (!ext) {
throw uploadError('Разрешены только файлы: png, jpg, jpeg, webp')
}
const uploadsDir = path.join(process.cwd(), 'uploads')
await fs.promises.mkdir(uploadsDir, { recursive: true })
const fileName = `${crypto.randomUUID()}${ext}`
const fullPath = path.join(uploadsDir, fileName)
await fs.promises.writeFile(fullPath, buffer)
return `/uploads/${fileName}`
}