fix 修复代码生成单图上传字段名，列表搜素orderBy参数校验，防止sql注入

internal/app/common/model/common.go

@@ -9,10 +9,10 @@ package model
 
 // PageReq 公共请求参数
 type PageReq struct {
-	DateRange []string `p:"dateRange"` //日期范围
-	PageNum   int      `p:"pageNum"`   //当前页码
-	PageSize  int      `p:"pageSize"`  //每页数
-	OrderBy   string   //排序方式
+	DateRange []string `p:"dateRange"`                                                                                                                                                       //日期范围
+	PageNum   int      `p:"pageNum"`                                                                                                                                                         //当前页码
+	PageSize  int      `p:"pageSize"`                                                                                                                                                        //每页数
+	OrderBy   string   `p:"orderBy" v:"regex:^[a-zA-Z0-9_]+(\\.[a-zA-Z0-9_]+)?\\s+(asc|desc|ASC|DESC)(?:\\s*,\\s*[a-zA-Z0-9_]+(\\.[a-zA-Z0-9_]+)?\\s+(asc|desc|ASC|DESC))*$#排序参数不合法"` // 排序方式
 }
 
 // ListRes 列表公共返回

internal/consts/version.go

@@ -9,5 +9,5 @@ package consts
 
 const (
 	Logo    = `CiAgIF9fX19fX19fX19fXyAgICAgICAgICAgX18gCiAgLyBfX19fLyBfX19fL19fXyBfX19fX18vIC9fCiAvIC8gX18vIC9fICAvIF9fIGAvIF9fXy8gX18vCi8gL18vIC8gX18vIC8gL18vIChfXyAgKSAvXyAgClxfX19fL18vICAgIFxfXyxfL19fX18vXF9fLyAg`
-	Version = "3.3.5"
+	Version = "3.3.6"
 )

resource/template/vm/vue/edit-vue.template

@@ -187,7 +187,7 @@
             class="avatar-uploader"
             name="file"
           >
-            <div v-if="!proxy.isEmpty(imageUrlThumb)">
+            <div v-if="!proxy.isEmpty(imageUrl{{$column.GoField}})">
               <el-link type="danger" style="position: absolute; right: 5px; top: 6px;font-size: 18px;" :underline="false" @click.stop="deleteImageUrl{{$column.GoField}}" title="删除">
                 <el-icon><ele-DeleteFilled /></el-icon>
               </el-link>