mirror of
https://github.com/praveentcom/openproxy.git
synced 2026-02-13 14:32:51 +00:00
8b90fa2b9e
This commit addresses three important bugs: 1. SQL Injection Prevention (proxy.ts:70-75): - Added whitelist validation for DATABASE_TABLE environment variable - Table names are now validated against ALLOWED_TABLES before use - Prevents potential SQL injection through malicious table names 2. SQL Interval Parameter Bug (dashboard/app/api/metrics/route.ts): - Fixed incorrect INTERVAL syntax in PostgreSQL queries - Changed from INTERVAL '$1 hours' to INTERVAL '1 hour' * $1 - Properly uses parameterized queries with interval multiplication - Affects all 4 queries: summary, recent, model breakdown, and trends 3. Incorrect Property Reference (proxy.ts:206): - Fixed usage.cached_tokens to usage.prompt_tokens_details?.cached_tokens - Aligns with OpenAI API response structure for cached tokens - Ensures accurate logging of cached token usage