From c2adf7ec5cc810d454444a53f94207e0aac5b5d8 Mon Sep 17 00:00:00 2001
From: taojinlong <jinlong@fit2cloud.com>
Date: Mon, 27 Feb 2023 13:49:52 +0800
Subject: [PATCH 1/3] =?UTF-8?q?fix:=20=E6=9B=B4=E6=96=B0demo=E6=95=B0?=
 =?UTF-8?q?=E6=8D=AE=E6=BA=90=E4=BF=A1=E6=81=AF?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../java/io/dataease/service/datasource/DatasourceService.java | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/backend/src/main/java/io/dataease/service/datasource/DatasourceService.java b/backend/src/main/java/io/dataease/service/datasource/DatasourceService.java
index 80474a31b3..e3f5ff4cd7 100644
--- a/backend/src/main/java/io/dataease/service/datasource/DatasourceService.java
+++ b/backend/src/main/java/io/dataease/service/datasource/DatasourceService.java
@@ -650,6 +650,9 @@ public class DatasourceService {
 
     public void updateDemoDs() {
         Datasource datasource = datasourceMapper.selectByPrimaryKey("76026997-94f9-4a35-96ca-151084638969");
+        if(datasource == null){
+            return;
+        }
         MysqlConfiguration mysqlConfiguration = new Gson().fromJson(datasource.getConfiguration(), MysqlConfiguration.class);
         Pattern WITH_SQL_FRAGMENT = Pattern.compile("jdbc:mysql://(.*):(\\d+)/(.*)");
         Matcher matcher = WITH_SQL_FRAGMENT.matcher(env.getProperty("spring.datasource.url"));

From 1088be209f12071a5576ff0fef684a0d79fa2954 Mon Sep 17 00:00:00 2001
From: taojinlong <jinlong@fit2cloud.com>
Date: Mon, 27 Feb 2023 15:37:08 +0800
Subject: [PATCH 2/3] =?UTF-8?q?fix:=20=E5=90=8C=E6=AD=A5mysql=E6=95=B0?=
 =?UTF-8?q?=E6=8D=AE=E5=87=BA=E9=94=99?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../io/dataease/provider/query/mysql/MysqlQueryProvider.java | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/backend/src/main/java/io/dataease/provider/query/mysql/MysqlQueryProvider.java b/backend/src/main/java/io/dataease/provider/query/mysql/MysqlQueryProvider.java
index 1ccc4b2893..f11c668189 100644
--- a/backend/src/main/java/io/dataease/provider/query/mysql/MysqlQueryProvider.java
+++ b/backend/src/main/java/io/dataease/provider/query/mysql/MysqlQueryProvider.java
@@ -808,7 +808,8 @@ public class MysqlQueryProvider extends QueryProvider {
             }
             return stringBuilder.toString();
         }).toArray(String[]::new);
-        return MessageFormat.format("SELECT {0} FROM {1}  LIMIT DE_OFFSET, DE_PAGE_SIZE ", StringUtils.join(array, ","), String.format(MySQLConstants.KEYWORD_TABLE, table));
+        table = table.trim().startsWith("(") ? table : String.format(MySQLConstants.KEYWORD_TABLE, table);
+        return MessageFormat.format("SELECT {0} FROM {1}  LIMIT DE_OFFSET, DE_PAGE_SIZE ", StringUtils.join(array, ","), table);
     }
 
     public String getTotalCount(boolean isTable, String sql, Datasource ds) {
@@ -821,7 +822,7 @@ public class MysqlQueryProvider extends QueryProvider {
 
     @Override
     public String createRawQuerySQLAsTmp(String sql, List<DatasetTableField> fields) {
-        return createRawQuerySQL(" (" + sqlFix(sql) + ") AS DE_TEMP", fields, null);
+        return createRawQuerySQL("(" + sqlFix(sql) + ") AS DE_TEMP", fields, null);
     }
 
     public String transTreeItem(SQLObj tableObj, DatasetRowPermissionsTreeItem item) {

From 38074db9f251c31fd29e88f01c274e4438f05044 Mon Sep 17 00:00:00 2001
From: wangjiahao <1522128093@qq.com>
Date: Mon, 27 Feb 2023 16:26:49 +0800
Subject: [PATCH 3/3] =?UTF-8?q?fix(=E4=BB=AA=E8=A1=A8=E6=9D=BF):=E4=BF=AE?=
 =?UTF-8?q?=E5=A4=8D=E9=83=A8=E5=88=86=E5=AF=8C=E6=96=87=E6=9C=AC=E7=BB=84?=
 =?UTF-8?q?=E4=BB=B6=E6=A0=B7=E5=BC=8F=E6=97=A0=E6=B3=95=E4=BF=9D=E5=AD=98?=
 =?UTF-8?q?=E9=97=AE=E9=A2=98?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 .../src/components/canvas/customComponent/DeRichText.vue   | 3 +--
 .../components/canvas/customComponent/DeRichTextView.vue   | 7 +++++--
 frontend/src/components/canvas/utils/utils.js              | 4 ++++
 3 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/frontend/src/components/canvas/customComponent/DeRichText.vue b/frontend/src/components/canvas/customComponent/DeRichText.vue
index 195a4bc263..4e5a76ab38 100644
--- a/frontend/src/components/canvas/customComponent/DeRichText.vue
+++ b/frontend/src/components/canvas/customComponent/DeRichText.vue
@@ -37,7 +37,6 @@ import 'tinymce/plugins/nonbreaking'
 import 'tinymce/plugins/pagebreak'
 import { mapState } from 'vuex'
 import Vue from 'vue'
-import xssCheck from 'xss'
 
 export default {
   name: 'DeRichText',
@@ -78,7 +77,7 @@ export default {
       canEdit: false,
       // 初始化配置
       tinymceId: 'tinymce-' + this.element.id,
-      myValue: xssCheck(this.propValue),
+      myValue: this.propValue,
       init: {
         selector: '#tinymce-' + this.element.id,
         toolbar_items_size: 'small',
diff --git a/frontend/src/components/canvas/customComponent/DeRichTextView.vue b/frontend/src/components/canvas/customComponent/DeRichTextView.vue
index fe66736ee2..3baa877b3d 100644
--- a/frontend/src/components/canvas/customComponent/DeRichTextView.vue
+++ b/frontend/src/components/canvas/customComponent/DeRichTextView.vue
@@ -38,7 +38,6 @@ import 'tinymce/plugins/pagebreak'
 import { mapState } from 'vuex'
 import bus from '@/utils/bus'
 import { uuid } from 'vue-uuid'
-import xssCheck from 'xss'
 
 export default {
   name: 'DeRichTextView',
@@ -140,6 +139,10 @@ export default {
       }
     },
     myValue(newValue) {
+      if (this.canEdit) {
+        const ed = tinymce.editors[this.tinymceId]
+        this.element.propValue.textValue = ed.getContent()
+      }
       this.initReady && this.$store.commit('canvasChange')
     }
   },
@@ -153,7 +156,7 @@ export default {
     viewInit() {
       bus.$on('fieldSelect-' + this.element.propValue.viewId, this.fieldSelect)
       tinymce.init({})
-      this.myValue = xssCheck(this.assignment(this.element.propValue.textValue))
+      this.myValue = this.assignment(this.element.propValue.textValue)
       bus.$on('initCurFields-' + this.element.id, this.initCurFieldsChange)
       this.$nextTick(() => {
         this.initReady = true
diff --git a/frontend/src/components/canvas/utils/utils.js b/frontend/src/components/canvas/utils/utils.js
index c39fd6efa2..11b0a94811 100644
--- a/frontend/src/components/canvas/utils/utils.js
+++ b/frontend/src/components/canvas/utils/utils.js
@@ -10,6 +10,7 @@ import { uuid } from 'vue-uuid'
 import store from '@/store'
 import { AIDED_DESIGN, MOBILE_SETTING, PAGE_LINE_DESIGN, PANEL_CHART_INFO, TAB_COMMON_STYLE } from '@/views/panel/panel'
 import html2canvas from 'html2canvasde'
+import xssCheck from 'xss'
 
 export function deepCopy(target) {
   if (typeof target === 'object' && target !== null) {
@@ -101,6 +102,9 @@ export function panelDataPrepare(componentData, componentStyle, callback) {
     componentStyle.chartCommonStyle = deepCopy(COMMON_BACKGROUND)
   }
   componentData.forEach((item, index) => {
+    if (item.component && item.component === 'v-text') {
+      item.propValue = xssCheck(item.propValue)
+    }
     if (item.component && item.component === 'de-date') {
       const widget = ApplicationContext.getService(item.serviceName)
       if (item.options.attrs &&