Autres/Rivendellaudio
1
0
Fork 0
mirror of https://github.com/ElvishArtisan/rivendell.git synced 2025-05-19 22:48:01 +02:00
Code Issues Projects Releases Wiki Activity

2021-04-19 Fred Gleason <fredg@paravelsystems.com>

Browse Source 
* Escaped all SQL identifiers in 'rdlogin/'.
	* Replaced " with ' delimiters in all SQL literal strings in
	'rdlogin/'.

Signed-off-by: Fred Gleason <fredg@paravelsystems.com>
This commit is contained in:
Fred Gleason 2021-04-19 20:19:31 -04:00
parent c45cc83e15
commit 01c15d8dbd
2 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -21511,3 +21511,7 @@
* Escaped all SQL identifiers in 'rdlogedit/'.
* Replaced " with ' delimiters in all SQL literal strings in
'rdlogedit/'.
2021-04-19 Fred Gleason <fredg@paravelsystems.com>
* Escaped all SQL identifiers in 'rdlogin/'.
* Replaced " with ' delimiters in all SQL literal strings in
'rdlogin/'.

8
rdlogin/rdlogin.cpp
View File

@ -91,10 +91,10 @@ MainWidget::MainWidget(RDConfig *c,QWidget *parent)
login_username_box->setModel(login_username_model);
QFontMetrics fm(font());
sql=QString("select ")+
"LOGIN_NAME "+ // 00
"from USERS where "+
"ADMIN_CONFIG_PRIV='N'"+
"order by LOGIN_NAME";
"`LOGIN_NAME` "+ // 00
"from `USERS` where "+
"`ADMIN_CONFIG_PRIV`='N'"+
"order by `LOGIN_NAME`";
q=new RDSqlQuery(sql);
while(q->next()) {
if((20+fm.width(q->value(0).toString()))>login_user_width) {