2021-04-17 Fred Gleason <fredg@paravelsystems.com>

* Escaped all SQL identifiers in 'lib/'. * Replaced " with ' delimiters in all SQL literal strings in 'lib/'. Signed-off-by: Fred Gleason <fredg@paravelsystems.com>
2025-11-26 15:20:29 +01:00 · 2021-04-17 19:47:05 -04:00
parent 1b7dd5cd7d
commit 0fd02861f9
104 changed files with 4807 additions and 5120 deletions
--- a/lib/rdmarkerplayer.cpp
+++ b/lib/rdmarkerplayer.cpp
@@ -240,20 +240,20 @@ bool RDMarkerPlayer::setCut(unsigned cartnum,int cutnum)
  RDSetMixerOutputPort(rda->cae(),d_cards.first(),d_cae_stream,d_port);

  QString sql=QString("select ")+
-    "START_POINT,"+        // 00  
-    "END_POINT,"+          // 01
-    "TALK_START_POINT,"+   // 02
-    "TALK_END_POINT,"+     // 03
-    "SEGUE_START_POINT,"+  // 04
-    "SEGUE_END_POINT,"+    // 05
-    "HOOK_START_POINT,"+   // 06
-    "HOOK_END_POINT,"+     // 07
-    "FADEUP_POINT,"+       // 08
-    "FADEDOWN_POINT,"+     // 09
-    "SEGUE_GAIN,"+         // 10
-    "PLAY_GAIN "+          // 11
-    "from CUTS where "+
-    "CUT_NAME=\""+RDEscapeString(RDCut::cutName(cartnum,cutnum))+"\"";
+    "`START_POINT`,"+        // 00  
+    "`END_POINT`,"+          // 01
+    "`TALK_START_POINT`,"+   // 02
+    "`TALK_END_POINT`,"+     // 03
+    "`SEGUE_START_POINT`,"+  // 04
+    "`SEGUE_END_POINT`,"+    // 05
+    "`HOOK_START_POINT`,"+   // 06
+    "`HOOK_END_POINT`,"+     // 07
+    "`FADEUP_POINT`,"+       // 08
+    "`FADEDOWN_POINT`,"+     // 09
+    "`SEGUE_GAIN`,"+         // 10
+    "`PLAY_GAIN` "+          // 11
+    "from `CUTS` where "+
+    "`CUT_NAME`='"+RDEscapeString(RDCut::cutName(cartnum,cutnum))+"'";
  RDSqlQuery *q=new RDSqlQuery(sql);
  if(q->first()) {
    for(int i=0;i<RDMarkerHandle::LastRole;i++) {