mirror of
https://github.com/ElvishArtisan/rivendell.git
synced 2025-10-18 00:21:21 +02:00
2021-04-17 Fred Gleason <fredg@paravelsystems.com>
* Escaped all SQL identifiers in 'lib/'. * Replaced " with ' delimiters in all SQL literal strings in 'lib/'. Signed-off-by: Fred Gleason <fredg@paravelsystems.com>
This commit is contained in:
@@ -2,7 +2,7 @@
|
||||
//
|
||||
// Abstract a Rivendell Scheduler Code
|
||||
//
|
||||
// (C) Copyright 2015 Fred Gleason <fredg@paravelsystems.com>
|
||||
// (C) Copyright 2015-2021 Fred Gleason <fredg@paravelsystems.com>
|
||||
//
|
||||
// This program is free software; you can redistribute it and/or modify
|
||||
// it under the terms of the GNU General Public License version 2 as
|
||||
@@ -78,12 +78,10 @@ QString RDSchedCode::xml() const
|
||||
|
||||
void RDSchedCode::SetRow(const QString ¶m,const QString &value) const
|
||||
{
|
||||
RDSqlQuery *q;
|
||||
QString sql;
|
||||
|
||||
sql=QString("update SCHED_CODES set ")+
|
||||
param+"=\""+RDEscapeString(value)+"\" "+
|
||||
"where CODE=\""+RDEscapeString(sched_code)+"\"";
|
||||
q=new RDSqlQuery(sql);
|
||||
delete q;
|
||||
sql=QString("update `SCHED_CODES` set `")+
|
||||
param+"`='"+RDEscapeString(value)+"' "+
|
||||
"where `CODE`='"+RDEscapeString(sched_code)+"'";
|
||||
RDSqlQuery::apply(sql);
|
||||
}
|
||||
|
Reference in New Issue
Block a user