Autres/Rivendellaudio
1
0
Fork 0
mirror of https://github.com/ElvishArtisan/rivendell.git synced 2025-08-02 17:09:28 +02:00
Code Issues Projects Releases Wiki Activity

2021-04-19 Fred Gleason <fredg@paravelsystems.com>

Browse Source 
* Escaped all SQL identifiers in 'rdairplay/'.
	* Replaced " with ' delimiters in all SQL literal strings in
	'rdairplay/'.

Signed-off-by: Fred Gleason <fredg@paravelsystems.com>
This commit is contained in:
Fred Gleason 2021-04-19 18:44:14 -04:00
parent a1ce33e344
commit 3e0c293c09
3 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -21483,3 +21483,7 @@
* Escaped all SQL identifiers in 'importers/'.
* Replaced " with ' delimiters in all SQL literal strings in
'importers/'.
2021-04-19 Fred Gleason <fredg@paravelsystems.com>
* Escaped all SQL identifiers in 'rdairplay/'.
* Replaced " with ' delimiters in all SQL literal strings in
'rdairplay/'.

4
rdairplay/list_logs.cpp
View File

@ -115,8 +115,8 @@ int ListLogs::exec(QString *logname,QString *svcname,RDLogLock **log_lock)
list_log_lock=log_lock;
list_saveas_button->setEnabled(rda->user()->createLog());
QStringList services_list;
QString sql=QString("select SERVICE_NAME from SERVICE_PERMS where ")+
"STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\"";
QString sql=QString("select `SERVICE_NAME` from `SERVICE_PERMS` where ")+
"`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"'";
RDSqlQuery *q=new RDSqlQuery(sql);
services_list.push_back(tr("ALL"));
while(q->next()) {

8
rdairplay/rdairplay.cpp
View File

@ -835,8 +835,8 @@ void MainWidget::ripcConnectedData(bool state)
}
}
if(!air_start_logname[i].isEmpty()) {
sql=QString("select NAME from LOGS where ")+
"NAME=\""+RDEscapeString(air_start_logname[i])+"\"";
sql=QString("select `NAME` from `LOGS` where ")+
"`NAME`='"+RDEscapeString(air_start_logname[i])+"'";
q=new RDSqlQuery(sql);
if(q->first()) {
rml.clear();
@ -2180,8 +2180,8 @@ void MainWidget::SetActionMode(StartButton::Mode mode)
}
}
if(svc_quan==0) {
sql=QString("select SERVICE_NAME from SERVICE_PERMS where ")+
"STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\"";
sql=QString("select `SERVICE_NAME` from `SERVICE_PERMS` where ")+
"`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"'";
q=new RDSqlQuery(sql);
while(q->next()) {
services_list.append( q->value(0).toString() );