Autres/Rivendellaudio
1
0
Fork 0
mirror of https://github.com/ElvishArtisan/rivendell.git synced 2026-01-11 23:25:57 +01:00
Code Issues Projects Releases Wiki Activity

2021-04-19 Fred Gleason <fredg@paravelsystems.com>

Browse Source 
* Escaped all SQL identifiers in 'rdlogmanager/'.
	* Replaced " with ' delimiters in all SQL literal strings in
	'rdlogmanager/'.

Signed-off-by: Fred Gleason <fredg@paravelsystems.com>
This commit is contained in:
Fred Gleason
2021-04-19 21:02:10 -04:00
parent 01c15d8dbd
commit 40337a341f
16 changed files with 308 additions and 305 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
rdlogmanager/eventlistmodel.cpp
View File

@@ -199,7 +199,8 @@ void EventListModel::refresh(const QModelIndex &row)
if(row.row()<d_texts.size()) {
QString sql=sqlFields()+
"where "+
"EVENTS.NAME=\""+RDEscapeString(d_texts.at(row.row()).at(0).toString())+
"`EVENTS`.`NAME`=\""+
RDEscapeString(d_texts.at(row.row()).at(0).toString())+
"\"";
RDSqlQuery *q=new RDSqlQuery(sql);
if(q->first()) {
@@ -239,7 +240,7 @@ void EventListModel::updateModel()
RDSqlQuery *q=NULL;
QString sql=sqlFields()+
d_filter_sql+
"order by EVENTS.NAME ";
"order by `EVENTS`.`NAME` ";
beginResetModel();
d_texts.clear();
d_icons.clear();
@@ -259,7 +260,8 @@ void EventListModel::updateRowLine(int line)
if(line<d_texts.size()) {
QString sql=sqlFields()+
"where "+
"EVENTS.NAME=\""+RDEscapeString(d_texts.at(line).at(0).toString())+"\"";
"`EVENTS`.`NAME`=\""+
RDEscapeString(d_texts.at(line).at(0).toString())+"\"";
RDSqlQuery *q=new RDSqlQuery(sql);
if(q->first()) {
updateRow(line,q);
@@ -297,16 +299,16 @@ void EventListModel::updateRow(int row,RDSqlQuery *q)
QString EventListModel::sqlFields() const
{
QString sql=QString("select ")+
"NAME,"+ // 00
"COLOR,"+ // 01
"PREPOSITION,"+ // 02
"FIRST_TRANS_TYPE,"+ // 03
"TIME_TYPE,"+ // 04
"GRACE_TIME,"+ // 05
"USE_AUTOFILL,"+ // 06
"IMPORT_SOURCE,"+ // 07
"NESTED_EVENT "+ // 08
"from EVENTS ";
"`NAME`,"+ // 00
"`COLOR`,"+ // 01
"`PREPOSITION`,"+ // 02
"`FIRST_TRANS_TYPE`,"+ // 03
"`TIME_TYPE`,"+ // 04
"`GRACE_TIME`,"+ // 05
"`USE_AUTOFILL`,"+ // 06
"`IMPORT_SOURCE`,"+ // 07
"`NESTED_EVENT` "+ // 08
"from `EVENTS` ";
return sql;
}