Autres/Rivendellaudio
1
0
Fork 0
mirror of https://github.com/ElvishArtisan/rivendell.git synced 2025-10-16 15:41:13 +02:00
Code Issues Projects Releases Wiki Activity

2021-04-18 Fred Gleason <fredg@paravelsystems.com>

Browse Source 
* Escaped all SQL identifiers in 'rdadmin/'.
	* Replaced " with ' delimiters in all SQL literal strings in
	'rdadmin/'.

Signed-off-by: Fred Gleason <fredg@paravelsystems.com>
This commit is contained in:
Fred Gleason
2021-04-18 21:23:19 -04:00
parent 0fd02861f9
commit 6264ec3235
67 changed files with 841 additions and 939 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
rdadmin/add_group.cpp
View File

@@ -136,8 +136,8 @@ void AddGroup::okData()
return;
}
sql=QString("insert into GROUPS set ")+
"NAME=\""+RDEscapeString(group_name_edit->text())+"\"";
sql=QString("insert into `GROUPS` set ")+
"`NAME`='"+RDEscapeString(group_name_edit->text())+"'";
q=new RDSqlQuery(sql);
if(!q->isActive()) {
@@ -152,14 +152,13 @@ void AddGroup::okData()
// Create Default Users Perms
//
if(group_users_box->isChecked()) {
sql="select LOGIN_NAME from USERS";
sql="select `LOGIN_NAME` from `USERS`";
q=new RDSqlQuery(sql);
while(q->next()) {
sql=QString("insert into USER_PERMS set ")+
"USER_NAME=\""+RDEscapeString(q->value(0).toString())+"\","+
"GROUP_NAME=\""+RDEscapeString(group_name_edit->text())+"\"";
q1=new RDSqlQuery(sql);
delete q1;
sql=QString("insert into `USER_PERMS` set ")+
"`USER_NAME`='"+RDEscapeString(q->value(0).toString())+"',"+
"`GROUP_NAME`='"+RDEscapeString(group_name_edit->text())+"'";
RDSqlQuery::apply(sql);
}
delete q;
}
@@ -168,12 +167,12 @@ void AddGroup::okData()
// Create Default Service Perms
//
if(group_svcs_box->isChecked()) {
sql="select NAME from SERVICES";
sql="select `NAME` from `SERVICES`";
q=new RDSqlQuery(sql);
while(q->next()) {
sql=QString("insert into AUDIO_PERMS set ")+
"SERVICE_NAME=\""+RDEscapeString(q->value(0).toString())+"\","+
"GROUP_NAME=\""+RDEscapeString(group_name_edit->text())+"\"";
sql=QString("insert into `AUDIO_PERMS` set ")+
"`SERVICE_NAME`='"+RDEscapeString(q->value(0).toString())+"',"+
"`GROUP_NAME`='"+RDEscapeString(group_name_edit->text())+"'";
q1=new RDSqlQuery(sql);
delete q1;
}
@@ -182,16 +181,16 @@ void AddGroup::okData()
EditGroup *group=new EditGroup(group_name_edit->text(),this);
if(group->exec()<0) {
sql=QString("delete from USER_PERMS where ")+
"GROUP_NAME=\""+RDEscapeString(group_name_edit->text())+"\"";
sql=QString("delete from `USER_PERMS` where ")+
"`GROUP_NAME`='"+RDEscapeString(group_name_edit->text())+"'";
q=new RDSqlQuery(sql);
delete q;
sql=QString("delete from AUDIO_PERMS where ")+
"GROUP_NAME=\""+RDEscapeString(group_name_edit->text())+"\"";
sql=QString("delete from `AUDIO_PERMS` where ")+
"`GROUP_NAME`='"+RDEscapeString(group_name_edit->text())+"'";
q=new RDSqlQuery(sql);
delete q;
sql=QString("delete from GROUPS where ")+
"NAME=\""+RDEscapeString(group_name_edit->text())+"\"";
sql=QString("delete from `GROUPS` where ")+
"`NAME`='"+RDEscapeString(group_name_edit->text())+"'";
q=new RDSqlQuery(sql);
delete q;
delete group;