From 65b6c9e671cd893de29856f86681696a28ec4d4d Mon Sep 17 00:00:00 2001 From: Fred Gleason Date: Tue, 20 Apr 2021 09:20:54 -0400 Subject: [PATCH] 2021-04-20 Fred Gleason * Escaped all SQL identifiers in 'ripcd/'. * Replaced " with ' delimiters in all SQL literal strings in 'ripcd/'. Signed-off-by: Fred Gleason --- ChangeLog | 4 ++ ripcd/livewire_lwrpaudio.cpp | 84 ++++++++++++++++------------------ ripcd/livewire_lwrpgpio.cpp | 10 ++-- ripcd/livewire_mcastgpio.cpp | 12 ++--- ripcd/local_macros.cpp | 70 ++++++++++++++-------------- ripcd/ripcd.cpp | 24 +++++----- ripcd/sasusi.cpp | 70 ++++++++++++++-------------- ripcd/starguide3.cpp | 16 +++---- ripcd/swauthority.cpp | 88 +++++++++++++++++------------------- ripcd/switcher.cpp | 19 ++++---- ripcd/unity4000.cpp | 14 +++--- ripcd/vguest.cpp | 66 +++++++++++++-------------- ripcd/wheatnet_lio.cpp | 50 ++++++++++---------- ripcd/wheatnet_slio.cpp | 50 ++++++++++---------- 14 files changed, 279 insertions(+), 298 deletions(-) diff --git a/ChangeLog b/ChangeLog index 3964f3c9..64cc3496 100644 --- a/ChangeLog +++ b/ChangeLog @@ -21539,3 +21539,7 @@ * Escaped all SQL identifiers in 'rdvairplayd/'. * Replaced " with ' delimiters in all SQL literal strings in 'rdvairplayd/'. +2021-04-20 Fred Gleason + * Escaped all SQL identifiers in 'ripcd/'. + * Replaced " with ' delimiters in all SQL literal strings in + 'ripcd/'. diff --git a/ripcd/livewire_lwrpaudio.cpp b/ripcd/livewire_lwrpaudio.cpp index 5057e74d..82c8786a 100644 --- a/ripcd/livewire_lwrpaudio.cpp +++ b/ripcd/livewire_lwrpaudio.cpp @@ -41,13 +41,13 @@ LiveWireLwrpAudio::LiveWireLwrpAudio(RDMatrix *matrix,QObject *parent) // Load The Node List // sql=QString("select ")+ - "HOSTNAME,"+ // 00 - "TCP_PORT,"+ // 01 - "PASSWORD,"+ // 02 - "BASE_OUTPUT "+ // 03 - "from SWITCHER_NODES where "+ - "(STATION_NAME=\""+RDEscapeString(livewire_stationname)+"\")&&"+ - QString().sprintf("(MATRIX=%d)",livewire_matrix); + "`HOSTNAME`,"+ // 00 + "`TCP_PORT`,"+ // 01 + "`PASSWORD`,"+ // 02 + "`BASE_OUTPUT` "+ // 03 + "from `SWITCHER_NODES` where "+ + "(`STATION_NAME`='"+RDEscapeString(livewire_stationname)+"')&&"+ + QString().sprintf("(`MATRIX`=%d)",livewire_matrix); q=new RDSqlQuery(sql); while(q->next()) { livewire_nodes.push_back(new RDLiveWire(livewire_nodes.size(),this)); @@ -174,28 +174,25 @@ void LiveWireLwrpAudio::nodeConnectedData(unsigned id) void LiveWireLwrpAudio::sourceChangedData(unsigned id,RDLiveWireSource *src) { QString sql; - RDSqlQuery *q; - sql=QString("delete from INPUTS where ")+ - "(STATION_NAME=\""+RDEscapeString(livewire_stationname)+"\")&&"+ - QString().sprintf("(MATRIX=%d)&&",livewire_matrix)+ - "(NODE_HOSTNAME=\""+RDEscapeString(livewire_nodes[id]->hostname())+"\")&&"+ - QString().sprintf("(NODE_TCP_PORT=%d)&&",livewire_nodes[id]->tcpPort())+ - QString().sprintf("(NODE_SLOT=%d)",src->slotNumber()); - q=new RDSqlQuery(sql); - delete q; + sql=QString("delete from `INPUTS` where ")+ + "(`STATION_NAME`='"+RDEscapeString(livewire_stationname)+"')&&"+ + QString().sprintf("(`MATRIX`=%d)&&",livewire_matrix)+ + "(`NODE_HOSTNAME`='"+RDEscapeString(livewire_nodes[id]->hostname())+"')&&"+ + QString().sprintf("(`NODE_TCP_PORT`=%d)&&",livewire_nodes[id]->tcpPort())+ + QString().sprintf("(`NODE_SLOT`=%d)",src->slotNumber()); + RDSqlQuery::apply(sql); if(src->rtpEnabled()) { - sql=QString("insert into INPUTS set ")+ - "STATION_NAME=\""+RDEscapeString(livewire_stationname)+"\","+ - QString().sprintf("MATRIX=%d,",livewire_matrix)+ - "NODE_HOSTNAME=\""+RDEscapeString(livewire_nodes[id]->hostname())+"\","+ - QString().sprintf("NODE_TCP_PORT=%d,",livewire_nodes[id]->tcpPort())+ - QString().sprintf("NODE_SLOT=%d,",src->slotNumber())+ - "NAME=\""+RDEscapeString(src->primaryName())+"\","+ - QString().sprintf("NUMBER=%d",src->channelNumber()); - q=new RDSqlQuery(sql); - delete q; + sql=QString("insert into `INPUTS` set ")+ + "`STATION_NAME`='"+RDEscapeString(livewire_stationname)+"',"+ + QString().sprintf("`MATRIX`=%d,",livewire_matrix)+ + "`NODE_HOSTNAME`='"+RDEscapeString(livewire_nodes[id]->hostname())+"',"+ + QString().sprintf("`NODE_TCP_PORT`=%d,",livewire_nodes[id]->tcpPort())+ + QString().sprintf("`NODE_SLOT`=%d,",src->slotNumber())+ + "`NAME`='"+RDEscapeString(src->primaryName())+"',"+ + QString().sprintf("`NUMBER`=%d",src->channelNumber()); + RDSqlQuery::apply(sql); } } @@ -203,28 +200,25 @@ void LiveWireLwrpAudio::sourceChangedData(unsigned id,RDLiveWireSource *src) void LiveWireLwrpAudio::destinationChangedData(unsigned id,RDLiveWireDestination *dst) { QString sql; - RDSqlQuery *q; - sql=QString("delete from OUTPUTS where ")+ - "(STATION_NAME=\""+RDEscapeString(livewire_stationname)+"\")&&"+ - QString().sprintf("(MATRIX=%d)&&",livewire_matrix)+ - "(NODE_HOSTNAME=\""+RDEscapeString(livewire_nodes[id]->hostname())+"\")&&"+ - QString().sprintf("(NODE_TCP_PORT=%d)&&",livewire_nodes[id]->tcpPort())+ - QString().sprintf("(NODE_SLOT=%d)",dst->slotNumber()); - q=new RDSqlQuery(sql); - delete q; + sql=QString("delete from `OUTPUTS` where ")+ + "(`STATION_NAME`='"+RDEscapeString(livewire_stationname)+"')&&"+ + QString().sprintf("(`MATRIX`=%d)&&",livewire_matrix)+ + "(`NODE_HOSTNAME`='"+RDEscapeString(livewire_nodes[id]->hostname())+"')&&"+ + QString().sprintf("(`NODE_TCP_PORT`=%d)&&",livewire_nodes[id]->tcpPort())+ + QString().sprintf("(`NODE_SLOT`=%d)",dst->slotNumber()); + RDSqlQuery::apply(sql); - sql=QString("insert into OUTPUTS set ")+ - "STATION_NAME=\""+RDEscapeString(livewire_stationname)+"\","+ - QString().sprintf("MATRIX=%d,",livewire_matrix)+ - "NODE_HOSTNAME=\""+RDEscapeString(livewire_nodes[id]->hostname())+"\","+ - QString().sprintf("NODE_TCP_PORT=%d,",livewire_nodes[id]->tcpPort())+ - QString().sprintf("NODE_SLOT=%d,",dst->slotNumber())+ - "NAME=\""+RDEscapeString(dst->primaryName())+"\","+ - QString().sprintf("NUMBER=%d", + sql=QString("insert into `OUTPUTS` set ")+ + "`STATION_NAME`='"+RDEscapeString(livewire_stationname)+"',"+ + QString().sprintf("`MATRIX`=%d,",livewire_matrix)+ + "`NODE_HOSTNAME`='"+RDEscapeString(livewire_nodes[id]->hostname())+"',"+ + QString().sprintf("`NODE_TCP_PORT`=%d,",livewire_nodes[id]->tcpPort())+ + QString().sprintf("`NODE_SLOT`=%d,",dst->slotNumber())+ + "`NAME`='"+RDEscapeString(dst->primaryName())+"',"+ + QString().sprintf("`NUMBER`=%d", livewire_nodes[id]->baseOutput()+dst->slotNumber()-1); - q=new RDSqlQuery(sql); - delete q; + RDSqlQuery::apply(sql); } diff --git a/ripcd/livewire_lwrpgpio.cpp b/ripcd/livewire_lwrpgpio.cpp index b9675f95..ecea9e8e 100644 --- a/ripcd/livewire_lwrpgpio.cpp +++ b/ripcd/livewire_lwrpgpio.cpp @@ -181,15 +181,13 @@ void LiveWireLwrpGpio::gpoChangedData(unsigned id,unsigned slot,unsigned line, void LiveWireLwrpGpio::connectedData(unsigned id) { QString sql; - RDSqlQuery *q; - sql=QString().sprintf("update MATRICES set GPIS=%u,GPOS=%u ", + sql=QString().sprintf("update `MATRICES` set `GPIS`=%u,`GPOS`=%u ", RD_LIVEWIRE_GPIO_BUNDLE_SIZE*gpio_livewire->gpis(), RD_LIVEWIRE_GPIO_BUNDLE_SIZE*gpio_livewire->gpos())+ - "where (STATION_NAME=\""+RDEscapeString(stationName())+"\")&&"+ - QString().sprintf("(MATRIX=%u)",matrixNumber()); - q=new RDSqlQuery(sql); - delete q; + "where (`STATION_NAME`='"+RDEscapeString(stationName())+"')&&"+ + QString().sprintf("(`MATRIX`=%u)",matrixNumber()); + RDSqlQuery::apply(sql); for(int i=0;igpis();i++) { insertGpioEntry(false,i+1); diff --git a/ripcd/livewire_mcastgpio.cpp b/ripcd/livewire_mcastgpio.cpp index c5529945..fe83a65f 100644 --- a/ripcd/livewire_mcastgpio.cpp +++ b/ripcd/livewire_mcastgpio.cpp @@ -145,13 +145,13 @@ LiveWireMcastGpio::LiveWireMcastGpio(RDMatrix *matrix,QObject *parent) // Source Table // sql=QString("select ")+ - "SLOT,"+ // 00 - "SOURCE_NUMBER,"+ // 01 - "IP_ADDRESS "+ // 02 + "`SLOT`,"+ // 00 + "`SOURCE_NUMBER`,"+ // 01 + "`IP_ADDRESS` "+ // 02 "from LIVEWIRE_GPIO_SLOTS "+ - "where (STATION_NAME=\""+RDEscapeString(livewire_stationname)+"\")&&"+ - QString().sprintf("(MATRIX=%d) ",livewire_matrix)+ - "order by SLOT"; + "where (`STATION_NAME`='"+RDEscapeString(livewire_stationname)+"')&&"+ + QString().sprintf("(`MATRIX`=%d) ",livewire_matrix)+ + "order by `SLOT`"; q=new RDSqlQuery(sql); while(q->next()) { if(q->value(0).toInt()<((int)livewire_gpios/RD_LIVEWIRE_GPIO_BUNDLE_SIZE)) { diff --git a/ripcd/local_macros.cpp b/ripcd/local_macros.cpp index 75648e3a..c0ced648 100644 --- a/ripcd/local_macros.cpp +++ b/ripcd/local_macros.cpp @@ -136,17 +136,15 @@ void MainObject::LogGpioEvent(int matrix,int line,RDMatrix::GpioType type, bool state) { QString sql; - RDSqlQuery *q; - sql=QString("insert into GPIO_EVENTS set ")+ - "STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\","+ - QString().sprintf("MATRIX=%d,",matrix)+ - QString().sprintf("NUMBER=%d,",line+1)+ - QString().sprintf("TYPE=%d,",type)+ - QString().sprintf("EDGE=%d,",state)+ - "EVENT_DATETIME=now()"; - q=new RDSqlQuery(sql); - delete q; + sql=QString("insert into `GPIO_EVENTS` set ")+ + "`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"',"+ + QString().sprintf("`MATRIX`=%d,",matrix)+ + QString().sprintf("`NUMBER`=%d,",line+1)+ + QString().sprintf("`TYPE`=%d,",type)+ + QString().sprintf("`EDGE`=%d,",state)+ + "`EVENT_DATETIME`=now()"; + RDSqlQuery::apply(sql); } @@ -170,13 +168,13 @@ void MainObject::LoadLocalMacros() // Initialize Matrices // sql=QString("select ")+ - "MATRIX,"+ // 00 - "TYPE,"+ // 01 - "PORT,"+ // 02 - "INPUTS,"+ // 03 - "OUTPUTS "+ // 04 - "from MATRICES where "+ - "STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\""; + "`MATRIX`,"+ // 00 + "`TYPE`,"+ // 01 + "`PORT`,"+ // 02 + "`INPUTS`,"+ // 03 + "`OUTPUTS` "+ // 04 + "from `MATRICES` where "+ + "`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"'"; q=new RDSqlQuery(sql); while(q->next()) { if(!LoadSwitchDriver(q->value(0).toInt())) { @@ -191,15 +189,15 @@ void MainObject::LoadLocalMacros() // Initialize TTYs // sql=QString("select ")+ - "PORT_ID,"+ // 00 - "PORT,"+ // 01 - "BAUD_RATE,"+ // 02 - "DATA_BITS,"+ // 03 - "PARITY,"+ // 04 - "TERMINATION "+ // 05 - "from TTYS where "+ - "(STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\")&&"+ - "(ACTIVE=\"Y\")"; + "`PORT_ID`,"+ // 00 + "`PORT`,"+ // 01 + "`BAUD_RATE`,"+ // 02 + "`DATA_BITS`,"+ // 03 + "`PARITY`,"+ // 04 + "`TERMINATION` "+ // 05 + "from `TTYS` where "+ + "(`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"')&&"+ + "(`ACTIVE`='Y')"; q=new RDSqlQuery(sql); while(q->next()) { tty_port=q->value(0).toUInt(); @@ -865,16 +863,16 @@ void MainObject::RunLocalMacros(RDMacro *rml_in) // Try to Restart // sql=QString("select ")+ - "PORT_ID,"+ // 00 - "PORT,"+ // 01 - "BAUD_RATE,"+ // 02 - "DATA_BITS,"+ // 03 - "PARITY,"+ // 04 - "TERMINATION "+ // 05 - "from TTYS where "+ - "(STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\")&&"+ - "(ACTIVE=\"Y\")&&"+ - QString().sprintf("(PORT_ID=%d)",tty_port); + "`PORT_ID`,"+ // 00 + "`PORT`,"+ // 01 + "`BAUD_RATE`,"+ // 02 + "`DATA_BITS`,"+ // 03 + "`PARITY`,"+ // 04 + "`TERMINATION` "+ // 05 + "from `TTYS` where "+ + "(`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"')&&"+ + "(`ACTIVE`='Y')&&"+ + QString().sprintf("(`PORT_ID`=%d)",tty_port); q=new RDSqlQuery(sql); if(q->first()) { if(!ripcd_tty_inuse[tty_port]) { diff --git a/ripcd/ripcd.cpp b/ripcd/ripcd.cpp index 72c5a82b..f625bc36 100644 --- a/ripcd/ripcd.cpp +++ b/ripcd/ripcd.cpp @@ -733,12 +733,12 @@ void MainObject::LoadGpiTable() } } QString sql=QString("select ")+ - "MATRIX,"+ // 00 - "NUMBER,"+ // 01 - "OFF_MACRO_CART,"+ // 02 - "MACRO_CART "+ // 03 - "from GPIS where "+ - "STATION_NAME=\""+RDEscapeString(rda->config()->stationName())+"\""; + "`MATRIX`,"+ // 00 + "`NUMBER`,"+ // 01 + "`OFF_MACRO_CART`,"+ // 02 + "`MACRO_CART` "+ // 03 + "from `GPIS` where "+ + "`STATION_NAME`='"+RDEscapeString(rda->config()->stationName())+"'"; RDSqlQuery *q=new RDSqlQuery(sql); while(q->next()) { ripcd_gpi_macro[q->value(0).toInt()][q->value(1).toInt()-1][0]= @@ -749,12 +749,12 @@ void MainObject::LoadGpiTable() delete q; sql=QString("select ")+ - "MATRIX,"+ // 00 - "NUMBER,"+ // 01 - "OFF_MACRO_CART,"+ // 02 - "MACRO_CART "+ // 03 - "from GPOS where "+ - "STATION_NAME=\""+RDEscapeString(rda->config()->stationName())+"\""; + "`MATRIX`,"+ // 00 + "`NUMBER`,"+ // 01 + "`OFF_MACRO_CART`,"+ // 02 + "`MACRO_CART` "+ // 03 + "from `GPOS` where "+ + "`STATION_NAME`='"+RDEscapeString(rda->config()->stationName())+"'"; q=new RDSqlQuery(sql); while(q->next()) { ripcd_gpo_macro[q->value(0).toInt()][q->value(1).toInt()-1][0]= diff --git a/ripcd/sasusi.cpp b/ripcd/sasusi.cpp index 3e827ca5..41eb0732 100644 --- a/ripcd/sasusi.cpp +++ b/ripcd/sasusi.cpp @@ -50,13 +50,13 @@ SasUsi::SasUsi(RDMatrix *matrix,QObject *parent) // Load Switch Table // sql=QString("select ")+ - "ENGINE_NUM,"+ // 00 - "DEVICE_NUM,"+ // 01 - "RELAY_NUM "+ // 02 - "from VGUEST_RESOURCES where "+ - "(STATION_NAME=\""+RDEscapeString(rda->config()->stationName())+"\")&&"+ - QString().sprintf("(MATRIX_NUM=%d) ",matrix->matrix())+ - "order by NUMBER"; + "`ENGINE_NUM`,"+ // 00 + "`DEVICE_NUM`,"+ // 01 + "`RELAY_NUM` "+ // 02 + "from `VGUEST_RESOURCES` where "+ + "(`STATION_NAME`='"+RDEscapeString(rda->config()->stationName())+"')&&"+ + QString().sprintf("(`MATRIX_NUM`=%d) ",matrix->matrix())+ + "order by `NUMBER`"; q=new RDSqlQuery(sql); while(q->next()) { sas_console_numbers.push_back(q->value(0).toInt()); @@ -491,24 +491,24 @@ void SasUsi::DispatchCommand() if(sscanf(sas_buffer+1,"%u",&input)!=1) { return; } - sql=QString("select NUMBER from INPUTS where ")+ - "(STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\")&&"+ - QString().sprintf("(MATRIX=%d)&&",sas_matrix)+ - QString().sprintf("(NUMBER=%d)",input); + sql=QString("select `NUMBER` from `INPUTS` where ")+ + "(`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"')&&"+ + QString().sprintf("(`MATRIX`=%d)&&",sas_matrix)+ + QString().sprintf("(`NUMBER`=%d)",input); q=new RDSqlQuery(sql); if(q->first()) { - sql=QString("update INPUTS set ")+ - "NAME=\""+RDEscapeString(label)+"\" where "+ - "(STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\")&&"+ - QString().sprintf("(MATRIX=%d)&&",sas_matrix)+ - QString().sprintf("(NUMBER=%d)",input); + sql=QString("update `INPUTS` set ")+ + "`NAME`='"+RDEscapeString(label)+"' where "+ + "(`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"')&&"+ + QString().sprintf("(`MATRIX`=%d)&&",sas_matrix)+ + QString().sprintf("(`NUMBER`=%d)",input); } else { - sql=QString("insert into INPUTS set ")+ - "NAME=\""+RDEscapeString(label)+"\","+ - "STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\","+ - QString().sprintf("MATRIX=%d,",sas_matrix)+ - QString().sprintf("NUMBER=%d",input); + sql=QString("insert into `INPUTS` set ")+ + "`NAME`='"+RDEscapeString(label)+"',"+ + "`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"',"+ + QString().sprintf("`MATRIX`=%d,",sas_matrix)+ + QString().sprintf("`NUMBER`=%d",input); } delete q; q=new RDSqlQuery(sql); @@ -524,24 +524,24 @@ void SasUsi::DispatchCommand() if(sscanf(sas_buffer+1,"%u",&output)!=1) { return; } - sql=QString("select NUMBER from OUTPUTS where ")+ - "(STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\")&&"+ - QString().sprintf("(MATRIX=%d)&&",sas_matrix)+ - QString().sprintf("(NUMBER=%d)",output); + sql=QString("select `NUMBER` from `OUTPUTS` where ")+ + "(`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"')&&"+ + QString().sprintf("(`MATRIX`=%d)&&",sas_matrix)+ + QString().sprintf("(`NUMBER`=%d)",output); q=new RDSqlQuery(sql); if(q->first()) { - sql=QString("update OUTPUTS set ")+ - "NAME=\""+RDEscapeString(label)+"\" where "+ - "(STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\")&&"+ - QString().sprintf("(MATRIX=%d)&&",sas_matrix)+ - QString().sprintf("(NUMBER=%d)",output); + sql=QString("update `OUTPUTS` set ")+ + "`NAME`='"+RDEscapeString(label)+"' where "+ + "(`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"')&&"+ + QString().sprintf("(`MATRIX`=%d)&&",sas_matrix)+ + QString().sprintf("(`NUMBER`=%d)",output); } else { - sql=QString("insert into OUTPUTS set ")+ - "NAME=\""+RDEscapeString(label)+"\","+ - "STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\","+ - QString().sprintf("MATRIX=%d,",sas_matrix)+ - QString().sprintf("NUMBER=%d",output); + sql=QString("insert into `OUTPUTS` set ")+ + "`NAME`='"+RDEscapeString(label)+"',"+ + "`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"',"+ + QString().sprintf("`MATRIX`=%d,",sas_matrix)+ + QString().sprintf("`NUMBER`=%d",output); } delete q; q=new RDSqlQuery(sql); diff --git a/ripcd/starguide3.cpp b/ripcd/starguide3.cpp index 17f3bd97..b5266bb2 100644 --- a/ripcd/starguide3.cpp +++ b/ripcd/starguide3.cpp @@ -42,14 +42,14 @@ StarGuide3::StarGuide3(RDMatrix *matrix,QObject *parent) // Load Feed Data // sql=QString("select ")+ - "NUMBER,"+ // 00 - "ENGINE_NUM,"+ // 01 - "DEVICE_NUM,"+ // 02 - "CHANNEL_MODE "+ // 03 - "from INPUTS where "+ - "STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\" && "+ - QString().sprintf("MATRIX=%d ",matrix->matrix())+ - "order by NUMBER"; + "`NUMBER`,"+ // 00 + "`ENGINE_NUM`,"+ // 01 + "`DEVICE_NUM`,"+ // 02 + "`CHANNEL_MODE` "+ // 03 + "from `INPUTS` where "+ + "`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"' && "+ + QString().sprintf("`MATRIX`=%d ",matrix->matrix())+ + "order by `NUMBER`"; q=new RDSqlQuery(sql); q->first(); for(int i=0;istation()->name())+"\")&&"+ - QString().sprintf("(MATRIX=%d)",swa_matrix); - q=new RDSqlQuery(sql); - delete q; + sql=QString("update `MATRICES` set ")+ + QString().sprintf("`INPUTS`=%d,",swa_inputs)+ + QString().sprintf("`GPIS`=%d ",swa_gpis)+ + "where (`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"')&&"+ + QString().sprintf("(`MATRIX`=%d)",swa_matrix); + RDSqlQuery::apply(sql); return; } f0=line_in.split("\t",QString::KeepEmptyParts); @@ -325,31 +324,30 @@ void SoftwareAuthority::DispatchCommand() if(f0.size()>=7) { name=f0[6]+": "+f0[2]; } - sql=QString("select NUMBER from INPUTS where ")+ - "(STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\")&&"+ - QString().sprintf("(MATRIX=%d)&&",swa_matrix)+ - QString().sprintf("(NUMBER=%d)",f0[0].toInt()); + sql=QString("select `NUMBER` from `INPUTS` where ")+ + "(`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"')&&"+ + QString().sprintf("(`MATRIX`=%d)&&",swa_matrix)+ + QString().sprintf("(`NUMBER`=%d)",f0[0].toInt()); q=new RDSqlQuery(sql); if(q->first()) { - sql=QString("update INPUTS set ")+ - "NAME=\""+RDEscapeString(name)+"\" where "+ - "(STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\")&&"+ - QString().sprintf("(MATRIX=%d)&&",swa_matrix)+ - QString().sprintf("(NUMBER=%d)",f0[0].toInt()); + sql=QString("update `INPUTS` set ")+ + "`NAME`='"+RDEscapeString(name)+"' where "+ + "(`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"')&&"+ + QString().sprintf("(`MATRIX`=%d)&&",swa_matrix)+ + QString().sprintf("(`NUMBER`=%d)",f0[0].toInt()); } else { - sql=QString("insert into INPUTS set ")+ - "NAME=\""+RDEscapeString(name)+"\","+ - "STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\","+ - QString().sprintf("MATRIX=%d,",swa_matrix)+ - QString().sprintf("NUMBER=%d",f0[0].toInt()); + sql=QString("insert into `INPUTS` set ")+ + "`NAME`='"+RDEscapeString(name)+"',"+ + "`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"',"+ + QString().sprintf("`MATRIX`=%d,",swa_matrix)+ + QString().sprintf("`NUMBER`=%d",f0[0].toInt()); } if(f0[0].toInt()>swa_inputs) { swa_inputs=f0[0].toInt(); } delete q; - q=new RDSqlQuery(sql); - delete q; + RDSqlQuery::apply(sql); break; case 2: // Destinations List @@ -361,13 +359,12 @@ void SoftwareAuthority::DispatchCommand() if(swa_is_gpio) { swa_gpos=swa_outputs*RD_LIVEWIRE_GPIO_BUNDLE_SIZE; } - sql=QString("update MATRICES set ")+ - QString().sprintf("OUTPUTS=%d,",swa_outputs)+ - QString().sprintf("GPOS=%d ",swa_gpos)+ - "where (STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\")&&"+ - QString().sprintf("(MATRIX=%d)",swa_matrix); - q=new RDSqlQuery(sql); - delete q; + sql=QString("update `MATRICES` set ")+ + QString().sprintf("`OUTPUTS`=%d,",swa_outputs)+ + QString().sprintf("`GPOS`=%d ",swa_gpos)+ + "where (`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"')&&"+ + QString().sprintf("(`MATRIX`=%d)",swa_matrix); + RDSqlQuery::apply(sql); rda->syslog(LOG_INFO, "connection to SoftwareAuthority device at %s:%d established", @@ -383,31 +380,30 @@ void SoftwareAuthority::DispatchCommand() if(f0.size()>=6) { name=f0[3]+"/"+f0[5]+": "+f0[2]; } - sql=QString("select NUMBER from OUTPUTS where ")+ - "(STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\")&&"+ - QString().sprintf("(MATRIX=%d)&&",swa_matrix)+ - QString().sprintf("(NUMBER=%d)",f0[0].toInt()); + sql=QString("select `NUMBER` from `OUTPUTS` where ")+ + "(`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"')&&"+ + QString().sprintf("(`MATRIX`=%d)&&",swa_matrix)+ + QString().sprintf("(`NUMBER`=%d)",f0[0].toInt()); q=new RDSqlQuery(sql); if(q->first()) { - sql=QString("update OUTPUTS set ")+ - "NAME=\""+RDEscapeString(name)+"\" where "+ - "(STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\")&&"+ - QString().sprintf("(MATRIX=%d)&&",swa_matrix)+ - QString().sprintf("(NUMBER=%d)",f0[0].toInt()); + sql=QString("update `OUTPUTS` set ")+ + "`NAME`='"+RDEscapeString(name)+"' where "+ + "(`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"')&&"+ + QString().sprintf("(`MATRIX`=%d)&&",swa_matrix)+ + QString().sprintf("(`NUMBER`=%d)",f0[0].toInt()); } else { - sql=QString("insert into OUTPUTS set ")+ - "NAME=\""+RDEscapeString(name)+"\","+ - "STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\","+ - QString().sprintf("MATRIX=%d,",swa_matrix)+ - QString().sprintf("NUMBER=%d",f0[0].toInt()); + sql=QString("insert into `OUTPUTS` set ")+ + "`NAME`='"+RDEscapeString(name)+"',"+ + "`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"',"+ + QString().sprintf("`MATRIX`=%d,",swa_matrix)+ + QString().sprintf("`NUMBER`=%d",f0[0].toInt()); } if(f0[0].toInt()>swa_outputs) { swa_outputs=f0[0].toInt(); } delete q; - q=new RDSqlQuery(sql); - delete q; + RDSqlQuery::apply(sql); break; } diff --git a/ripcd/switcher.cpp b/ripcd/switcher.cpp index a81f2cdd..4e9578d7 100644 --- a/ripcd/switcher.cpp +++ b/ripcd/switcher.cpp @@ -88,21 +88,20 @@ void Switcher::insertGpioEntry(bool is_gpo,int line) { QString sql; RDSqlQuery *q; - QString table="GPIS"; + QString table="`GPIS`"; if(is_gpo) { - table="GPOS"; + table="`GPOS`"; } - sql="select ID from "+table+" where (STATION_NAME=\""+ - RDEscapeString(stationName())+"\")&&"+ - QString().sprintf("(MATRIX=%u)&&(NUMBER=%d)",matrixNumber(),line); + sql="select `ID` from "+table+" where (`STATION_NAME`='"+ + RDEscapeString(stationName())+"')&&"+ + QString().sprintf("(`MATRIX`=%u)&&(`NUMBER`=%d)",matrixNumber(),line); q=new RDSqlQuery(sql); if(!q->first()) { - delete q; - sql="insert into "+table+" set STATION_NAME=\""+ - RDEscapeString(stationName())+"\","+ - QString().sprintf("MATRIX=%u,NUMBER=%d",matrixNumber(),line); - q=new RDSqlQuery(sql); + sql="insert into "+table+" set `STATION_NAME`='"+ + RDEscapeString(stationName())+"',"+ + QString().sprintf("`MATRIX`=%u,`NUMBER`=%d",matrixNumber(),line); + RDSqlQuery::apply(sql); } delete q; } diff --git a/ripcd/unity4000.cpp b/ripcd/unity4000.cpp index fb5fa9c6..a82b045d 100644 --- a/ripcd/unity4000.cpp +++ b/ripcd/unity4000.cpp @@ -41,13 +41,13 @@ Unity4000::Unity4000(RDMatrix *matrix,QObject *parent) // Load Feed Data // sql=QString("select ")+ - "NUMBER,"+ // 00 - "FEED_NAME,"+ // 01 - "CHANNEL_MODE "+ // 02 - "from INPUTS where "+ - "STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\" && "+ - QString().sprintf("MATRIX=%d ",matrix->matrix())+ - "order by NUMBER"; + "`NUMBER`,"+ // 00 + "`FEED_NAME`,"+ // 01 + "`CHANNEL_MODE` "+ // 02 + "from `INPUTS` where "+ + "`STATION_NAME`='"+RDEscapeString(rda->station()->name())+"' && "+ + QString().sprintf("`MATRIX`=%d ",matrix->matrix())+ + "order by `NUMBER`"; q=new RDSqlQuery(sql); q->first(); for(int i=0;istation())+"\")&&"+ - QString().sprintf("(MATRIX=%d) ",matrix->matrix())+ - "order by NUMBER"; + "`NUMBER`,"+ // 00 + "`ENGINE_NUM`,"+ // 01 + "`DEVICE_NUM` "+ // 02 + "from `INPUTS` where "+ + "(`STATION_NAME`='"+RDEscapeString(matrix->station())+"')&&"+ + QString().sprintf("(`MATRIX`=%d) ",matrix->matrix())+ + "order by `NUMBER`"; q=new RDSqlQuery(sql); n=1; while(q->next()) { @@ -95,13 +95,13 @@ VGuest::VGuest(RDMatrix *matrix,QObject *parent) // sql= QString("select ")+ - "NUMBER,"+ // 00 - "ENGINE_NUM,"+ // 01 - "DEVICE_NUM "+ // 02 - "from OUTPUTS where "+ - "(STATION_NAME=\""+RDEscapeString(matrix->station())+"\")&&"+ - QString().sprintf("(MATRIX=%d) ",matrix->matrix())+ - "order by NUMBER"; + "`NUMBER`,"+ // 00 + "`ENGINE_NUM`,"+ // 01 + "`DEVICE_NUM` "+ // 02 + "from `OUTPUTS` where "+ + "(`STATION_NAME`='"+RDEscapeString(matrix->station())+"')&&"+ + QString().sprintf("(`MATRIX`=%d) ",matrix->matrix())+ + "order by `NUMBER`"; q=new RDSqlQuery(sql); n=1; while(q->next()) { @@ -121,16 +121,16 @@ VGuest::VGuest(RDMatrix *matrix,QObject *parent) // sql= QString("select ")+ - "NUMBER,"+ // 00 - "ENGINE_NUM,"+ // 01 - "DEVICE_NUM,"+ // 02 - "SURFACE_NUM,"+ // 03 - "RELAY_NUM "+ // 04 - "from VGUEST_RESOURCES where "+ - "(STATION_NAME=\""+RDEscapeString(matrix->station())+"\")&&"+ - QString().sprintf("(MATRIX_NUM=%d)&&",matrix->matrix())+ - QString().sprintf("(VGUEST_TYPE=%d) ",RDMatrix::VguestTypeRelay)+ - "order by NUMBER"; + "`NUMBER`,"+ // 00 + "`ENGINE_NUM`,"+ // 01 + "`DEVICE_NUM`,"+ // 02 + "`SURFACE_NUM`,"+ // 03 + "`RELAY_NUM` "+ // 04 + "from `VGUEST_RESOURCES` where "+ + "(`STATION_NAME`='"+RDEscapeString(matrix->station())+"')&&"+ + QString().sprintf("(`MATRIX_NUM`=%d)&&",matrix->matrix())+ + QString().sprintf("(`VGUEST_TYPE`=%d) ",RDMatrix::VguestTypeRelay)+ + "order by `NUMBER`"; q=new RDSqlQuery(sql); n=1; while(q->next()) { @@ -153,15 +153,15 @@ VGuest::VGuest(RDMatrix *matrix,QObject *parent) // Load Engine Data - Displays // sql=QString("select ")+ - "NUMBER,"+ // 00 - "ENGINE_NUM,"+ // 01 - "DEVICE_NUM,"+ // 02 - "SURFACE_NUM "+ // 03 - "from VGUEST_RESOURCES where "+ - "(STATION_NAME=\""+RDEscapeString(matrix->station())+"\")&&"+ - QString().sprintf("(MATRIX_NUM=%d)&&",matrix->matrix())+ - QString().sprintf("(VGUEST_TYPE=%d) ",RDMatrix::VguestTypeDisplay)+ - "order by NUMBER"; + "`NUMBER`,"+ // 00 + "`ENGINE_NUM`,"+ // 01 + "`DEVICE_NUM`,"+ // 02 + "`SURFACE_NUM` "+ // 03 + "from `VGUEST_RESOURCES` where "+ + "(`STATION_NAME`='"+RDEscapeString(matrix->station())+"')&&"+ + QString().sprintf("(`MATRIX_NUM`=%d)&&",matrix->matrix())+ + QString().sprintf("(`VGUEST_TYPE`=%d) ",RDMatrix::VguestTypeDisplay)+ + "order by `NUMBER`"; q=new RDSqlQuery(sql); n=1; while(q->next()) { diff --git a/ripcd/wheatnet_lio.cpp b/ripcd/wheatnet_lio.cpp index ed8d9d0a..0c502200 100644 --- a/ripcd/wheatnet_lio.cpp +++ b/ripcd/wheatnet_lio.cpp @@ -247,33 +247,31 @@ void WheatnetLio::CheckLineEntry(int line) QString sql; RDSqlQuery *q; - sql=QString("select ID from GPIS where ")+ - "(STATION_NAME=\""+RDEscapeString(stationName())+"\")&&"+ - QString().sprintf("(MATRIX=%d)&&",matrixNumber())+ - QString().sprintf("(NUMBER=%d)",line); + sql=QString("select `ID` from `GPIS` where ")+ + "(`STATION_NAME`='"+RDEscapeString(stationName())+"')&&"+ + QString().sprintf("(`MATRIX`=%d)&&",matrixNumber())+ + QString().sprintf("(`NUMBER`=%d)",line); q=new RDSqlQuery(sql); if(!q->first()) { - delete q; - sql=QString("insert into GPIS set ")+ - "STATION_NAME=\""+RDEscapeString(stationName())+"\","+ - QString().sprintf("MATRIX=%d,",matrixNumber())+ - QString().sprintf("NUMBER=%d",line); - q=new RDSqlQuery(sql); + sql=QString("insert into `GPIS` set ")+ + "`STATION_NAME`='"+RDEscapeString(stationName())+"',"+ + QString().sprintf("`MATRIX`=%d,",matrixNumber())+ + QString().sprintf("`NUMBER`=%d",line); + RDSqlQuery::apply(sql); } delete q; - sql=QString("select ID from GPOS where ")+ - "(STATION_NAME=\""+RDEscapeString(stationName())+"\")&&"+ - QString().sprintf("(MATRIX=%d)&&",matrixNumber())+ - QString().sprintf("(NUMBER=%d)",line); + sql=QString("select `ID` from `GPOS` where ")+ + "(`STATION_NAME`='"+RDEscapeString(stationName())+"')&&"+ + QString().sprintf("(`MATRIX`=%d)&&",matrixNumber())+ + QString().sprintf("(`NUMBER`=%d)",line); q=new RDSqlQuery(sql); if(!q->first()) { - delete q; - sql=QString("insert into GPOS set ")+ - "STATION_NAME=\""+RDEscapeString(stationName())+"\","+ - QString().sprintf("MATRIX=%d,",matrixNumber())+ - QString().sprintf("NUMBER=%d",line); - q=new RDSqlQuery(sql); + sql=QString("insert into `GPOS` set ")+ + "`STATION_NAME`='"+RDEscapeString(stationName())+"',"+ + QString().sprintf("`MATRIX`=%d,",matrixNumber())+ + QString().sprintf("`NUMBER`=%d",line); + RDSqlQuery::apply(sql); } delete q; } @@ -283,7 +281,6 @@ void WheatnetLio::ProcessSys(const QString &cmd) { // printf("SYS: %s\n",(const char *)cmd); QString sql; - RDSqlQuery *q; bool ok=false; QStringList f0=cmd.split(":"); @@ -307,12 +304,11 @@ void WheatnetLio::ProcessSys(const QString &cmd) CheckLineEntry(i+1); SendCommand(QString().sprintf("",i)); } - sql=QString("update MATRICES set ")+ - QString().sprintf("GPIS=%d,GPOS=%d where ",lio_gpios,lio_gpios)+ - "(STATION_NAME=\""+RDEscapeString(stationName())+"\")&&"+ - QString().sprintf("(MATRIX=%d)",matrixNumber()); - q=new RDSqlQuery(sql); - delete q; + sql=QString("update `MATRICES` set ")+ + QString().sprintf("`GPIS`=%d,`GPOS`=%d where ",lio_gpios,lio_gpios)+ + "(`STATION_NAME`='"+RDEscapeString(stationName())+"')&&"+ + QString().sprintf("(`MATRIX`=%d)",matrixNumber()); + RDSqlQuery::apply(sql); lio_watchdog_timer->start(WHEATNET_LIO_WATCHDOG_INTERVAL); lio_poll_timer->start(WHEATNET_LIO_POLL_INTERVAL); } diff --git a/ripcd/wheatnet_slio.cpp b/ripcd/wheatnet_slio.cpp index 0b638a9d..1b06008e 100644 --- a/ripcd/wheatnet_slio.cpp +++ b/ripcd/wheatnet_slio.cpp @@ -245,33 +245,31 @@ void WheatnetSlio::CheckLineEntry(int line) QString sql; RDSqlQuery *q; - sql=QString("select ID from GPIS where ")+ - "(STATION_NAME=\""+RDEscapeString(stationName())+"\")&&"+ - QString().sprintf("(MATRIX=%d)&&",matrixNumber())+ - QString().sprintf("(NUMBER=%d)",line); + sql=QString("select `ID` from `GPIS` where ")+ + "(`STATION_NAME`='"+RDEscapeString(stationName())+"')&&"+ + QString().sprintf("(`MATRIX`=%d)&&",matrixNumber())+ + QString().sprintf("(`NUMBER`=%d)",line); q=new RDSqlQuery(sql); if(!q->first()) { - delete q; - sql=QString("insert into GPIS set ")+ - "STATION_NAME=\""+RDEscapeString(stationName())+"\","+ - QString().sprintf("MATRIX=%d,",matrixNumber())+ - QString().sprintf("NUMBER=%d",line); - q=new RDSqlQuery(sql); + sql=QString("insert into `GPIS` set ")+ + "`STATION_NAME`='"+RDEscapeString(stationName())+"',"+ + QString().sprintf("`MATRIX`=%d,",matrixNumber())+ + QString().sprintf("`NUMBER`=%d",line); + RDSqlQuery::apply(sql); } delete q; - sql=QString("select ID from GPOS where ")+ - "(STATION_NAME=\""+RDEscapeString(stationName())+"\")&&"+ - QString().sprintf("(MATRIX=%d)&&",matrixNumber())+ - QString().sprintf("(NUMBER=%d)",line); + sql=QString("select `ID` from `GPOS` where ")+ + "(`STATION_NAME`='"+RDEscapeString(stationName())+"')&&"+ + QString().sprintf("(`MATRIX`=%d)&&",matrixNumber())+ + QString().sprintf("(`NUMBER`=%d)",line); q=new RDSqlQuery(sql); if(!q->first()) { - delete q; - sql=QString("insert into GPOS set ")+ - "STATION_NAME=\""+RDEscapeString(stationName())+"\","+ - QString().sprintf("MATRIX=%d,",matrixNumber())+ - QString().sprintf("NUMBER=%d",line); - q=new RDSqlQuery(sql); + sql=QString("insert into `GPOS` set ")+ + "`STATION_NAME`='"+RDEscapeString(stationName())+"',"+ + QString().sprintf("`MATRIX`=%d,",matrixNumber())+ + QString().sprintf("`NUMBER`=%d",line); + RDSqlQuery::apply(sql); } delete q; } @@ -281,7 +279,6 @@ void WheatnetSlio::ProcessSys(const QString &cmd) { // printf("SYS: %s\n",(const char *)cmd); QString sql; - RDSqlQuery *q; bool ok=false; QStringList f0=cmd.split(":"); @@ -305,12 +302,11 @@ void WheatnetSlio::ProcessSys(const QString &cmd) CheckLineEntry(i+1); SendCommand(QString().sprintf("",i+1)); } - sql=QString("update MATRICES set ")+ - QString().sprintf("GPIS=%d,GPOS=%d where ",slio_gpios,slio_gpios)+ - "(STATION_NAME=\""+RDEscapeString(stationName())+"\")&&"+ - QString().sprintf("(MATRIX=%d)",matrixNumber()); - q=new RDSqlQuery(sql); - delete q; + sql=QString("update `MATRICES` set ")+ + QString().sprintf("`GPIS`=%d,`GPOS`=%d where ",slio_gpios,slio_gpios)+ + "(`STATION_NAME`='"+RDEscapeString(stationName())+"')&&"+ + QString().sprintf("(`MATRIX`=%d)",matrixNumber()); + RDSqlQuery::apply(sql); slio_watchdog_timer->start(WHEATNET_SLIO_WATCHDOG_INTERVAL); slio_poll_timer->start(WHEATNET_SLIO_POLL_INTERVAL); }