Autres/Rivendellaudio
1
0
Fork 0
mirror of https://github.com/ElvishArtisan/rivendell.git synced 2025-07-04 14:39:09 +02:00
Code Issues Projects Releases Wiki Activity

2021-04-20 Fred Gleason <fredg@paravelsystems.com>

Browse Source 
* Escaped all SQL identifiers in 'utils/rddbconfig/'.
	* Replaced " with ' delimiters in all SQL literal strings in
	'utils/rddbconfig/'.

Signed-off-by: Fred Gleason <fredg@paravelsystems.com>
This commit is contained in:
Fred Gleason 2021-04-20 11:44:46 -04:00
parent cf29c18364
commit c2fcc23cfd
3 changed files with 21 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@ -21555,3 +21555,7 @@
* Escaped all SQL identifiers in 'utils/rdclilogedit/'. * Escaped all SQL identifiers in 'utils/rdclilogedit/'.
* Replaced " with ' delimiters in all SQL literal strings in * Replaced " with ' delimiters in all SQL literal strings in
'utils/rdclilogedit/'. 'utils/rdclilogedit/'.
2021-04-20 Fred Gleason <fredg@paravelsystems.com>
* Escaped all SQL identifiers in 'utils/rddbconfig/'.
* Replaced " with ' delimiters in all SQL literal strings in
'utils/rddbconfig/'.

20
utils/rddbconfig/createdb.cpp
View File

@ -94,7 +94,7 @@ bool CreateDb::create(QWidget *parent,QString *err_str,RDConfig *rd_config)
q=new QSqlQuery(sql,db); q=new QSqlQuery(sql,db);
delete q; delete q;
sql=QString().sprintf("create user '%s'@'%%' identified by \"%s\"", sql=QString().sprintf("create user '%s'@'%%' identified by '%s'",
rd_config->mysqlUsername().toUtf8().constData(), rd_config->mysqlUsername().toUtf8().constData(),
rd_config->mysqlPassword().toUtf8().constData()); rd_config->mysqlPassword().toUtf8().constData());
q=new QSqlQuery(sql,db); q=new QSqlQuery(sql,db);
@ -105,7 +105,7 @@ bool CreateDb::create(QWidget *parent,QString *err_str,RDConfig *rd_config)
} }
delete q; delete q;
sql=QString().sprintf("create user '%s'@'localhost' identified by \"%s\"", sql=QString().sprintf("create user '%s'@'localhost' identified by '%s'",
rd_config->mysqlUsername().toUtf8().constData(), rd_config->mysqlUsername().toUtf8().constData(),
rd_config->mysqlPassword().toUtf8().constData()); rd_config->mysqlPassword().toUtf8().constData());
q=new QSqlQuery(sql,db); q=new QSqlQuery(sql,db);
@ -116,10 +116,22 @@ bool CreateDb::create(QWidget *parent,QString *err_str,RDConfig *rd_config)
} }
delete q; delete q;
sql=QString().sprintf("grant SELECT, INSERT, UPDATE, DELETE, CREATE, DROP,\ sql=QString("grant ")+
INDEX, ALTER, LOCK TABLES on %s.* to %s", "SELECT,"+
"INSERT,"+
"UPDATE,"+
"DELETE,"+
"CREATE,"+
"DROP,"+
"INDEX,"+
"ALTER,"+
"LOCK TABLES "+
"on `"+db_name+"` to `"+rd_config->mysqlUsername()+"`";
/*
"on %s.* to %s",
db_name.toUtf8().constData(), db_name.toUtf8().constData(),
rd_config->mysqlUsername().toUtf8().constData()); rd_config->mysqlUsername().toUtf8().constData());
*/
q=new QSqlQuery(sql,db); q=new QSqlQuery(sql,db);
if (!q->isActive()) { if (!q->isActive()) {
*err_str+=QString().sprintf("Could not set permissions: %s", *err_str+=QString().sprintf("Could not set permissions: %s",

2
utils/rddbconfig/db.cpp
View File

@ -45,7 +45,7 @@ Db::Db(QString *err_str,RDConfig *config)
return; return;
} }
q=new QSqlQuery("select DB from VERSION",db); q=new QSqlQuery("select `DB` from `VERSION`",db);
if(q->first()) { if(q->first()) {
db_schema=q->value(0).toUInt(); db_schema=q->value(0).toUInt();
} }