Autres/Rivendellaudio
1
0
Fork 0
mirror of https://github.com/ElvishArtisan/rivendell.git synced 2025-10-10 16:43:35 +02:00
Code Issues Projects Releases Wiki Activity

2021-04-19 Fred Gleason <fredg@paravelsystems.com>

Browse Source 
* Escaped all SQL identifiers in 'rdcartslots/'.
	* Replaced " with ' delimiters in all SQL literal strings in
	'rdcartslots/'.

Signed-off-by: Fred Gleason <fredg@paravelsystems.com>
This commit is contained in:
Fred Gleason
2021-04-19 18:47:49 -04:00
parent 3e0c293c09
commit c53d4c9858
2 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@@ -21487,3 +21487,7 @@
* Escaped all SQL identifiers in 'rdairplay/'.
* Replaced " with ' delimiters in all SQL literal strings in
'rdairplay/'.
2021-04-19 Fred Gleason <fredg@paravelsystems.com>
* Escaped all SQL identifiers in 'rdcartslots/'.
* Replaced " with ' delimiters in all SQL literal strings in
'rdcartslots/'.

4
rdcartslots/rdcartslots.cpp
View File

@@ -141,8 +141,8 @@ void MainWidget::caeConnectedData(bool state)
{
QList<int> cards;
QString sql=QString("select CARD from CARTSLOTS where ")+
"STATION_NAME=\""+RDEscapeString(rda->config()->stationName())+"\"";
QString sql=QString("select `CARD` from `CARTSLOTS` where ")+
"`STATION_NAME`='"+RDEscapeString(rda->config()->stationName())+"'";
RDSqlQuery *q=new RDSqlQuery(sql);
while(q->next()) {
cards.push_back(q->value(0).toInt());