Autres/Rivendellaudio
1
0
Fork 0
mirror of https://github.com/ElvishArtisan/rivendell.git synced 2025-10-10 16:43:35 +02:00
Code Issues Projects Releases Wiki Activity

2021-04-20 Fred Gleason <fredg@paravelsystems.com>

Browse Source 
* Escaped all SQL identifiers in 'utils/rdclilogedit/'.
	* Replaced " with ' delimiters in all SQL literal strings in
	'utils/rdclilogedit/'.

Signed-off-by: Fred Gleason <fredg@paravelsystems.com>
This commit is contained in:
Fred Gleason
2021-04-20 11:27:56 -04:00
parent 19043fea39
commit cf29c18364
2 changed files with 24 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
ChangeLog
View File

@@ -21551,3 +21551,7 @@
* Escaped all SQL identifiers in 'utils/rdcheckcuts/'.
* Replaced " with ' delimiters in all SQL literal strings in
'utils/rdcheckcuts/'.
2021-04-20 Fred Gleason <fredg@paravelsystems.com>
* Escaped all SQL identifiers in 'utils/rdclilogedit/'.
* Replaced " with ' delimiters in all SQL literal strings in
'utils/rdclilogedit/'.

40
utils/rdclilogedit/operations.cpp
View File

@@ -98,8 +98,8 @@ void MainObject::Deletelog(QString logname)
// FIXME: This should really be handled by use of collations in the
// where clause.
//
sql=QString("select NAME from LOGS where ")+
"NAME=\""+RDEscapeString(logname)+"\"";
sql=QString("select `NAME` from `LOGS` where ")+
"`NAME`='"+RDEscapeString(logname)+"'";
q=new RDSqlQuery(sql);
if(q->first()) {
logname=q->value(0).toString();
@@ -183,7 +183,7 @@ void MainObject::ListLogs() const
QString sql;
RDSqlQuery *q;
sql=QString("select NAME from LOGS order by NAME");
sql=QString("select `NAME` from `LOGS` order by `NAME`");
q=new RDSqlQuery(sql);
while(q->next()) {
printf("%s\n",q->value(0).toString().toUtf8().constData());
@@ -197,7 +197,7 @@ void MainObject::Listservices() const
QString sql;
RDSqlQuery *q;
sql=QString("select NAME from SERVICES order by NAME");
sql=QString("select `NAME` from `SERVICES` order by `NAME`");
q=new RDSqlQuery(sql);
while(q->next()) {
printf("%s\n",q->value(0).toString().toUtf8().constData());
@@ -230,8 +230,8 @@ void MainObject::Load(QString logname)
// FIXME: This should really be handled by use of collations in the
// where clause.
//
sql=QString("select NAME from LOGS where ")+
"NAME=\""+RDEscapeString(logname)+"\"";
sql=QString("select `NAME` from `LOGS` where ")+
"NAME='"+RDEscapeString(logname)+"'";
q=new RDSqlQuery(sql);
if(q->first()) {
logname=q->value(0).toString();
@@ -364,7 +364,7 @@ void MainObject::New(const QString &logname)
if(!edit_log->exists()) {
edit_log_model=new RDLogModel(logname,false,this);
edit_description=logname+" log";
sql=QString("select NAME from SERVICES");
sql=QString("select `NAME` from `SERVICES`");
q=new RDSqlQuery(sql);
if(q->first()) {
edit_service=q->value(0).toString();
@@ -419,19 +419,19 @@ void MainObject::Saveas(const QString &logname)
RDLog *log=new RDLog(logname);
if(!log->exists()) {
sql=QString("insert into LOGS set ")+
"NAME=\""+RDEscapeString(logname)+"\","+
"TYPE=0,"+
"DESCRIPTION=\""+RDEscapeString(edit_description)+"\","+
"ORIGIN_USER=\""+RDEscapeString(rda->user()->name())+"\","+
"ORIGIN_DATETIME=now(),"+
"LINK_DATETIME=now(),"+
"MODIFIED_DATETIME=now(),"+
"START_DATE="+RDCheckDateTime(edit_start_date,"yyyy-MM-dd")+","+
"END_DATE="+RDCheckDateTime(edit_end_date,"yyyy-MM-dd")+","+
"PURGE_DATE="+RDCheckDateTime(edit_purge_date,"yyyy-MM-dd")+","+
"AUTO_REFRESH=\""+RDYesNo(edit_auto_refresh)+"\","+
"SERVICE=\""+RDEscapeString(edit_service)+"\"";
sql=QString("insert into `LOGS` set ")+
"`NAME='"+RDEscapeString(logname)+"',"+
"`TYPE=0,"+
"`DESCRIPTION`='"+RDEscapeString(edit_description)+"',"+
"`ORIGIN_USER`='"+RDEscapeString(rda->user()->name())+"',"+
"`ORIGIN_DATETIME`=now(),"+
"`LINK_DATETIME`=now(),"+
"`MODIFIED_DATETIME`=now(),"+
"`START_DATE`="+RDCheckDateTime(edit_start_date,"yyyy-MM-dd")+","+
"`END_DATE`="+RDCheckDateTime(edit_end_date,"yyyy-MM-dd")+","+
"`PURGE_DATE`="+RDCheckDateTime(edit_purge_date,"yyyy-MM-dd")+","+
"`AUTO_REFRESH`='"+RDYesNo(edit_auto_refresh)+"',"+
"`SERVICE`='"+RDEscapeString(edit_service)+"'";
q=new RDSqlQuery(sql);
delete q;
edit_log_model->setLogName(logname);