diff --git a/ChangeLog b/ChangeLog index a76066fe..1969cada 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17127,3 +17127,6 @@ * Cleaned up SQL quieries in 'rdadmin/' ensure UTF-8 compatibility. 2018-07-16 Fred Gleason * Cleaned up SQL quieries in 'rdairplay/' ensure UTF-8 compatibility. +2018-07-16 Fred Gleason + * Cleaned up SQL quieries in 'rdcastmanager/' ensure UTF-8 + compatibility. diff --git a/rdcastmanager/edit_cast.cpp b/rdcastmanager/edit_cast.cpp index 74d957eb..5694d49d 100644 --- a/rdcastmanager/edit_cast.cpp +++ b/rdcastmanager/edit_cast.cpp @@ -184,9 +184,12 @@ EditCast::EditCast(unsigned cast_id,QWidget *parent) QString keyname=cast_cast->keyName(); keyname.replace(" ","_"); QLabel *label; - sql=QString().sprintf("select VAR_NAME,CAPTION from AUX_METADATA \ - where FEED_ID=%u order by VAR_NAME", - cast_cast->feedId()); + sql=QString("select ")+ + "VAR_NAME,"+ + "CAPTION "+ + "from AUX_METADATA where "+ + QString().sprintf("FEED_ID=%u ",cast_cast->feedId())+ + "order by VAR_NAME"; q=new RDSqlQuery(sql); while(q->next()) { cast_aux_varnames.push_back(q->value(0).toString(). @@ -195,9 +198,9 @@ EditCast::EditCast(unsigned cast_id,QWidget *parent) cast_aux_edits.back()-> setGeometry(115,cast_ypos,sizeHint().width()-125,20); cast_aux_edits.back()->setMaxLength(255); - sql=QString().sprintf("select %s from %s_FIELDS where CAST_ID=%u", - (const char *)cast_aux_varnames.back(), - (const char *)keyname,cast_cast->id()); + sql=QString("select ")+ + cast_aux_varnames.back()+" from `"+keyname+"_FIELDS where "+ + QString().sprintf("CAST_ID=%u",cast_cast->id()); q1=new RDSqlQuery(sql); if(q1->first()) { cast_aux_edits.back()->setText(q1->value(0).toString()); @@ -501,13 +504,10 @@ void EditCast::okData() QString keyname=cast_cast->keyName(); keyname.replace(" ","_"); for(unsigned i=0;i - text()), - cast_cast->id()); + sql=QString("update `")+keyname+"_FIELDS` set "+ + cast_aux_varnames[i]+ + "=\"RDEscapeString(cast_aux_edits[i]->text()\" where "+ + QString().sprintf("CAST_ID=%u",cast_cast->id()); q=new RDSqlQuery(sql); delete q; } diff --git a/rdcastmanager/list_casts.cpp b/rdcastmanager/list_casts.cpp index 7ea00ad6..c90777e0 100644 --- a/rdcastmanager/list_casts.cpp +++ b/rdcastmanager/list_casts.cpp @@ -450,11 +450,11 @@ void ListCasts::RefreshList() RDListViewItem *item; list_casts_view->clear(); - sql=QString().sprintf("select ID from PODCASTS %s \ - order by ORIGIN_DATETIME", - (const char *)RDCastSearch(list_feed_id,list_filter_edit->text(), - list_unexpired_check->isChecked(), - list_active_check->isChecked())); + sql=QString("select ID from PODCASTS ")+ + RDCastSearch(list_feed_id,list_filter_edit->text(), + list_unexpired_check->isChecked(), + list_active_check->isChecked())+ + " order by ORIGIN_DATETIME"; q=new RDSqlQuery(sql); while (q->next()) { item=new RDListViewItem(list_casts_view); @@ -523,10 +523,9 @@ void ListCasts::GetEncoderId() sql=QString().sprintf("select NAME from ENCODERS where ID=%d",format); q=new RDSqlQuery(sql); if(q->first()) { - sql=QString().sprintf("select ID from ENCODERS \ - where (NAME=\"%s\")&&(STATION_NAME=\"%s\")", - (const char *)RDEscapeString(q->value(0).toString()), - (const char *)RDEscapeString(rda->station()->name())); + sql=QString("select ID from ENCODERS where ")+ + "(NAME=\""+RDEscapeString(q->value(0).toString())+"\")&&"+ + "(STATION_NAME=\""+RDEscapeString(rda->station()->name())+"\")"; delete q; q=new RDSqlQuery(sql); if(q->first()) { diff --git a/rdcastmanager/pick_report_dates.cpp b/rdcastmanager/pick_report_dates.cpp index 10a2f409..e789d8ba 100644 --- a/rdcastmanager/pick_report_dates.cpp +++ b/rdcastmanager/pick_report_dates.cpp @@ -2,7 +2,7 @@ // // Select a Set of Dates for a Rivendell Report // -// (C) Copyright 2002-2006,2016-2017 Fred Gleason +// (C) Copyright 2002-2006,2016-2018 Fred Gleason // // This program is free software; you can redistribute it and/or modify // it under the terms of the GNU General Public License version 2 as @@ -27,6 +27,7 @@ #include #include #include +#include #include #include #include @@ -216,14 +217,16 @@ void PickReportDates::GenerateSubscriptionReport(const QString &keyname, // QString keyname_esc=keyname; keyname_esc.replace(" ","_"); - sql=QString().sprintf("select ACCESS_DATE,ACCESS_COUNT,CAST_ID from %s_FLG \ - where (ACCESS_DATE>=\"%s\")&&(ACCESS_DATE<=\"%s\") \ - order by ACCESS_DATE,CAST_ID desc", - (const char *)keyname_esc, - (const char *)edit_startdate_edit->date(). - toString("yyyy-MM-dd"), - (const char *)edit_enddate_edit->date(). - toString("yyyy-MM-dd")); + sql=QString("select ")+ + "ACCESS_DATE,"+ // 00 + "ACCESS_COUNT,"+ // 01 + "CAST_ID "+ // 02 + "from "+keyname_esc+"_FLG where "+ + "(ACCESS_DATE>=\""+RDEscapeString(edit_startdate_edit->date(). + toString("yyyy-MM-dd"))+"\")&&"+ + "(ACCESS_DATE<=\""+RDEscapeString(edit_enddate_edit->date(). + toString("yyyy-MM-dd"))+"\") "+ + "order by ACCESS_DATE,CAST_ID desc"; q=new RDSqlQuery(sql); while(q->next()) { if(q->value(2).toUInt()==0) { @@ -287,15 +290,16 @@ void PickReportDates::GenerateEpisodeReport(const QString &keyname, unsigned total=0; QString keyname_esc=keyname; keyname_esc.replace(" ","_"); - sql=QString().sprintf("select ACCESS_DATE,ACCESS_COUNT from %s_FLG \ - where (ACCESS_DATE>=\"%s\")&&(ACCESS_DATE<=\"%s\")&& \ - (CAST_ID=%u) order by ACCESS_DATE", - (const char *)keyname_esc, - (const char *)edit_startdate_edit->date(). - toString("yyyy-MM-dd"), - (const char *)edit_enddate_edit->date(). - toString("yyyy-MM-dd"), - cast_id); + sql=QString("select ")+ + "ACCESS_DATE,"+ + "ACCESS_COUNT "+ + "from "+keyname_esc+"_FLG where "+ + "(ACCESS_DATE>=\""+RDEscapeString(edit_startdate_edit->date(). + toString("yyyy-MM-dd"))+"\")&&"+ + "(ACCESS_DATE<=\""+RDEscapeString(edit_enddate_edit->date(). + toString("yyyy-MM-dd"))+"\")&&"+ + QString().sprintf("(CAST_ID=%u) ",cast_id)+ + "order by ACCESS_DATE"; q=new RDSqlQuery(sql); while(q->next()) { *rpt+=QString().sprintf(" %s %9u\n", diff --git a/rdcastmanager/rdcastmanager.cpp b/rdcastmanager/rdcastmanager.cpp index 899c7660..92271085 100644 --- a/rdcastmanager/rdcastmanager.cpp +++ b/rdcastmanager/rdcastmanager.cpp @@ -243,9 +243,12 @@ void MainWidget::RefreshItem(RDListViewItem *item) int active=0; int total=0; - sql=QString().sprintf("select CHANNEL_TITLE,CHANNEL_DESCRIPTION,ID \ - from FEEDS where KEY_NAME=\"%s\"", - (const char *)item->text(1)); + sql=QString("select ")+ + "CHANNEL_TITLE,"+ // 00 + "CHANNEL_DESCRIPTION,"+ // 01 + "ID "+ // 02 + "from FEEDS where "+ + "KEY_NAME=\""+RDEscapeString(item->text(1))+"\""; q=new RDSqlQuery(sql); while(q->next()) { sql=QString().sprintf("select STATUS from PODCASTS where FEED_ID=%u", @@ -298,8 +301,7 @@ void MainWidget::RefreshList() } sql="select ID,KEY_NAME from FEEDS where "; while(q->next()) { - sql+=QString().sprintf("(KEY_NAME=\"%s\")||", - (const char *)q->value(0).toString()); + sql+=QString("(KEY_NAME=\"")+RDEscapeString(q->value(0).toString())+"\")||"; } delete q; sql=sql.left(sql.length()-2); @@ -333,9 +335,7 @@ int main(int argc,char *argv[]) #ifdef WIN32 QSettings settings; settings.insertSearchPath(QSettings::Windows,"/SalemRadioLabs"); - tr_path=QString().sprintf("%s\\", - (const char *)settings. - readEntry("/Rivendell/InstallDir")); + tr_path=settings.readEntry("/Rivendell/InstallDir")+"\""; qt_path=tr_path; #else tr_path=QString(PREFIX)+QString("/share/rivendell/");