* Fix a bug with not escaped characters
* Use GetLastRowId instead of doing another SQL request * Handle request failling * Fix a bug, wxGridCellFastBoolEditor crashes when deleted
This commit is contained in:
@@ -35,6 +35,8 @@
|
||||
} \
|
||||
catch (wxSQLite3Exception e) \
|
||||
{ \
|
||||
wxMessageBox(_("Update failed !\n") + req, _("Error"), wxICON_ERROR | wxOK); \
|
||||
std::cerr << __FUNCTION__ << "\n" ; \
|
||||
std::cerr << req.mb_str() << "\n" ; \
|
||||
std::cerr << e.GetMessage().mb_str() << "\n" ; \
|
||||
code_if_fail; \
|
||||
@@ -50,6 +52,8 @@
|
||||
} \
|
||||
catch (wxSQLite3Exception e) \
|
||||
{ \
|
||||
wxMessageBox(_("Query failed !\n") + req, _("Error"), wxICON_ERROR | wxOK); \
|
||||
std::cerr << __FUNCTION__ << "\n" ; \
|
||||
std::cerr << req.mb_str() << "\n" ; \
|
||||
std::cerr << e.GetMessage().mb_str() << "\n" ; \
|
||||
code_if_fail; \
|
||||
@@ -61,6 +65,13 @@
|
||||
|
||||
#define EXECUTE_SQL_UPDATE(req, return_value) EXECUTE_SQL_UPDATE_WITH_CODE(req, return_value, {}, {})
|
||||
|
||||
#define ESCAPE_CHARS(s) { \
|
||||
if (s.Find(wxT("\\\"")) == wxNOT_FOUND) \
|
||||
s.Replace(wxT("\""), wxT("\\\""), true); \
|
||||
if (s.Find(wxT("\\\'")) == wxNOT_FOUND) \
|
||||
s.Replace(wxT("\'"), wxT("\\\'"), true); \
|
||||
}
|
||||
|
||||
static inline wxString DoubleToString(double d)
|
||||
{
|
||||
wxString res;
|
||||
@@ -441,7 +452,7 @@ void Database::LinkOrUnlinkOperation(Operation& op)
|
||||
EXECUTE_SQL_UPDATE(req, );
|
||||
}
|
||||
|
||||
req = wxT("SELECT id FROM operation WHERE description='") + op.description + wxT("'");
|
||||
req = wxT("SELECT id FROM operation WHERE description=\"") + op.description + wxT("\"");
|
||||
req += wxT(" AND month='") + wxString::Format(wxT("%d"), op.month) + wxT("'");
|
||||
req += wxT(" AND year='") + wxString::Format(wxT("%d"), op.year) + wxT("'");
|
||||
req += wxT(" AND amount='") + DoubleToString(-op.amount) + wxT("'");
|
||||
@@ -471,6 +482,8 @@ void Database::UpdateOperation(Operation& op)
|
||||
|
||||
LinkOrUnlinkOperation(op);
|
||||
|
||||
ESCAPE_CHARS(op.description);
|
||||
|
||||
req = wxT("UPDATE operation SET ") ;
|
||||
req += wxT("parent='") + op.parent + wxT("'");
|
||||
req += wxT(", account='") + op.account + wxT("'");
|
||||
@@ -498,6 +511,8 @@ wxString Database::AddOperation(User* user, Operation& op)
|
||||
wxString req, res;
|
||||
wxSQLite3ResultSet set;
|
||||
|
||||
ESCAPE_CHARS(op.description);
|
||||
|
||||
req = wxT("INSERT INTO operation ('user', 'parent', 'account', 'year', 'month', 'day', 'amount', 'description', 'category', 'fix_cost', 'formula', 'transfert') VALUES ('") ;
|
||||
req += user->_id + wxT("'");
|
||||
req += wxT(", '") + op.parent + wxT("'");
|
||||
@@ -518,32 +533,7 @@ wxString Database::AddOperation(User* user, Operation& op)
|
||||
|
||||
EXECUTE_SQL_UPDATE(req, wxT("0"));
|
||||
|
||||
req = wxT("SELECT id FROM operation WHERE ");
|
||||
req += wxT("user='") + user->_id + wxT("'");
|
||||
req += wxT(" AND parent='") + op.parent + wxT("'");
|
||||
req += wxT(" AND account='") + op.account + wxT("'");
|
||||
req += wxT(" AND year='") + wxString::Format(wxT("%d"), op.year) + wxT("'");
|
||||
req += wxT(" AND month='") + wxString::Format(wxT("%d"), op.month) + wxT("'");
|
||||
req += wxT(" AND day='") + wxString::Format(wxT("%d"), op.day) + wxT("'");
|
||||
req += wxT(" AND amount='") + DoubleToString(op.amount) + wxT("'");
|
||||
req += wxT(" AND description=\"") + op.description + wxT("\"");
|
||||
req += wxT(" AND category='") + op.category + wxT("'");
|
||||
if (op.fix_cost)
|
||||
req += wxT(" AND fix_cost='1'") ;
|
||||
else
|
||||
req += wxT(" AND fix_cost='0'") ;
|
||||
req += wxT(" AND formula='") + op.formula + wxT("'");
|
||||
req += wxT(" AND transfert='") + op.transfert + wxT("'");
|
||||
req += wxT("ORDER BY id DESC") ;
|
||||
|
||||
EXECUTE_SQL_QUERY(req , set, wxT("0"));
|
||||
|
||||
if (set.NextRow())
|
||||
res = set.GetAsString(wxT("id"));
|
||||
else
|
||||
res = wxT("0");
|
||||
|
||||
set.Finalize();
|
||||
res = _db.GetLastRowId().ToString();
|
||||
|
||||
op.id = res;
|
||||
|
||||
@@ -630,8 +620,7 @@ void Database::SetAccountAmount(int month, int year, const wxString& accountId,
|
||||
|
||||
wxString Database::AddAccount(User* user, Account& ac)
|
||||
{
|
||||
wxString req, res;
|
||||
wxSQLite3ResultSet set;
|
||||
wxString req;
|
||||
|
||||
req = wxT("INSERT INTO account ('user', 'name', 'number', 'shared', 'default_account') VALUES ('") ;
|
||||
req += user->_id + wxT("'");
|
||||
@@ -649,19 +638,7 @@ wxString Database::AddAccount(User* user, Account& ac)
|
||||
|
||||
EXECUTE_SQL_UPDATE(req, wxT("0"));
|
||||
|
||||
req = wxT("SELECT id FROM account WHERE name='") + ac.name + wxT("'") ;
|
||||
req += wxT("AND user='") + user->_id + wxT("'");
|
||||
|
||||
EXECUTE_SQL_QUERY(req , set, wxT("0"));
|
||||
|
||||
if (set.NextRow())
|
||||
res = set.GetAsString(wxT("id"));
|
||||
else
|
||||
res = wxT("0");
|
||||
|
||||
set.Finalize();
|
||||
|
||||
return res;
|
||||
return _db.GetLastRowId().ToString();
|
||||
}
|
||||
|
||||
void Database::UpdateAccount(Account& ac)
|
||||
@@ -693,8 +670,7 @@ void Database::DeleteAccount(Account& ac)
|
||||
|
||||
wxString Database::AddCategory(User* user, Category& category)
|
||||
{
|
||||
wxString req, res;
|
||||
wxSQLite3ResultSet set;
|
||||
wxString req;
|
||||
wxString color;
|
||||
|
||||
color = wxT("#") ;
|
||||
@@ -712,19 +688,7 @@ wxString Database::AddCategory(User* user, Category& category)
|
||||
|
||||
EXECUTE_SQL_UPDATE(req, wxT("0"));
|
||||
|
||||
req = wxT("SELECT id FROM preference WHERE user='") + user->_id + wxT("'") ;
|
||||
req += wxT(" AND name='") + category.name + wxT("'");
|
||||
|
||||
EXECUTE_SQL_QUERY(req , set, wxT("0"));
|
||||
|
||||
if (set.NextRow())
|
||||
res = set.GetAsString(wxT("id"));
|
||||
else
|
||||
res = wxT("0");
|
||||
|
||||
set.Finalize();
|
||||
|
||||
return res;
|
||||
return _db.GetLastRowId().ToString();
|
||||
}
|
||||
|
||||
void Database::UpdateCategory(Category& category)
|
||||
@@ -937,8 +901,7 @@ void Database::ChangeName(User* user, const wxString& name)
|
||||
|
||||
void Database::NewUser(const wxString& name)
|
||||
{
|
||||
wxString req, id;
|
||||
wxSQLite3ResultSet set;
|
||||
wxString req;
|
||||
|
||||
req = wxT("INSERT INTO user ('name', 'password') VALUES ('") ;
|
||||
req += name + wxT("'");
|
||||
@@ -946,18 +909,6 @@ void Database::NewUser(const wxString& name)
|
||||
req += wxT(")");
|
||||
|
||||
EXECUTE_SQL_UPDATE(req, );
|
||||
|
||||
req = wxT("SELECT id FROM user WHERE ");
|
||||
req += wxT("name='") + name + wxT("'");
|
||||
|
||||
EXECUTE_SQL_QUERY(req , set, );
|
||||
|
||||
set.NextRow();
|
||||
id = set.GetAsString(wxT("id"));
|
||||
|
||||
set.Finalize();
|
||||
|
||||
return ;
|
||||
}
|
||||
|
||||
/*
|
||||
@@ -1050,6 +1001,7 @@ std::vector<Operation>* Database::Search(User* user, wxString* description, wxDa
|
||||
|
||||
wxString dayFrom, monthFrom, yearFrom;
|
||||
wxString dayTo, monthTo, yearTo;
|
||||
wxString desc;
|
||||
|
||||
if (dateFrom)
|
||||
{
|
||||
@@ -1069,10 +1021,14 @@ std::vector<Operation>* Database::Search(User* user, wxString* description, wxDa
|
||||
|
||||
if (description)
|
||||
{
|
||||
desc = *description;
|
||||
|
||||
ESCAPE_CHARS(desc);
|
||||
|
||||
if (wildcards)
|
||||
req += wxT("description LIKE '%") + *description + wxT("%'");
|
||||
req += wxT("description LIKE '%") + desc + wxT("%'");
|
||||
else
|
||||
req += wxT("description='") + *description + wxT("'");
|
||||
req += wxT("description=\"") + desc + wxT("\"");
|
||||
firstCond = true;
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user