soutade/KissCount
1
0
Fork 0
Code Issues Pull Requests Packages Releases 1 Wiki Activity

Use prepared query for value replacement allowing to use non escaped characters

Browse Source
This commit is contained in:
Grégory Soutadé
2016-10-08 20:05:01 +02:00
parent 992516d972
commit fe35930273
4 changed files with 146 additions and 45 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
src/model/Database.hpp
View File

@@ -1,5 +1,5 @@
/*
Copyright 2010-2012 Grégory Soutadé
Copyright 2010-2016 Grégory Soutadé
This file is part of KissCount.
@@ -64,6 +64,22 @@
_db.commit(); \
} while(0);
#define EXECUTE_PREPARED_SQL_UPDATE_WITH_CODE(return_value, code_if_fail, code_if_syntax_fail) \
do { \
_db.transaction(); \
if (!query.exec()) \
{ \
QMessageBox::critical(0, _("Error"), _("Update failed !\n")); \
std::cerr << __FUNCTION__ << " " << __FILE__ << " " << __LINE__ << "\n" ; \
std::cerr << query.lastQuery().toStdString() << "\n" ; \
std::cerr << query.lastError().text().toStdString() << "\n" ; \
_db.rollback(); \
code_if_fail; \
return return_value; \
} \
_db.commit(); \
} while(0);
#define EXECUTE_SQL_QUERY_WITH_CODE(req, return_value, code_if_fail, code_if_syntax_fail) \
do { \
if (!query.exec(req)) \
@@ -77,10 +93,27 @@
} \
} while(0);
#define EXECUTE_PREPARED_SQL_QUERY_WITH_CODE(return_value, code_if_fail, code_if_syntax_fail) \
do { \
if (!query.exec()) \
{ \
QMessageBox::critical(0, _("Error"), _("Query failed !\n")); \
std::cerr << __FUNCTION__ << "\n" ; \
std::cerr << query.lastQuery().toStdString() << "\n" ; \
std::cerr << query.lastError().text().toStdString() << "\n" ; \
code_if_fail; \
return return_value; \
} \
} while(0);
#define EXECUTE_SQL_QUERY(req, return_value) EXECUTE_SQL_QUERY_WITH_CODE(req, return_value, {}, {})
#define EXECUTE_SQL_UPDATE(req, return_value) EXECUTE_SQL_UPDATE_WITH_CODE(req, return_value, {}, {})
#define EXECUTE_PREPARED_SQL_UPDATE(return_value) EXECUTE_PREPARED_SQL_UPDATE_WITH_CODE(return_value, {}, {})
#define EXECUTE_PREPARED_SQL_QUERY(return_value) EXECUTE_PREPARED_SQL_QUERY_WITH_CODE(return_value, {}, {})
class KissCount;
class User;