mirror/tomahawk
1
0
Fork 0
mirror of https://github.com/tomahawk-player/tomahawk.git synced 2025-03-20 15:59:42 +01:00
Code Issues Releases Wiki Activity

Properly escape strings in sql command

Browse Source
This commit is contained in:
Jeff Mitchell 2011-10-13 10:30:56 -04:00
parent 01bf3a3818
commit 2c620ba440
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/libtomahawk/database/databasecommand_deletefiles.cpp
View File

@ -73,7 +73,7 @@ DatabaseCommand_DeleteFiles::exec( DatabaseImpl* dbi )
tDebug() << "Deleting" << m_dir.path() << "from db for localsource" << srcid;
TomahawkSqlQuery dirquery = dbi->newquery();
QString path( "file://" + m_dir.canonicalPath() + "/%" );
dirquery.prepare( QString( "SELECT id, url FROM file WHERE source IS NULL AND url LIKE %1" ).arg( path ) );
dirquery.prepare( QString( "SELECT id, url FROM file WHERE source IS NULL AND url LIKE \"%1\"" ).arg( path ) );
dirquery.exec();
while ( dirquery.next() )