mirror/tomahawk
1
0
Fork 0
mirror of https://github.com/tomahawk-player/tomahawk.git synced 2025-07-31 11:20:22 +02:00
Code Issues Releases Wiki Activity

Properly escape strings in sql command

Browse Source
This commit is contained in:
Jeff Mitchell
2011-10-13 10:30:56 -04:00
parent 01bf3a3818
commit 2c620ba440
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/libtomahawk/database/databasecommand_deletefiles.cpp
View File

@@ -73,7 +73,7 @@ DatabaseCommand_DeleteFiles::exec( DatabaseImpl* dbi )
tDebug() << "Deleting" << m_dir.path() << "from db for localsource" << srcid; tDebug() << "Deleting" << m_dir.path() << "from db for localsource" << srcid;
TomahawkSqlQuery dirquery = dbi->newquery(); TomahawkSqlQuery dirquery = dbi->newquery();
QString path( "file://" + m_dir.canonicalPath() + "/%" ); QString path( "file://" + m_dir.canonicalPath() + "/%" );
dirquery.prepare( QString( "SELECT id, url FROM file WHERE source IS NULL AND url LIKE %1" ).arg( path ) ); dirquery.prepare( QString( "SELECT id, url FROM file WHERE source IS NULL AND url LIKE \"%1\"" ).arg( path ) );
dirquery.exec(); dirquery.exec();
while ( dirquery.next() ) while ( dirquery.next() )