Changeset 16218
- Timestamp:
- 2008-06-27 10:22:24 (5 months ago)
- Files:
-
- gsdl/trunk/src/lib/sqlitedbclass.cpp (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
- Modified
- Copied
- Moved
gsdl/trunk/src/lib/sqlitedbclass.cpp
r16180 r16218 225 225 if (metadata_value_filter != "") 226 226 { 227 sql_cmd += " AND value GLOB '" + metadata_value_filter+ "'";227 sql_cmd += " AND value GLOB '" + sqlite_safe(metadata_value_filter) + "'"; 228 228 } 229 229 … … 254 254 if (!exists(key)) 255 255 { 256 text_t sql_cmd = "INSERT INTO data (key, value) VALUES ('" + key + "', '" + data+ "')";256 text_t sql_cmd = "INSERT INTO data (key, value) VALUES ('" + sqlite_safe(key) + "', '" + sqlite_safe(data) + "')"; 257 257 return sqlexec(sql_cmd); 258 258 }
