- Timestamp:
- 2010-05-06T12:49:54+12:00 (14 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
main/trunk/greenstone2/common-src/src/lib/sqlitedbclass.cpp
r21865 r22043 38 38 39 39 #define SQLITE_MAX_RETRIES 8 40 41 sqlitedbclass::sqlitedbclass() 42 { 43 sqlitefile = NULL; 44 } 40 45 41 46 … … 95 100 void sqlitedbclass::deletekey (const text_t &key) 96 101 { 97 text_t sql_cmd = "DELETE FROM data WHERE key='" + sql ite_safe(key) + "'";102 text_t sql_cmd = "DELETE FROM data WHERE key='" + sql_safe(key) + "'"; 98 103 sqlexec(sql_cmd); 99 104 } … … 114 119 115 120 // Get the entries in the "document_metadata" table where the element and value matches those specified 116 text_t sql_cmd = "SELECT DISTINCT docOID FROM document_metadata WHERE element IN ('" + sql ite_safe(metadata_element_names[0]) + "'";121 text_t sql_cmd = "SELECT DISTINCT docOID FROM document_metadata WHERE element IN ('" + sql_safe(metadata_element_names[0]) + "'"; 117 122 for (int i = 1; i < metadata_element_names.size(); i++) 118 123 { 119 sql_cmd += ",'" + sql ite_safe(metadata_element_names[i]) + "'";120 } 121 sql_cmd += ") AND value='" + sql ite_safe(metadata_value) + "'";124 sql_cmd += ",'" + sql_safe(metadata_element_names[i]) + "'"; 125 } 126 sql_cmd += ") AND value='" + sql_safe(metadata_value) + "'"; 122 127 123 128 // If we're sorting the documents by a certain metadata element, extend the SQL command to do this 124 129 if (sort_by_metadata_element_name != "") 125 130 { 126 sql_cmd = "SELECT docOID FROM (" + sql_cmd + ") LEFT JOIN (SELECT docOID,value from document_metadata WHERE element='" + sql ite_safe(sort_by_metadata_element_name) + "') USING (docOID) ORDER by value";131 sql_cmd = "SELECT docOID FROM (" + sql_cmd + ") LEFT JOIN (SELECT docOID,value from document_metadata WHERE element='" + sql_safe(sort_by_metadata_element_name) + "') USING (docOID) ORDER by value"; 127 132 } 128 133 … … 157 162 bool sqlitedbclass::getkeydata (const text_t& key, text_t &data) 158 163 { 159 text_t sql_cmd = "SELECT value FROM data WHERE key='" + sql ite_safe(key) + "'";164 text_t sql_cmd = "SELECT value FROM data WHERE key='" + sql_safe(key) + "'"; 160 165 vector<text_tmap> sql_results; 161 166 if (!sqlgetarray(sql_cmd, sql_results) || sql_results.size() == 0) … … 217 222 218 223 // Get the entries in the "document_metadata" table where the element matches that specified 219 text_t sql_cmd = "SELECT DISTINCT docOID," + value_select_expression + " FROM document_metadata WHERE element IN ('" + sql ite_safe(metadata_element_names[0]) + "'";224 text_t sql_cmd = "SELECT DISTINCT docOID," + value_select_expression + " FROM document_metadata WHERE element IN ('" + sql_safe(metadata_element_names[0]) + "'"; 220 225 for (int i = 1; i < metadata_element_names.size(); i++) 221 226 { 222 sql_cmd += ",'" + sql ite_safe(metadata_element_names[i]) + "'";227 sql_cmd += ",'" + sql_safe(metadata_element_names[i]) + "'"; 223 228 } 224 229 sql_cmd += ")"; … … 227 232 if (metadata_value_filter != "") 228 233 { 229 sql_cmd += " AND value GLOB '" + sql ite_safe(metadata_value_filter) + "'";234 sql_cmd += " AND value GLOB '" + sql_safe(metadata_value_filter) + "'"; 230 235 } 231 236 … … 256 261 if (!exists(key)) 257 262 { 258 text_t sql_cmd = "INSERT INTO data (key, value) VALUES ('" + sql ite_safe(key) + "', '" + sqlite_safe(data) + "')";263 text_t sql_cmd = "INSERT INTO data (key, value) VALUES ('" + sql_safe(key) + "', '" + sql_safe(data) + "')"; 259 264 return sqlexec(sql_cmd); 260 265 } 261 266 else 262 267 { 263 text_t sql_cmd = "UPDATE data SET value='" + sql ite_safe(data) + "' WHERE key='" + sqlite_safe(key) + "'";268 text_t sql_cmd = "UPDATE data SET value='" + sql_safe(data) + "' WHERE key='" + sql_safe(key) + "'"; 264 269 return sqlexec(sql_cmd); 265 270 } … … 282 287 283 288 284 text_t sqlitedbclass::sql ite_safe (const text_t &value_arg)289 text_t sqlitedbclass::sql_safe (const text_t &value_arg) 285 290 { 286 291 text_t value = value_arg; … … 380 385 bool sqlitedbclass::sqltableexists(const text_t &table_name) 381 386 { 382 text_t sql_cmd = "SELECT * FROM sqlite_master WHERE tbl_name='" + sql ite_safe(table_name) + "'";387 text_t sql_cmd = "SELECT * FROM sqlite_master WHERE tbl_name='" + sql_safe(table_name) + "'"; 383 388 vector<text_tmap> sql_results; 384 389 if (!sqlgetarray(sql_cmd, sql_results) || sql_results.size() == 0)
Note:
See TracChangeset
for help on using the changeset viewer.