Skip to content
Extraits de code Groupes Projets
Vérifiée Valider 7fdc4317 rédigé par Kubat's avatar Kubat
Parcourir les fichiers

Tryfix get stickers

parent f6b7bf01
Aucune branche associée trouvée
Aucune étiquette associée trouvée
1 requête de fusion!75Resolve "Stickers in lkt"
...@@ -104,7 +104,7 @@ CREATE TABLE IF NOT EXISTS 'stickers' ...@@ -104,7 +104,7 @@ CREATE TABLE IF NOT EXISTS 'stickers'
, name TEXT NOT NULL UNIQUE , name TEXT NOT NULL UNIQUE
); );
CREATE TABLE IF NOT EXISTS 'stickers.song' CREATE TABLE IF NOT EXISTS 'stickers.kara'
( id INTEGER REFERENCES kara ON DELETE CASCADE ( id INTEGER REFERENCES kara ON DELETE CASCADE
, sticker INTEGER REFERENCES stickers ON DELETE CASCADE , sticker INTEGER REFERENCES stickers ON DELETE CASCADE
, value INTEGER NOT NULL , value INTEGER NOT NULL
......
...@@ -37,27 +37,27 @@ database_search_sticker_init(volatile sqlite3 *db, struct lkt_search *ret) ...@@ -37,27 +37,27 @@ database_search_sticker_init(volatile sqlite3 *db, struct lkt_search *ret)
{ {
/* No bound checks in strcats, should be fine. Possible SQL injection, depend on the `type`. */ /* No bound checks in strcats, should be fine. Possible SQL injection, depend on the `type`. */
static const char *SQL_all_types = static const char *SQL_all_types =
"SELECT name, sts.id, value FROM 'stickers' LEFT OUTER JOIN " "SELECT name, sts.id, value FROM 'stickers' JOIN "
"( SELECT id, sticker, value FROM 'stickers.song'" "( SELECT id, sticker, value FROM 'stickers.kara'"
" UNION" " UNION"
" SELECT id, sticker, value FROM 'stickers.plt'" " SELECT id, sticker, value FROM 'stickers.plt'"
") AS sts" ") AS sts"
"ON sts.sticker = 'stickers'.id"; "ON sts.sticker = 'stickers'.id";
static const char *SQL_one_type = static const char *SQL_one_type =
"SELECT name, 'stickers.%s'.id, value " "SELECT name, sts.id, value "
"FROM 'stickers.%s' AS sts " "FROM 'stickers.%s' AS sts "
"LEFT OUTER JOIN 'stickers' " "JOIN 'stickers' "
"ON 'stickers'.id = sts.sticker"; "ON 'stickers'.id = sts.sticker";
char SQL[LKT_MAX_SQLITE_STATEMENT]; char SQL[LKT_MAX_SQLITE_STATEMENT];
if (ret->st_type == NULL) if (ret->st_type == NULL)
memcpy(SQL, SQL_all_types, strlen(SQL_all_types) + 1); memcpy(SQL, SQL_all_types, strlen(SQL_all_types) + 1);
else else
sprintf(SQL, SQL_one_type, ret->st_type, ret->st_type); sprintf(SQL, SQL_one_type, ret->st_type);
if (ret->st_uri != 0) if (ret->st_uri != 0)
sprintf(SQL, " AND sts.id = %d", ret->st_uri); sprintf(SQL + strlen(SQL), " AND sts.id = %d", ret->st_uri);
if (ret->st_op != 0) if (ret->st_op != 0)
sprintf(SQL, " AND sts.value %s %d", sprintf(SQL + strlen(SQL), " AND sts.value %s %d",
ret->st_op == '>' ? ">=" : ret->st_op == '<' ? "<=" : "=", ret->st_op == '>' ? ">=" : ret->st_op == '<' ? "<=" : "=",
ret->st_value); ret->st_value);
strcat(SQL, ret->name ? " AND name = ?;" : ";"); strcat(SQL, ret->name ? " AND name = ?;" : ";");
......
...@@ -58,9 +58,9 @@ database_sticker_set(volatile sqlite3 *db, const char *type, const char *name, i ...@@ -58,9 +58,9 @@ database_sticker_set(volatile sqlite3 *db, const char *type, const char *name, i
* 3 -> the name of the sticker * 3 -> the name of the sticker
*/ */
if (!strcasecmp(type, "song")) if (!strcasecmp(type, "kara"))
SQL = SQL =
"INSERT OR REPLACE INTO 'stickers.song' (id, sticker, value) " "INSERT OR REPLACE INTO 'stickers.kara' (id, sticker, value) "
"SELECT ?, 'stickers'.id, ? " "SELECT ?, 'stickers'.id, ? "
"FROM 'stickers'" "FROM 'stickers'"
"WHERE 'stickers'.id = ?;\n"; "WHERE 'stickers'.id = ?;\n";
...@@ -94,7 +94,7 @@ database_sticker_delete_specify(volatile sqlite3 *db, const char *type, int uri, ...@@ -94,7 +94,7 @@ database_sticker_delete_specify(volatile sqlite3 *db, const char *type, int uri,
int ret = false; int ret = false;
/* Base query. */ /* Base query. */
if (strcasecmp("plt", type) && strcasecmp("song", type)) { if (strcasecmp("plt", type) && strcasecmp("kara", type)) {
LOG_ERROR_SCT("DB", "Type '%s' is invalid", type); LOG_ERROR_SCT("DB", "Type '%s' is invalid", type);
return false; return false;
} }
......
0% Chargement en cours ou .
You are about to add 0 people to the discussion. Proceed with caution.
Veuillez vous inscrire ou vous pour commenter