diff --git a/src/CodeKeeper/sql_db/projectsDB.cpp b/src/CodeKeeper/sql_db/projectsDB.cpp index 9875f17f..d158c0d3 100644 --- a/src/CodeKeeper/sql_db/projectsDB.cpp +++ b/src/CodeKeeper/sql_db/projectsDB.cpp @@ -52,8 +52,12 @@ QStringList MainWindow::GetProjectData(QString *title, QString *status, QString QStringList projectData; QSqlQuery query; - if (query.exec("SELECT * FROM projects WHERE status = '" + *status + "' AND title = '" + *title + - "' AND git_url = '" + *git_url + "'")) + query.prepare("SELECT * FROM projects WHERE status = :status AND title = :title AND git_url = :git_url"); + query.bindValue(":status", *status); + query.bindValue(":title", *title); + query.bindValue(":git_url", *git_url); + + if (query.exec()) { if (query.next()) { @@ -77,15 +81,23 @@ void MainWindow::updateProjectData(QString *title, QString *git_url, QString *do { QSqlQuery query; - if (!query.exec("UPDATE projects SET title = '" + *title + "', git_url = '" + *git_url + "', projectDoc = '" + - *doc + "', createdTime = '" + *createdTime + "' WHERE createdTime = '" + *oldTime + - "' AND git_url = '" + oldGit + "'")) + query.prepare( + "UPDATE projects SET title = :title, git_url = :git_url, projectDoc = :doc, createdTime = :createdTime " + "WHERE createdTime = :oldTime AND git_url = :oldGit"); + query.bindValue(":title", *title); + query.bindValue(":git_url", *git_url); + query.bindValue(":doc", *doc); + query.bindValue(":createdTime", *createdTime); + query.bindValue(":oldTime", *oldTime); + query.bindValue(":oldGit", *oldGit); + + if (!query.exec()) { qWarning() << "" << query.lastError(); } else { - qDebug() << "Sucsessfull updated"; + qDebug() << "Successfully updated"; } } @@ -93,16 +105,20 @@ void MainWindow::saveProjectToDB(QString *title, QString *git_url, QString *stat { QSqlQuery query; - if (!query.exec("INSERT INTO projects (title, git_url, projectDoc, status, " - "createdTime) " - "VALUES('" + - *title + "', '" + *git_url + "', ' ', '" + *status + "', '" + *createdTime + "')")) + query.prepare("INSERT INTO projects (title, git_url, projectDoc, status, createdTime) " + "VALUES (:title, :git_url, ' ', :status, :createdTime)"); + query.bindValue(":title", *title); + query.bindValue(":git_url", *git_url); + query.bindValue(":status", *status); + query.bindValue(":createdTime", *createdTime); + + if (!query.exec()) { qWarning() << "" << query.lastError(); } else { - qDebug() << "Sucsessfull saved"; + qDebug() << "Successfully saved"; } } @@ -110,13 +126,17 @@ void MainWindow::updateProjectStatus(QString *status, QString *createdTime, QStr { QSqlQuery query; - if (!query.exec("UPDATE projects SET status = '" + *status + "' WHERE createdTime = '" + *oldTime + "'")) + query.prepare("UPDATE projects SET status = :status WHERE createdTime = :oldTime"); + query.bindValue(":status", *status); + query.bindValue(":oldTime", *oldTime); + + if (!query.exec()) { qWarning() << "" << query.lastError(); } else { - qDebug() << "Sucsessfull updated"; + qDebug() << "Successfully updated"; } } @@ -124,13 +144,16 @@ void MainWindow::removeProjectFromDB(QString *git_url, QString *status, QString { QSqlQuery query; - if (!query.exec("DELETE FROM projects WHERE git_url = '" + *git_url + "'")) + query.prepare("DELETE FROM projects WHERE git_url = :git_url"); + query.bindValue(":git_url", *git_url); + + if (!query.exec()) { qWarning() << "" << query.lastError(); } else { - qDebug() << "Sucsessfull removed"; + qDebug() << "Successfully removed"; } } diff --git a/src/CodeKeeper/sql_db/tasksDB.cpp b/src/CodeKeeper/sql_db/tasksDB.cpp index 75fadf9a..63177a5e 100644 --- a/src/CodeKeeper/sql_db/tasksDB.cpp +++ b/src/CodeKeeper/sql_db/tasksDB.cpp @@ -30,8 +30,12 @@ void MainWindow::updateTaskData(QString *task, QString *status, QString *cT) QStringList taskText = task->split("\n"); - if (!query.exec("UPDATE tasks SET task = '" + taskText[0] + "' WHERE createdTime = '" + cT + "' AND status = '" + - *status + "'")) + query.prepare("UPDATE tasks SET task = :task WHERE createdTime = :cT AND status = :status"); + query.bindValue(":task", taskText[0]); + query.bindValue(":cT", *cT); + query.bindValue(":status", *status); + + if (!query.exec()) { qDebug() << "" << query.lastError(); } @@ -43,8 +47,12 @@ void MainWindow::updateTaskStatus(QString *task, QString *status, QString *cT) QStringList taskText = task->split("\n"); - if (!query.exec("UPDATE tasks SET status = '" + *status + "' WHERE createdTime = '" + *cT + "' AND task = '" + - taskText[0] + "'")) + query.prepare("UPDATE tasks SET status = :status WHERE createdTime = :cT AND task = :task"); + query.bindValue(":status", *status); + query.bindValue(":cT", *cT); + query.bindValue(":task", taskText[0]); + + if (!query.exec()) { qDebug() << "" << query.lastError(); } @@ -56,8 +64,12 @@ void MainWindow::saveTaskToDB(QString *task, QString *status) QStringList taskText = task->split("\n"); - if (!query.exec("INSERT INTO tasks (task, status, createdTime) VALUES('" + taskText[0] + "', '" + *status + "', '" + - taskText[1] + "');")) + query.prepare("INSERT INTO tasks (task, status, createdTime) VALUES(:task, :status, :createdTime)"); + query.bindValue(":task", taskText[0]); + query.bindValue(":status", *status); + query.bindValue(":createdTime", taskText[1]); + + if (!query.exec()) { qDebug() << "" << query.lastError(); } @@ -73,14 +85,18 @@ void MainWindow::removeTaskFromDB(QString *task, QString *status) QStringList taskText = task->split("\n"); - if (!query.exec("DELETE FROM tasks WHERE task = '" + taskText[0] + "' AND status = '" + *status + - "' AND createdTime = '" + taskText[1] + "'")) + query.prepare("DELETE FROM tasks WHERE task = :task AND status = :status AND createdTime = :createdTime"); + query.bindValue(":task", taskText[0]); + query.bindValue(":status", *status); + query.bindValue(":createdTime", taskText[1]); + + if (!query.exec()) { qDebug() << "" << query.lastError(); } else { - qDebug() << "Sucsessfull removed"; + qDebug() << "Successfully removed"; } }