Improve escpaing support

When generating SQL statements properly escape all identifiers, even those containing backticks which apparently are allowed inside identifiers in SQLite. See issue #387.
2026-01-20 11:00:44 -06:00 · 2015-08-17 00:17:48 +02:00
parent 160bc87d3c
commit 631979c330
13 changed files with 95 additions and 62 deletions
--- a/src/ImportCsvDialog.cpp
+++ b/src/ImportCsvDialog.cpp
@@ -223,7 +223,7 @@ void ImportCsvDialog::accept()
        it != csv.csv().end();
        ++it)
    {
-        QString sql = QString("INSERT INTO `%1` VALUES(").arg(ui->editName->text());
+        QString sql = QString("INSERT INTO %1 VALUES(").arg(sqlb::escapeIdentifier(ui->editName->text()));

        QStringList insertlist;
        for(QStringList::const_iterator jt = it->begin(); jt != it->end(); ++jt)
@@ -321,7 +321,7 @@ void ImportCsvDialog::updatePreview()
 void ImportCsvDialog::checkInput()
 {
    bool valid = true;
-    if(ui->editName->text().isEmpty() || ui->editName->text().contains("`"))
+    if(ui->editName->text().isEmpty())
        valid = false;

    ui->buttonBox->button(QDialogButtonBox::Ok)->setEnabled(valid);