From a031386edd47c22b2a3db864a1027c270d7b3672 Mon Sep 17 00:00:00 2001 From: Martin Kleusberg Date: Fri, 3 May 2013 13:34:26 +0200 Subject: [PATCH] Fix filter row SQL generation to always produce correct SQL statements Always produce correct SQL statements, even when using an incomplete comparison operator. Fix escaping to make it possible to search for '-charachters. --- src/sqlitetablemodel.cpp | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/src/sqlitetablemodel.cpp b/src/sqlitetablemodel.cpp index 77520303..60699f58 100644 --- a/src/sqlitetablemodel.cpp +++ b/src/sqlitetablemodel.cpp @@ -287,6 +287,7 @@ void SqliteTableModel::updateFilter(int column, const QString& value) // Check for any special comparison operators at the beginning of the value string. If there are none default to LIKE. QString op = "LIKE"; QString val; + bool numeric = false; if(value.left(2) == ">=" || value.left(2) == "<=" || value.left(2) == "<>") { bool ok; @@ -295,6 +296,7 @@ void SqliteTableModel::updateFilter(int column, const QString& value) { op = value.left(2); val = value.mid(2); + numeric = true; } } else if(value.left(1) == ">" || value.left(1) == "<") { bool ok; @@ -303,20 +305,22 @@ void SqliteTableModel::updateFilter(int column, const QString& value) { op = value.left(1); val = value.mid(1); + numeric = true; } } else { if(value.left(1) == "=") { op = "="; val = value.mid(1); - } else { - val = value; } - val = QString("'%1'").arg(val.replace("'", "")); } + if(val.isEmpty()) + val = value; + if(!numeric) + val = QString("'%1'").arg(val.replace("'", "''")); // If the value was set to an empty string remove any filter for this column. Otherwise insert a new filter rule or replace the old one if there is already one - if(value.isEmpty()) + if(val == "''") m_mWhere.remove(column); else m_mWhere.insert(column, QString("%1 %2").arg(op).arg(val));