From 5d313d754331aa3d3d1338873e3011d6a5997dc3 Mon Sep 17 00:00:00 2001 From: RJ Ryan Date: Fri, 12 Jul 2013 13:21:45 -0400 Subject: Switch to LIKE instead of instr which isn't present on all SQLite systems. --- src/library/queryutil.h | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) (limited to 'src/library/queryutil.h') diff --git a/src/library/queryutil.h b/src/library/queryutil.h index a35b563301..337232adeb 100644 --- a/src/library/queryutil.h +++ b/src/library/queryutil.h @@ -74,11 +74,33 @@ class FieldEscaper { virtual ~FieldEscaper() { } + // Escapes a string for use in a SQL query by wrapping with quotes and + // escaping embedded quote characters. QString escapeString(const QString& escapeString) const { m_stringField.setValue(escapeString); return m_database.driver()->formatValue(m_stringField); } + // Escapes a string for use in a LIKE operation by prefixing instances of + // LIKE wildcard characters (% and _) with escapeCharacter. This allows the + // caller to then attach wildcard characters to the string. This does NOT + // escape the string in the same way that escapeString() does. + QString escapeStringForLike(const QString& escapeString, const QChar escapeCharacter) const { + QString escapeCharacterStr(escapeCharacter); + QString result = escapeString; + // Replace instances of escapeCharacter with two escapeCharacters. + result = result.replace( + escapeCharacter, escapeCharacterStr + escapeCharacterStr); + // Replace instances of % or _ with $escapeCharacter%. + if (escapeCharacter != '%') { + result = result.replace("%", escapeCharacterStr + "%"); + } + if (escapeCharacter != '_') { + result = result.replace("_", escapeCharacterStr + "_"); + } + return result; + } + private: const QSqlDatabase& m_database; mutable QSqlField m_stringField; -- cgit v1.2.3