From 9f57f9db88e4ff31d4e775f246582df7aa07a291 Mon Sep 17 00:00:00 2001 From: Evgeniy Alekseev Date: Sun, 25 Mar 2018 01:03:03 +0300 Subject: [PATCH] try to use params (broken) --- .../queued/include/queued/QueuedDatabase.h | 26 +++- sources/queued/src/QueuedCorePrivate.cpp | 2 +- .../src/QueuedCorePrivateInitializator.cpp | 5 +- sources/queued/src/QueuedDatabase.cpp | 123 +++++++++++++----- sources/queued/src/QueuedReportManager.cpp | 2 +- 5 files changed, 117 insertions(+), 41 deletions(-) diff --git a/sources/queued/include/queued/QueuedDatabase.h b/sources/queued/include/queued/QueuedDatabase.h index 668fe5b..59f759d 100644 --- a/sources/queued/include/queued/QueuedDatabase.h +++ b/sources/queued/include/queued/QueuedDatabase.h @@ -38,6 +38,22 @@ class QueuedDatabase : public QObject Q_PROPERTY(QString path READ path) public: + /** + * @struct QueuedDatabaseCondition + * @brief structure to define database condition payload + * @var key + * payload key + * @var value + * payload value + * @var operation + * comparison operation + */ + struct QueuedDatabaseCondition { + QString key; + QVariant value; + QString operation; + }; + /** * @brief QueuedDatabase class constructor * @param parent @@ -88,7 +104,8 @@ public: * optional condition string * @return list of records from table */ - QList get(const QString &_table, const QString &_condition = ""); + QList get(const QString &_table, const QList &_condition + = QList()); /** * @brief get record from table with given id * @param _table @@ -181,6 +198,13 @@ private: * @return list of columns in table */ QStringList getColumnsInRecord(const QSqlRecord &_record) const; + /** + * @brief parse condition map to sql query + * @param _condition + * condition map + * @return sql query string part + */ + QString getCondition(const QList &_condition) const; /** * @brief last insertion ID * @param _table diff --git a/sources/queued/src/QueuedCorePrivate.cpp b/sources/queued/src/QueuedCorePrivate.cpp index b47cc79..1a7fde8 100644 --- a/sources/queued/src/QueuedCorePrivate.cpp +++ b/sources/queued/src/QueuedCorePrivate.cpp @@ -370,7 +370,7 @@ QueuedResult QueuedCorePrivate::pluginSettings(const QString &_plu return QueuedError("Not allowed", QueuedEnums::ReturnStatus::InsufficientPermissions); auto dbSettings = m_database->get(QueuedDB::SETTINGS_TABLE, - QString("WHERE key LIKE 'Plugin.%1.%'").arg(_plugin)); + {{"key", QString("Plugin.%1.%").arg(_plugin), "LIKE"}}); QVariantHash settings; std::for_each(dbSettings.cbegin(), dbSettings.cend(), [&settings, &_plugin](const QVariantHash &value) { diff --git a/sources/queued/src/QueuedCorePrivateInitializator.cpp b/sources/queued/src/QueuedCorePrivateInitializator.cpp index d65b5b5..96bc205 100644 --- a/sources/queued/src/QueuedCorePrivateInitializator.cpp +++ b/sources/queued/src/QueuedCorePrivateInitializator.cpp @@ -131,7 +131,7 @@ void QueuedCorePrivate::initProcesses() m_processes = m_helper->initObject(m_processes); m_processes->setExitAction(onExitAction); - auto dbProcesses = m_database->get(QueuedDB::TASKS_TABLE, "WHERE endTime IS NULL"); + auto dbProcesses = m_database->get(QueuedDB::TASKS_TABLE, {{"endTime", "NULL", "IS"}}); m_processes->loadProcesses(dbProcesses); m_connections += connect(m_processes, &QueuedProcessManager::taskStartTimeReceived, @@ -207,8 +207,7 @@ void QueuedCorePrivate::initUsers() m_users->setSalt(m_settings->admin().salt); m_users->setTokenExpiration(expiry); QString now = QDateTime::currentDateTimeUtc().toString(Qt::ISODateWithMs); - auto dbTokens = m_database->get( - QueuedDB::TOKENS_TABLE, QString("WHERE datetime(validUntil) > datetime('%1')").arg(now)); + auto dbTokens = m_database->get(QueuedDB::TOKENS_TABLE, {{"validUntil", now, ">"}}); m_users->loadTokens(dbTokens); auto dbUsers = m_database->get(QueuedDB::USERS_TABLE); m_users->loadUsers(dbUsers); diff --git a/sources/queued/src/QueuedDatabase.cpp b/sources/queued/src/QueuedDatabase.cpp index d5feb69..a71d090 100644 --- a/sources/queued/src/QueuedDatabase.cpp +++ b/sources/queued/src/QueuedDatabase.cpp @@ -88,8 +88,12 @@ void QueuedDatabase::createAdministrator(const QString &_user, const QString &_p { qCDebug(LOG_LIB) << "Check for user" << _user; - QSqlQuery query = m_database.exec( - QString("SELECT * FROM '%1' WHERE name='%2'").arg(QueuedDB::USERS_TABLE).arg(_user)); + QSqlQuery query(m_database); + query.prepare("SELECT * FROM :table WHERE name=:username"); + query.bindValue(":table", QueuedDB::USERS_TABLE); + query.bindValue(":username", _user); + query.exec(); + QSqlError error = query.lastError(); if (error.isValid()) qCWarning(LOG_LIB) << "Could not get record" << _user << "from" << QueuedDB::USERS_TABLE @@ -126,10 +130,12 @@ void QueuedDatabase::createSchema(const QString &_table) if (columns.contains(column)) continue; QueuedDB::QueuedDBField field = QueuedDB::DBSchema[_table][column]; - QSqlQuery query = m_database.exec(QString("ALTER TABLE '%1' ADD `%2` %3") - .arg(_table) - .arg(column) - .arg(field.sqlDescription)); + QSqlQuery query(m_database); + query.prepare( + QString("ALTER TABLE :table ADD `%1` %2").arg(column).arg(field.sqlDescription)); + query.bindValue(":table", _table); + query.exec(); + QSqlError error = query.lastError(); if (error.isValid()) qCCritical(LOG_LIB) << "Could not insert column" << column << "to table" << _table @@ -145,8 +151,11 @@ void QueuedDatabase::createTable(const QString &_table) { qCDebug(LOG_LIB) << "Create table" << _table; - QSqlQuery query = m_database.exec( - QString("CREATE TABLE '%1' (`_id` INTEGER PRIMARY KEY AUTOINCREMENT)").arg(_table)); + QSqlQuery query(m_database); + query.prepare("CREATE TABLE :table (`_id` INTEGER PRIMARY KEY AUTOINCREMENT)"); + query.bindValue(":table", _table); + query.exec(); + QSqlError error = query.lastError(); if (error.isValid()) qCCritical(LOG_LIB) << "Could not create table" << _table << "error:" << error.text(); @@ -156,13 +165,18 @@ void QueuedDatabase::createTable(const QString &_table) /** * @fn get */ -QList QueuedDatabase::get(const QString &_table, const QString &_condition) +QList QueuedDatabase::get(const QString &_table, + const QList &_condition) { - qCDebug(LOG_LIB) << "Get records in table" << _table << "with condition" << _condition; + qCDebug(LOG_LIB) << "Get records in table" << _table; QList output; - QSqlQuery query = m_database.exec( - QString("SELECT * FROM '%1' %2 ORDER BY _id ASC").arg(_table).arg(_condition)); + QSqlQuery query(m_database); + query.prepare("SELECT * FROM :table " + getCondition(_condition) + " ORDER BY _id ASC"); + query.bindValue(":table", _table); + for (auto &cond : _condition) + query.bindValue(QString(":%1").arg(cond.key), cond.value); + query.exec(); QSqlError error = query.lastError(); if (error.isValid()) { @@ -190,7 +204,7 @@ QVariantHash QueuedDatabase::get(const QString &_table, const long long _id) { qCDebug(LOG_LIB) << "Get record" << _id << "in table" << _table; - auto output = get(_table, QString("WHERE _id=%1").arg(_id)); + auto output = get(_table, {{"_id", _id, "="}}); if (output.count() == 0) { qCWarning(LOG_LIB) << "Could not find records for" << _id; return QVariantHash(); @@ -242,10 +256,15 @@ long long QueuedDatabase::add(const QString &_table, const QVariantHash &_value) auto payload = getQueryPayload(_table, _value); // build query - QSqlQuery query = m_database.exec(QString("INSERT INTO %1 (%2) VALUES (%3)") - .arg(_table) - .arg(payload.keys().join(',')) - .arg(payload.values().join(','))); + QSqlQuery query(m_database); + query.prepare(QString("INSERT INTO :table (%1) VALUES (%2)") + .arg(payload.keys().join(',')) + .arg(payload.values().join(','))); + query.bindValue(":table", _table); + for (auto &key : _value.keys()) + query.bindValue(QString(":%1").arg(key), _value[key]); + query.exec(); + QSqlError error = query.lastError(); if (error.isValid()) { qCCritical(LOG_LIB) << "Could not add record" << _value << "to table" << _table << "message" @@ -267,10 +286,16 @@ bool QueuedDatabase::modify(const QString &_table, const long long _id, const QV auto payload = getQueryPayload(_table, _value); QStringList stringPayload; for (auto &key : payload.keys()) - stringPayload.append(QString("%1=%2").arg(key).arg(payload[key])); + stringPayload.append(QString("%1=:%1").arg(key)); // build query - QSqlQuery query = m_database.exec( - QString("UPDATE %1 SET %2 WHERE _id=%3").arg(_table).arg(stringPayload.join(',')).arg(_id)); + QSqlQuery query(m_database); + query.prepare(QString("UPDATE :table SET %1 WHERE _id=:_id").arg(stringPayload.join(','))); + query.bindValue(":table", _table); + query.bindValue(":_id", _id); + for (auto &key : _value.keys()) + query.bindValue(QString(":%1").arg(key), _value[key]); + query.exec(); + QSqlError error = query.lastError(); if (error.isValid()) { qCCritical(LOG_LIB) << "Could not modify record" << _value << "in table" << _table @@ -289,7 +314,12 @@ bool QueuedDatabase::remove(const QString &_table, const long long _id) { qCDebug(LOG_LIB) << "Remove row" << _id << "from" << _table; - QSqlQuery query = m_database.exec(QString("DELETE FROM %1 WHERE _id=%2").arg(_table).arg(_id)); + QSqlQuery query(m_database); + query.prepare("DELETE FROM :table WHERE _id=:_id"); + query.bindValue(":table", _table); + query.bindValue(":_id", _id); + query.exec(); + QSqlError error = query.lastError(); if (error.isValid()) { qCCritical(LOG_LIB) << "Could not remove record" << _id << "in table" << _table << "message" @@ -308,10 +338,11 @@ void QueuedDatabase::removeTasks(const QDateTime &_endTime) { qCDebug(LOG_LIB) << "Remove all tasks which are older than" << _endTime; - QSqlQuery query - = m_database.exec(QString("DELETE FROM %1 WHERE datetime(endTime) < datetime('%2')") - .arg(QueuedDB::TASKS_TABLE) - .arg(_endTime.toString(Qt::ISODateWithMs))); + QSqlQuery query(m_database); + query.prepare("DELETE FROM :table WHERE datetime(endTime) < datetime(:time)"); + query.bindValue(":table", QueuedDB::TASKS_TABLE); + query.bindValue(":time", _endTime.toString(Qt::ISODateWithMs)); + query.exec(); QSqlError error = query.lastError(); if (error.isValid()) @@ -326,10 +357,11 @@ void QueuedDatabase::removeTasks(const QDateTime &_endTime) void QueuedDatabase::removeTokens() { QString now = QDateTime::currentDateTimeUtc().toString(Qt::ISODateWithMs); - QSqlQuery query - = m_database.exec(QString("DELETE FROM %1 WHERE datetime(validUntil) > datetime('%2')") - .arg(QueuedDB::TOKENS_TABLE) - .arg(now)); + QSqlQuery query(m_database); + query.prepare("DELETE FROM :table WHERE datetime(validUntil) < datetime(:time)"); + query.bindValue(":table", QueuedDB::TOKENS_TABLE); + query.bindValue(":time", now); + query.exec(); QSqlError error = query.lastError(); if (error.isValid()) @@ -345,10 +377,11 @@ void QueuedDatabase::removeUsers(const QDateTime &_lastLogin) { qCDebug(LOG_LIB) << "Remove all users which logged older than" << _lastLogin; - QSqlQuery query - = m_database.exec(QString("DELETE FROM %1 WHERE datetime(lastLogin) < datetime('%2')") - .arg(QueuedDB::USERS_TABLE) - .arg(_lastLogin.toString(Qt::ISODateWithMs))); + QSqlQuery query(m_database); + query.prepare("DELETE FROM :table WHERE datetime(lastLogin) < datetime(:time)"); + query.bindValue(":table", QueuedDB::USERS_TABLE); + query.bindValue(":time", _lastLogin.toString(Qt::ISODateWithMs)); + query.exec(); QSqlError error = query.lastError(); if (error.isValid()) @@ -372,6 +405,22 @@ QStringList QueuedDatabase::getColumnsInRecord(const QSqlRecord &_record) const } +/** + * @fn getCondition + */ +QString QueuedDatabase::getCondition(const QList &_condition) const +{ + if (_condition.isEmpty()) + return ""; + + QStringList query; + for (auto &cond : _condition) + query += QString("%1 %2 :%1").arg(cond.key).arg(cond.operation); + + return "WHERE " + query.join(','); +} + + /** * @fn lastInsertionId */ @@ -379,7 +428,11 @@ long long QueuedDatabase::lastInsertionId(const QString &_table) const { qCDebug(LOG_LIB) << "Get last row ID from" << _table; - QSqlQuery query = m_database.exec(QString("SELECT max(_id) FROM '%1'").arg(_table)); + QSqlQuery query(m_database); + query.prepare("SELECT max(_id) FROM :table"); + query.bindValue(":table", _table); + query.exec(); + QSqlError error = query.lastError(); if (error.isValid()) { qCCritical(LOG_LIB) << "Could not get last insertion ID"; @@ -414,7 +467,7 @@ QHash QueuedDatabase::getQueryPayload(const QString &_table, qCWarning(LOG_LIB) << "Modifying record ID is not allowed"; continue; } - output[key] = QString("'%1'").arg(_value[key].toString()); + output[key] = QString(":%1").arg(key); } return output; diff --git a/sources/queued/src/QueuedReportManager.cpp b/sources/queued/src/QueuedReportManager.cpp index 9528fe7..2a9ff3d 100644 --- a/sources/queued/src/QueuedReportManager.cpp +++ b/sources/queued/src/QueuedReportManager.cpp @@ -60,7 +60,7 @@ QList QueuedReportManager::performance(const QueuedCore *_core, { qCDebug(LOG_LIB) << "Build performance report from" << _from << "to" << _to; - QStringList conditions; + QList conditions; if (_from.isValid()) conditions += QString("((datetime(startTime) > datetime('%1')) OR " "(startTime IS NULL))")