Move sqlite quoting functions to qgssqliteutils.h

qgis · Dec 19, 2018 · 12a6d9b · 12a6d9b
1 parent 30b55cc
commit 12a6d9b
Show file tree

Hide file tree

Showing 3 changed files with 54 additions and 28 deletions.
diff --git a/src/core/qgssqliteexpressioncompiler.cpp b/src/core/qgssqliteexpressioncompiler.cpp
@@ -18,6 +18,7 @@
 #include "qgssqliteexpressioncompiler.h"
 #include "qgssqlexpressioncompiler.h"
 #include "qgsexpressionnodeimpl.h"
+#include "qgssqliteutils.h"
 
 QgsSQLiteExpressionCompiler::QgsSQLiteExpressionCompiler( const QgsFields &fields )
   : QgsSqlExpressionCompiler( fields, QgsSqlExpressionCompiler::LikeIsCaseInsensitive | QgsSqlExpressionCompiler::IntegerDivisionResultsInInteger )
@@ -51,38 +52,12 @@ QgsSqlExpressionCompiler::Result QgsSQLiteExpressionCompiler::compileNode( const
 
 QString QgsSQLiteExpressionCompiler::quotedIdentifier( const QString &identifier )
 {
-  QString id( identifier );
-  id.replace( '\"', QLatin1String( "\"\"" ) );
-  return id.prepend( '\"' ).append( '\"' );
+  return QgsSqliteUtils::quotedIdentifier( identifier );
 }
 
 QString QgsSQLiteExpressionCompiler::quotedValue( const QVariant &value, bool &ok )
 {
-  ok = true;
-
-  if ( value.isNull() )
-    return QStringLiteral( "NULL" );
-
-  switch ( value.type() )
-  {
-    case QVariant::Int:
-    case QVariant::LongLong:
-    case QVariant::Double:
-      return value.toString();
-
-    case QVariant::Bool:
-      //SQLite has no boolean literals
-      return value.toBool() ? "1" : "0";
-
-    default:
-    case QVariant::String:
-      QString v = value.toString();
-      // https://www.sqlite.org/lang_expr.html :
-      // """A string constant is formed by enclosing the string in single quotes (').
-      // A single quote within the string can be encoded by putting two single quotes
-      // in a row - as in Pascal. C-style escapes using the backslash character are not supported because they are not standard SQL. """
-      return v.replace( '\'', QLatin1String( "''" ) ).prepend( '\'' ).append( '\'' );
-  }
+  return QgsSqliteUtils::quotedValue( value, ok );
 }
 
 QString QgsSQLiteExpressionCompiler::sqlFunctionFromFunctionName( const QString &fnName ) const

diff --git a/src/core/qgssqliteutils.cpp b/src/core/qgssqliteutils.cpp
@@ -19,6 +19,7 @@
 
 #include <sqlite3.h>
 #include <cstdarg>
+#include <QVariant>
 
 void QgsSqlite3Closer::operator()( sqlite3 *database )
 {
@@ -101,6 +102,40 @@ QString QgsSqliteUtils::quotedString( const QString &value )
   return v.prepend( '\'' ).append( '\'' );
 }
 
+QString QgsSqliteUtils::quotedIdentifier( const QString &identifier )
+{
+  QString id( identifier );
+  id.replace( '\"', QLatin1String( "\"\"" ) );
+  return id.prepend( '\"' ).append( '\"' );
+}
+
+QString QgsSqliteUtils::quotedValue( const QVariant &value )
+{
+  if ( value.isNull() )
+    return QStringLiteral( "NULL" );
+
+  switch ( value.type() )
+  {
+    case QVariant::Int:
+    case QVariant::LongLong:
+    case QVariant::Double:
+      return value.toString();
+
+    case QVariant::Bool:
+      //SQLite has no boolean literals
+      return value.toBool() ? QStringLiteral( "1" ) : QStringLiteral( "0" );
+
+    default:
+    case QVariant::String:
+      QString v = value.toString();
+      // https://www.sqlite.org/lang_expr.html :
+      // """A string constant is formed by enclosing the string in single quotes (').
+      // A single quote within the string can be encoded by putting two single quotes
+      // in a row - as in Pascal. C-style escapes using the backslash character are not supported because they are not standard SQL. """
+      return v.replace( '\'', QLatin1String( "''" ) ).prepend( '\'' ).append( '\'' );
+  }
+}
+
 QString QgsSqlite3Mprintf( const char *format, ... )
 {
   va_list ap;

diff --git a/src/core/qgssqliteutils.h b/src/core/qgssqliteutils.h
@@ -26,6 +26,7 @@
 
 struct sqlite3;
 struct sqlite3_stmt;
+class QVariant;
 
 /**
  * \ingroup core
@@ -153,6 +154,21 @@ class CORE_EXPORT QgsSqliteUtils
      * characters correctly escaped.
      */
     static QString quotedString( const QString &value );
+
+    /**
+     * Returns a properly quoted version of \a identifier.
+     *
+     * \since QGIS 3.6
+     */
+    static QString quotedIdentifier( const QString &identifier );
+
+    /**
+     * Returns a properly quoted and escaped version of \a value
+     * for use in SQL strings.
+     *
+     * \since QGIS 3.6
+     */
+    static QString quotedValue( const QVariant &value );
 };
 
 /**