More fixes about filtering safety

pblottiere · pblottiere · commit b94d17a7dc90 · 2017-07-03T22:28:28.000+02:00
diff --git a/src/core/qgsrelation.cpp b/src/core/qgsrelation.cpp
@@ -170,22 +170,23 @@ QString QgsRelation::getRelatedFeaturesFilter( const QgsFeature &feature ) const
   {
     int referencingIdx = referencingLayer()->fields().indexFromName( fieldPair.referencingField() );
     QgsField referencingField = referencingLayer()->fields().at( referencingIdx );
+    const QString quotedColRef = QgsExpression::quotedColumnRef( fieldPair.referencingField() ) ;
 
     QVariant val( feature.attribute( fieldPair.referencedField() ) );
 
     if ( val.isNull() )
     {
-      conditions << QStringLiteral( "\"%1\" IS NULL" ).arg( fieldPair.referencingField() );
+      conditions << QStringLiteral( "%1 IS NULL" ).arg( quotedColRef );
     }
     else if ( referencingField.type() == QVariant::String )
     {
       // Use quotes
-      conditions << QStringLiteral( "\"%1\" = %2" ).arg( fieldPair.referencingField(), QgsExpression::quotedValue( val.toString() ) );
+      conditions << QStringLiteral( "%1 = %2" ).arg( quotedColRef, QgsExpression::quotedValue( val.toString() ) );
     }
     else
     {
       // No quotes
-      conditions << QStringLiteral( "\"%1\" = %2" ).arg( fieldPair.referencingField(), val.toString() );
+      conditions << QStringLiteral( "%1 = %2" ).arg( quotedColRef, val.toString() );
     }
   }
 
@@ -202,16 +203,17 @@ QgsFeatureRequest QgsRelation::getReferencedFeatureRequest( const QgsAttributes
     int referencingIdx = referencingLayer()->fields().indexFromName( fieldPair.referencingField() );
 
     QgsField referencedField = referencedLayer()->fields().at( referencedIdx );
+    const QString quotedColRef = QgsExpression::quotedColumnRef( fieldPair.referencedField() ) ;
 
     if ( referencedField.type() == QVariant::String )
     {
       // Use quotes
-      conditions << QStringLiteral( "\"%1\" = '%2'" ).arg( fieldPair.referencedField(), attributes.at( referencingIdx ).toString() );
+      conditions << QStringLiteral( "%1 = %2" ).arg( quotedColRef, QgsExpression::quotedValue( attributes.at( referencingIdx ).toString() ) );
     }
     else
     {
       // No quotes
-      conditions << QStringLiteral( "\"%1\" = %2" ).arg( fieldPair.referencedField(), attributes.at( referencingIdx ).toString() );
+      conditions << QStringLiteral( "%1 = %2" ).arg( quotedColRef, attributes.at( referencingIdx ).toString() );
     }
   }
 

Original file line number	Diff line number	Diff line change
`@@ -170,22 +170,23 @@ QString QgsRelation::getRelatedFeaturesFilter( const QgsFeature &feature ) const`
`170`	`170`	`{`
`171`	`171`	`int referencingIdx = referencingLayer()->fields().indexFromName( fieldPair.referencingField() );`
`172`	`172`	`QgsField referencingField = referencingLayer()->fields().at( referencingIdx );`
	`173`	`+ const QString quotedColRef = QgsExpression::quotedColumnRef( fieldPair.referencingField() ) ;`
`173`	`174`
`174`	`175`	`QVariant val( feature.attribute( fieldPair.referencedField() ) );`
`175`	`176`
`176`	`177`	`if ( val.isNull() )`
`177`	`178`	`{`
`178`		`- conditions << QStringLiteral( "\"%1\" IS NULL" ).arg( fieldPair.referencingField() );`
	`179`	`+ conditions << QStringLiteral( "%1 IS NULL" ).arg( quotedColRef );`
`179`	`180`	`}`
`180`	`181`	`else if ( referencingField.type() == QVariant::String )`
`181`	`182`	`{`
`182`	`183`	`// Use quotes`
`183`		`- conditions << QStringLiteral( "\"%1\" = %2" ).arg( fieldPair.referencingField(), QgsExpression::quotedValue( val.toString() ) );`
	`184`	`+ conditions << QStringLiteral( "%1 = %2" ).arg( quotedColRef, QgsExpression::quotedValue( val.toString() ) );`
`184`	`185`	`}`
`185`	`186`	`else`
`186`	`187`	`{`
`187`	`188`	`// No quotes`
`188`		`- conditions << QStringLiteral( "\"%1\" = %2" ).arg( fieldPair.referencingField(), val.toString() );`
	`189`	`+ conditions << QStringLiteral( "%1 = %2" ).arg( quotedColRef, val.toString() );`
`189`	`190`	`}`
`190`	`191`	`}`
`191`	`192`
`@@ -202,16 +203,17 @@ QgsFeatureRequest QgsRelation::getReferencedFeatureRequest( const QgsAttributes`
`202`	`203`	`int referencingIdx = referencingLayer()->fields().indexFromName( fieldPair.referencingField() );`
`203`	`204`
`204`	`205`	`QgsField referencedField = referencedLayer()->fields().at( referencedIdx );`
	`206`	`+ const QString quotedColRef = QgsExpression::quotedColumnRef( fieldPair.referencedField() ) ;`
`205`	`207`
`206`	`208`	`if ( referencedField.type() == QVariant::String )`
`207`	`209`	`{`
`208`	`210`	`// Use quotes`
`209`		`- conditions << QStringLiteral( "\"%1\" = '%2'" ).arg( fieldPair.referencedField(), attributes.at( referencingIdx ).toString() );`
	`211`	`+ conditions << QStringLiteral( "%1 = %2" ).arg( quotedColRef, QgsExpression::quotedValue( attributes.at( referencingIdx ).toString() ) );`
`210`	`212`	`}`
`211`	`213`	`else`
`212`	`214`	`{`
`213`	`215`	`// No quotes`
`214`		`- conditions << QStringLiteral( "\"%1\" = %2" ).arg( fieldPair.referencedField(), attributes.at( referencingIdx ).toString() );`
	`216`	`+ conditions << QStringLiteral( "%1 = %2" ).arg( quotedColRef, attributes.at( referencingIdx ).toString() );`
`215`	`217`	`}`
`216`	`218`	`}`
`217`	`219`