diff options
author | Bibiko <bibiko@eva.mpg.de> | 2009-09-28 13:58:30 +0000 |
---|---|---|
committer | Bibiko <bibiko@eva.mpg.de> | 2009-09-28 13:58:30 +0000 |
commit | e924e2ece4512233fa5ad020fecce25307c715a2 (patch) | |
tree | 7152b56905c8d8da3d09105aa93938793a5e4b29 | |
parent | 020cfd249c9022a2b84ae64786cdcbed42102217 (diff) | |
download | sequelpro-e924e2ece4512233fa5ad020fecce25307c715a2.tar.gz sequelpro-e924e2ece4512233fa5ad020fecce25307c715a2.tar.bz2 sequelpro-e924e2ece4512233fa5ad020fecce25307c715a2.zip |
• improved and fixes escaping of filter arguments
- 'is (not)' and 'contains (not)' are now defined as: take the argument literally, ie % and _ will be escaped automatically
- in string fields one can look for \n , \r , \t
- added LIKE and NOT LIKE operators to strings to be more transparent
- a routine detects automatically whether a placeholder was wrapped into ' or " and if so ' or " will be escaped
-rw-r--r-- | Resources/English.lproj/ContentFilters.plist | 24 | ||||
-rw-r--r-- | Source/TableContent.h | 2 | ||||
-rw-r--r-- | Source/TableContent.m | 34 |
3 files changed, 53 insertions, 7 deletions
diff --git a/Resources/English.lproj/ContentFilters.plist b/Resources/English.lproj/ContentFilters.plist index 2f52c6af..7ee9e8b1 100644 --- a/Resources/English.lproj/ContentFilters.plist +++ b/Resources/English.lproj/ContentFilters.plist @@ -101,7 +101,7 @@ <array> <dict> <key>MenuLabel</key> - <string>IS</string> + <string>is</string> <key>NumberOfArguments</key> <integer>1</integer> <key>Clause</key> @@ -109,7 +109,7 @@ </dict> <dict> <key>MenuLabel</key> - <string>IS NOT</string> + <string>is not</string> <key>NumberOfArguments</key> <integer>1</integer> <key>Clause</key> @@ -133,6 +133,22 @@ </dict> <dict> <key>MenuLabel</key> + <string>LIKE</string> + <key>NumberOfArguments</key> + <integer>1</integer> + <key>Clause</key> + <string>LIKE '${}'</string> + </dict> + <dict> + <key>MenuLabel</key> + <string>NOT LIKE</string> + <key>NumberOfArguments</key> + <integer>1</integer> + <key>Clause</key> + <string>NOT LIKE '${}'</string> + </dict> + <dict> + <key>MenuLabel</key> <string>IN</string> <key>NumberOfArguments</key> <integer>1</integer> @@ -190,7 +206,7 @@ <array> <dict> <key>MenuLabel</key> - <string>IS</string> + <string>is</string> <key>NumberOfArguments</key> <integer>1</integer> <key>Clause</key> @@ -198,7 +214,7 @@ </dict> <dict> <key>MenuLabel</key> - <string>IS NOT</string> + <string>is not</string> <key>NumberOfArguments</key> <integer>1</integer> <key>Clause</key> diff --git a/Source/TableContent.h b/Source/TableContent.h index a498189b..0993110a 100644 --- a/Source/TableContent.h +++ b/Source/TableContent.h @@ -129,4 +129,6 @@ - (void) storeCurrentDetailsForRestoration; - (void) clearDetailsToRestore; +- (NSString *)escapeFilterArgument:(NSString *)argument againstClause:(NSString *)clause; + @end diff --git a/Source/TableContent.m b/Source/TableContent.m index ed9cf237..ccf26181 100644 --- a/Source/TableContent.m +++ b/Source/TableContent.m @@ -568,7 +568,7 @@ [clause setString:[filter objectForKey:@"Clause"]]; // Escape % sign - [clause replaceOccurrencesOfRegex:@"%"withString:@"%%"]; + [clause replaceOccurrencesOfRegex:@"%" withString:@"%%"]; [clause flushCachedRegexData]; // Replace placeholder ${} by %@ @@ -597,11 +597,13 @@ if (numberOfArguments == 2) { filterString = [NSString stringWithFormat:@"%@ %@", [[fieldField titleOfSelectedItem] backtickQuotedString], - [NSString stringWithFormat:clause, firstBetweenArgument, secondBetweenArgument]]; + [NSString stringWithFormat:clause, + [self escapeFilterArgument:firstBetweenArgument againstClause:clause], + [self escapeFilterArgument:secondBetweenArgument againstClause:clause]]]; } else if (numberOfArguments == 1) { filterString = [NSString stringWithFormat:@"%@ %@", [[fieldField titleOfSelectedItem] backtickQuotedString], - [NSString stringWithFormat:clause, argument]]; + [NSString stringWithFormat:clause, [self escapeFilterArgument:argument againstClause:clause]]]; } else { filterString = [NSString stringWithFormat:@"%@ %@", [[fieldField titleOfSelectedItem] backtickQuotedString], @@ -621,6 +623,32 @@ return filterString; } +- (NSString *)escapeFilterArgument:(NSString *)argument againstClause:(NSString *)clause +{ + + NSMutableString *arg = [[NSMutableString alloc] init]; + [arg setString:argument]; + + [arg replaceOccurrencesOfRegex:@"(\\\\)(?![nrt])" withString:@"\\\\\\\\\\\\\\\\"]; + [arg flushCachedRegexData]; + [arg replaceOccurrencesOfRegex:@"(\\\\)(?=[nrt])" withString:@"\\\\\\"]; + [arg flushCachedRegexData]; + + // Get quote sign for escaping - this should work for 99% of all cases + NSString *quoteSign = [clause stringByMatching:@"([\"'])[^\\1]*?%@[^\\1]*?\\1" capture:1L]; + // Esape argument + if(quoteSign != nil && [quoteSign length] == 1) { + [arg replaceOccurrencesOfRegex:[NSString stringWithFormat:@"(%@)", quoteSign] withString:@"\\\\$1"]; + [arg flushCachedRegexData]; + } + if([clause isMatchedByRegex:@"(?i)\\blike\\b.*?%(?!@)"]) { + NSLog(@"asdas", _cmd); + [arg replaceOccurrencesOfRegex:@"([_%])" withString:@"\\\\$1"]; + [arg flushCachedRegexData]; + } + return [arg autorelease]; +} + /* * Update the table count/selection text */ |