From 277f1dabb351701d5912057dce82eb6690726eeb Mon Sep 17 00:00:00 2001 From: rowanbeentje Date: Sat, 18 Jul 2009 17:05:43 +0000 Subject: - Update WHERE string buildup - the code now uses equals comparisons rather than LIKE, so the quote methods were incorrect. We now use standard escaping without additional LIKE preparation. This resolves Issue #338 --- Source/TableContent.m | 25 +++---------------------- 1 file changed, 3 insertions(+), 22 deletions(-) (limited to 'Source') diff --git a/Source/TableContent.m b/Source/TableContent.m index d308fd6a..c84ee3c7 100644 --- a/Source/TableContent.m +++ b/Source/TableContent.m @@ -1464,29 +1464,10 @@ } else { if (! [tempValue isKindOfClass:[NSData class]] ) { - // Escape special characters (in WHERE statement!) - for ( j = 0 ; j < [value length] ; j++ ) { - if ( [value characterAtIndex:j] == '\\' ) { - [value insertString:@"\\" atIndex:j]; - j++; - } - } - [value setString:[mySQLConnection prepareString:value]]; - for ( j = 0 ; j < [value length] ; j++ ) { - if ( [value characterAtIndex:j] == '%' || - [value characterAtIndex:j] == '_' ) { - [value insertString:@"\\" atIndex:j]; - j++; - } - } - [value setString:[NSString stringWithFormat:@"'%@'", value]]; + [value setString:[NSString stringWithFormat:@"'%@'", [mySQLConnection prepareString:value]]]; } - // columnType = [[tableDataInstance columnWithName:[keys objectAtIndex:i]] objectForKey:@"typegrouping"]; - // if ( [columnType isEqualToString:@"integer"] || [columnType isEqualToString:@"float"] || [columnType isEqualToString:@"bit"] ) { - [argument appendString:[NSString stringWithFormat:@"%@ = %@", [NSArrayObjectAtIndex(keys, i) backtickQuotedString], value]]; - // } else { - // [argument appendString:[NSString stringWithFormat:@"%@ LIKE %@", [NSArrayObjectAtIndex(keys, i) backtickQuotedString], value]]; - // } + + [argument appendString:[NSString stringWithFormat:@"%@ = %@", [NSArrayObjectAtIndex(keys, i) backtickQuotedString], value]]; } } if ( setLimit ) -- cgit v1.2.3