Mercurial > dovecot > original-hg > dovecot-1.2
changeset 4371:b931db01be6c HEAD
Fixes to SQL update statements
author | Timo Sirainen <tss@iki.fi> |
---|---|
date | Fri, 16 Jun 2006 12:54:14 +0300 |
parents | bf23e6cc6623 |
children | de1704b2bb97 |
files | src/lib-dict/dict-sql.c |
diffstat | 1 files changed, 7 insertions(+), 9 deletions(-) [+] |
line wrap: on
line diff
--- a/src/lib-dict/dict-sql.c Fri Jun 16 12:53:40 2006 +0300 +++ b/src/lib-dict/dict-sql.c Fri Jun 16 12:54:14 2006 +0300 @@ -306,23 +306,23 @@ t_push(); if (priv) { query = t_strdup_printf( - "INSERT INTO %s (%s, %s, %s) VALUES (%s, %s, %s) " + "INSERT INTO %s (%s, %s, %s) VALUES ('%s', '%s', '%s') " "ON DUPLICATE KEY UPDATE %s = '%s'", dict->table, dict->select_field, dict->where_field, dict->username_field, sql_escape_string(dict->db, key), sql_escape_string(dict->db, value), sql_escape_string(dict->db, dict->username), - sql_escape_string(dict->db, key), + dict->select_field, sql_escape_string(dict->db, value)); } else { query = t_strdup_printf( - "INSERT INTO %s (%s, %s) VALUES (%s, %s) " + "INSERT INTO %s (%s, %s) VALUES ('%s', '%s') " "ON DUPLICATE KEY UPDATE %s = '%s'", dict->table, dict->select_field, dict->where_field, sql_escape_string(dict->db, key), sql_escape_string(dict->db, value), - sql_escape_string(dict->db, key), + dict->select_field, sql_escape_string(dict->db, value)); } sql_update(ctx->sql_ctx, query); @@ -344,22 +344,20 @@ t_push(); if (priv) { query = t_strdup_printf( - "INSERT INTO %s (%s, %s, %s) VALUES (%s, %lld, %s) " + "INSERT INTO %s (%s, %s, %s) VALUES ('%s', %lld, '%s') " "ON DUPLICATE KEY UPDATE %s = %s + %lld", dict->table, dict->select_field, dict->where_field, dict->username_field, sql_escape_string(dict->db, key), diff, sql_escape_string(dict->db, dict->username), - sql_escape_string(dict->db, key), - sql_escape_string(dict->db, key), diff); + dict->select_field, dict->select_field, diff); } else { query = t_strdup_printf( "INSERT INTO %s (%s, %s) VALUES (%s, %lld) " "ON DUPLICATE KEY UPDATE %s = %s + %lld", dict->table, dict->select_field, dict->where_field, sql_escape_string(dict->db, key), diff, - sql_escape_string(dict->db, key), - sql_escape_string(dict->db, key), diff); + dict->select_field, dict->select_field, diff); } sql_update(ctx->sql_ctx, query); t_pop();