… of information. Conflicts: pkg/query.c
…used for the local or a remote repository. The latter doesn't have some fields (so don't accept to query them). Also, the successive code is passing the sql statement through sprintf, so % (percent) characters need to be escaped.
Add a CPP #define when compiling for static linkage. Bail out early from the function calling dlopen() conditionally on that.
I believe this will now catch all possible expression errors and generate only correct sql. Please let me know if you disagree, preferably with an example.
…hich is the only place it should ever be used, and rename it to state_t.
If you're trying to guard against sql injection, this is not the way (and there would still be statements that don't need a semicolon to work). However, with the string quoting patch I'm quite confident that there can be no sql injection.
… any unexpected characters.
It's still possible to generate an invalid expression with a non-matching number of opening and closing brackets.
… to be doubled. The fact that sqlite also accepts double quotes if it can't find a corresponding field as strings doesn't change that. for fun (and proof), try pkg query -e '%n=name' '%o' on a non-empty installation ;) Conflicts: pkg/query.c