Skip to content

Commit

Permalink
More fixes about filtering safety
Browse files Browse the repository at this point in the history
  • Loading branch information
@pblottiere
pblottiere committed Jul 3, 2017
1 parent 66591f9 commit b94d17a
Showing 1 changed file with 7 additions and 5 deletions.
12 changes: 7 additions & 5 deletions src/core/qgsrelation.cpp
View file
Expand Up @@ -170,22 +170,23 @@ QString QgsRelation::getRelatedFeaturesFilter( const QgsFeature &feature ) const
{
int referencingIdx = referencingLayer()->fields().indexFromName( fieldPair.referencingField() );
QgsField referencingField = referencingLayer()->fields().at( referencingIdx );
const QString quotedColRef = QgsExpression::quotedColumnRef( fieldPair.referencingField() ) ;

QVariant val( feature.attribute( fieldPair.referencedField() ) );

if ( val.isNull() )
{
conditions << QStringLiteral( "\"%1\" IS NULL" ).arg( fieldPair.referencingField() );
conditions << QStringLiteral( "%1 IS NULL" ).arg( quotedColRef );
}
else if ( referencingField.type() == QVariant::String )
{
// Use quotes
conditions << QStringLiteral( "\"%1\" = %2" ).arg( fieldPair.referencingField(), QgsExpression::quotedValue( val.toString() ) );
conditions << QStringLiteral( "%1 = %2" ).arg( quotedColRef, QgsExpression::quotedValue( val.toString() ) );
}
else
{
// No quotes
conditions << QStringLiteral( "\"%1\" = %2" ).arg( fieldPair.referencingField(), val.toString() );
conditions << QStringLiteral( "%1 = %2" ).arg( quotedColRef, val.toString() );
}
}

Expand All @@ -202,16 +203,17 @@ QgsFeatureRequest QgsRelation::getReferencedFeatureRequest( const QgsAttributes
int referencingIdx = referencingLayer()->fields().indexFromName( fieldPair.referencingField() );

QgsField referencedField = referencedLayer()->fields().at( referencedIdx );
const QString quotedColRef = QgsExpression::quotedColumnRef( fieldPair.referencedField() ) ;

if ( referencedField.type() == QVariant::String )
{
// Use quotes
conditions << QStringLiteral( "\"%1\" = '%2'" ).arg( fieldPair.referencedField(), attributes.at( referencingIdx ).toString() );
conditions << QStringLiteral( "%1 = %2" ).arg( quotedColRef, QgsExpression::quotedValue( attributes.at( referencingIdx ).toString() ) );
}
else
{
// No quotes
conditions << QStringLiteral( "\"%1\" = %2" ).arg( fieldPair.referencedField(), attributes.at( referencingIdx ).toString() );
conditions << QStringLiteral( "%1 = %2" ).arg( quotedColRef, attributes.at( referencingIdx ).toString() );
}
}

Expand Down

0 comments on commit b94d17a

Please sign in to comment.