Skip to content
Permalink
Browse files

Fix

  • Loading branch information
m-kuhn committed Dec 19, 2018
1 parent 1183466 commit c03f1a6127f39b31f25658af1921913e5b6ca94f
Showing with 3 additions and 3 deletions.
  1. +3 −3 src/providers/spatialite/qgsspatialiteprovider.cpp
@@ -4661,18 +4661,18 @@ bool QgsSpatiaLiteProvider::checkLayerType()
}

// Try first without any injection or manipulation
sql = QStringLiteral( "SELECT %1, %2 FROM %3 LIMIT 1" ).arg( QgsSqliteUtils::quotedIdentifier( pks.first( ) ), quotedIdentifier( mGeometryColumn ), mQuery );
sql = QStringLiteral( "SELECT %1, %2 FROM %3 LIMIT 1" ).arg( QgsSqliteUtils::quotedIdentifier( pks.first( ) ), QgsSqliteUtils::quotedIdentifier( mGeometryColumn ), mQuery );
ret = sqlite3_get_table( mSqliteHandle, sql.toUtf8().constData(), &results, &rows, &columns, &errMsg );
if ( ret == SQLITE_OK && rows == 1 )
{
mPrimaryKey = pks.first( );
}
else // if that does not work, try injection with table name/alias
{
QString pk { QStringLiteral( "%1.%2" ).arg( quotedIdentifier( alias ) ).arg( pks.first() ) };
QString pk { QStringLiteral( "%1.%2" ).arg( QgsSqliteUtils::quotedIdentifier( alias ) ).arg( pks.first() ) };
QString newSql( mQuery.replace( injectionRe,
QStringLiteral( R"re(SELECT %1.%2, \1)re" )
.arg( quotedIdentifier( tableIdentifier ) )
.arg( QgsSqliteUtils::quotedIdentifier( tableIdentifier ) )
.arg( pks.first() ) ) );
sql = QStringLiteral( "SELECT %1 FROM %2 LIMIT 1" ).arg( pk ).arg( newSql );
ret = sqlite3_get_table( mSqliteHandle, sql.toUtf8().constData(), &results, &rows, &columns, &errMsg );

0 comments on commit c03f1a6

Please sign in to comment.
You can’t perform that action at this time.