Parameterize SQL args
'Cause I want to have shard ranges with quotes in them LIKE A CRAZY PERSON. Change-Id: I18f84caf2eb4fe17fbe28d7cb5d65cec4da7474d
This commit is contained in:
parent
5eb65e4b89
commit
bef2a855d2
@ -1591,25 +1591,30 @@ class ContainerBroker(DatabaseBroker):
|
|||||||
try:
|
try:
|
||||||
condition = ''
|
condition = ''
|
||||||
conditions = []
|
conditions = []
|
||||||
|
params = []
|
||||||
if not include_deleted:
|
if not include_deleted:
|
||||||
conditions.append('deleted=0')
|
conditions.append('deleted=0')
|
||||||
if included_states:
|
if included_states:
|
||||||
state_list = ','.join([str(st) for st in included_states])
|
conditions.append('state in (%s)' % ','.join(
|
||||||
conditions.append('state in (%s)' % state_list)
|
'?' * len(included_states)))
|
||||||
|
params.extend(included_states)
|
||||||
if excluded_states:
|
if excluded_states:
|
||||||
state_list = ','.join([str(st) for st in excluded_states])
|
conditions.append('state not in (%s)' % ','.join(
|
||||||
conditions.append('state not in (%s)' % state_list)
|
'?' * len(excluded_states)))
|
||||||
|
params.extend(excluded_states)
|
||||||
if not include_own:
|
if not include_own:
|
||||||
conditions.append('name!="%s"' % self.path)
|
conditions.append('name != ?')
|
||||||
|
params.append(self.path)
|
||||||
if exclude_others:
|
if exclude_others:
|
||||||
conditions.append('name="%s"' % self.path)
|
conditions.append('name = ?')
|
||||||
|
params.append(self.path)
|
||||||
if conditions:
|
if conditions:
|
||||||
condition = ' WHERE ' + ' AND '.join(conditions)
|
condition = ' WHERE ' + ' AND '.join(conditions)
|
||||||
sql = '''
|
sql = '''
|
||||||
SELECT %s
|
SELECT %s
|
||||||
FROM shard_ranges%s;
|
FROM shard_ranges%s;
|
||||||
''' % (', '.join(SHARD_RANGE_KEYS), condition)
|
''' % (', '.join(SHARD_RANGE_KEYS), condition)
|
||||||
data = conn.execute(sql)
|
data = conn.execute(sql, params)
|
||||||
data.row_factory = None
|
data.row_factory = None
|
||||||
return [row for row in data]
|
return [row for row in data]
|
||||||
except sqlite3.OperationalError as err:
|
except sqlite3.OperationalError as err:
|
||||||
|
Loading…
Reference in New Issue
Block a user