diff --git a/src/dodo.c b/src/dodo.c index 97bf94b..e4817d9 100644 --- a/src/dodo.c +++ b/src/dodo.c @@ -59,7 +59,6 @@ int prepare_sql_update_stmt(sqlite3 *db, sqlite3_stmt** out_stmt, filtered_tasks char *sql_query; int rc = 0; int num_params = 0; - char test[SQLQUERY_MAX]; sql_query = malloc(SQLQUERY_MAX * sizeof(char)); @@ -171,13 +170,28 @@ int bind_sql_update_stmt(filtered_tasks* task, int num_params, sqlite3_stmt* out return 0; } -int gen_sql_delete_stmt(sqlite3 *db, sqlite3_stmt** out_stmt, filtered_tasks* task){ - char sql_query[SQLQUERY_MAX]; +int prepare_sql_delete_stmt(sqlite3 *db, sqlite3_stmt** out_stmt, filtered_tasks* task){ + char *sql_query; int rc = 0; + + sql_query = malloc(SQLQUERY_MAX * sizeof(char)); - snprintf(sql_query, SQLQUERY_MAX, "DELETE FROM tasks WHERE (title='%s' OR active_id='%d') AND active_id IS NOT NULL", task->title, task->active_id); + x_strcpy(sql_query,"DELETE FROM tasks WHERE ", SQLQUERY_MAX); + + if ( task->title ){ + sql_query = concat_with_mem_cleanup(sql_query, "title=? AND active_id IS NOT NULL"); + } + else if ( task->active_id != -1 ){ + sql_query = concat_with_mem_cleanup(sql_query, "active_id=?"); + } + else{ + free(sql_query); + return -1; + } rc = sqlite3_prepare_v2(db, sql_query, -1, out_stmt, NULL); + free(sql_query); + if (checksqlerr(rc, "prepare broken in gen_sql_insert_stmt")){ return -1; } @@ -185,6 +199,28 @@ int gen_sql_delete_stmt(sqlite3 *db, sqlite3_stmt** out_stmt, filtered_tasks* ta return 0; } +int bind_sql_delete_stmt(filtered_tasks* task, sqlite3_stmt* out_stmt){ + int rc = 0; + int param_pos = 1; + + if ( task->title ){ + rc = sqlite3_bind_text(out_stmt, param_pos, task->title, -1, SQLITE_STATIC); + } + else if ( task->active_id != -1 ){ + rc = sqlite3_bind_int(out_stmt, param_pos, task->active_id); + } + else{ + return -1; + } + + if (checksqlerr(rc, "prepare broken in gen_sql_insert_stmt")){ + return -1; + } + + return 0; +} + + int gen_sql_insert_stmt(sqlite3 *db, sqlite3_stmt** out_stmt, filtered_tasks* task, char* values){ char sql_query[SQLQUERY_MAX]; int rc = 0; @@ -519,6 +555,7 @@ int add_new_task(sqlite3 *db, int argc, char** argv){ int update_task_status(sqlite3 *db, int argc, char** argv){ int rc = 0; + int num_params = 0; sqlite3_stmt* out_stmt; filtered_tasks* task = malloc(sizeof(filtered_tasks)); @@ -527,11 +564,16 @@ int update_task_status(sqlite3 *db, int argc, char** argv){ parse_args(argc, argv, task); task->status = argv[1]; - if ( ( rc = prepare_sql_update_stmt(db, &out_stmt, task) ) ){ + + if ( ( num_params = prepare_sql_update_stmt(db, &out_stmt, task) ) == -1 ){ free(task); return -1; } + if ( ( rc = bind_sql_update_stmt(task, num_params, out_stmt) ) ){ + free(task); + return -1; + } if ( ( rc = sqlite3_step(out_stmt) ) == SQLITE_DONE){ free(task); @@ -599,7 +641,7 @@ int update_task(sqlite3 *db, int argc, char** argv){ return 0; } - checksqlerr(rc, "broken in complete_task"); + checksqlerr(rc, "broken in update_task"); free(task); return -1; @@ -615,7 +657,12 @@ int del_task(sqlite3 *db, int argc, char** argv){ parse_args(argc, argv, task); - if ( gen_sql_delete_stmt(db, &out_stmt, task) ){ + if ( prepare_sql_delete_stmt(db, &out_stmt, task) ){ + free(task); + return -1; + } + + if ( ( rc = bind_sql_delete_stmt(task, out_stmt) ) ){ free(task); return -1; }