phillip/karaoqueue
1
0
Fork 0
mirror of https://github.com/PhoenixTwoFive/karaoqueue.git synced 2025-05-19 19:11:49 +02:00
Code Issues Packages Projects Releases Wiki Activity

Properly pass user input to SQLite and fix searches with umlauts.

Browse Source 
Resolves #3.
This commit is contained in:
Phillip Kühne 2020-03-10 20:08:31 +01:00
parent a8871c1106
commit e9f43c0169
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
backend/app/database.py
View File

@ -89,15 +89,17 @@ def get_played_list():
def get_song_list():
conn =open_db()
cur = conn.cursor()
cur.execute("SELECT Artist || \" - \" || Title AS Song, Id FROM songs")
cur.execute("SELECT Artist || \" - \" || Title AS Song, Id FROM songs;")
return cur.fetchall()
def get_song_completions(input_string):
conn = open_db()
cur = conn.cursor()
# Don't look, it burns...
prepared_string = "%{0}%".format(input_string).upper() # "Test" -> "%TEST%"
print(prepared_string)
cur.execute(
"SELECT Title || \" - \" || Artist AS Song, Id FROM songs WHERE Song LIKE REPLACE(REPLACE(REPLACE(REPLACE(UPPER('%"+input_string+"%'),'ö','Ö'),'ü','Ü'),'ä','Ä'),'ß','') LIMIT 20")
"SELECT Title || \" - \" || Artist AS Song, Id FROM songs WHERE REPLACE(REPLACE(REPLACE(REPLACE(UPPER( SONG ),'ö','Ö'),'ü','Ü'),'ä','Ä'),'ß','') LIKE (?) LIMIT 20;", (prepared_string,))
return cur.fetchall()
def add_entry(name,song_id):