From f243fbc6814e016a93a8fb96defd4d9f56114239 Mon Sep 17 00:00:00 2001 From: Andrew Rogl Date: Sun, 29 Sep 2024 07:30:42 +1000 Subject: [PATCH 1/4] Reworked #4709 after latest release --- beets/dbcore/query.py | 4 ++-- beets/library.py | 7 ++----- docs/changelog.rst | 2 ++ test/test_library.py | 10 ++++++---- 4 files changed, 12 insertions(+), 11 deletions(-) diff --git a/beets/dbcore/query.py b/beets/dbcore/query.py index f8cf7fe4c2..5088b1e776 100644 --- a/beets/dbcore/query.py +++ b/beets/dbcore/query.py @@ -1040,8 +1040,8 @@ def order_clause(self) -> str: if self.case_insensitive: field = ( "(CASE " - 'WHEN TYPEOF({0})="text" THEN LOWER({0}) ' - 'WHEN TYPEOF({0})="blob" THEN LOWER({0}) ' + "WHEN TYPEOF({0})='text' THEN LOWER({0}) " + "WHEN TYPEOF({0})='blob' THEN LOWER({0}) " "ELSE {0} END)".format(self.field) ) else: diff --git a/beets/library.py b/beets/library.py index e8e0f0f83c..1f099e2d02 100644 --- a/beets/library.py +++ b/beets/library.py @@ -312,11 +312,8 @@ def order_clause(self): order = "ASC" if self.ascending else "DESC" field = "albumartist" if self.album else "artist" collate = "COLLATE NOCASE" if self.case_insensitive else "" - return ( - "(CASE {0}_sort WHEN NULL THEN {0} " - 'WHEN "" THEN {0} ' - "ELSE {0}_sort END) {1} {2}" - ).format(field, collate, order) + + return f"COALESCE(NULLIF({field}_sort, ''), {field}) {collate} {order}" def sort(self, objs): if self.album: diff --git a/docs/changelog.rst b/docs/changelog.rst index 33a4b5f94d..e48ec3e6d4 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -40,6 +40,8 @@ Bug fixes: issues in the future. :bug:`5289` * :doc:`plugins/discogs`: Fix the ``TypeError`` when there is no description. +* Fix double-quoted string literals in SQL queries + :bug:`4709` For packagers: diff --git a/test/test_library.py b/test/test_library.py index 9b29505a3d..c480442101 100644 --- a/test/test_library.py +++ b/test/test_library.py @@ -59,7 +59,7 @@ def test_store_changes_database_value(self): self.i.store() new_year = ( self.lib._connection() - .execute("select year from items where " 'title="the title"') + .execute("select year from items where title = ?", (self.i.title,)) .fetchone()["year"] ) assert new_year == 1987 @@ -70,7 +70,7 @@ def test_store_only_writes_dirty_fields(self): self.i.store() new_genre = ( self.lib._connection() - .execute("select genre from items where " 'title="the title"') + .execute("select genre from items where title = ?", (self.i.title,)) .fetchone()["genre"] ) assert new_genre == original_genre @@ -104,7 +104,8 @@ def test_item_add_inserts_row(self): new_grouping = ( self.lib._connection() .execute( - "select grouping from items " 'where composer="the composer"' + "select grouping from items where composer = ?", + (self.i.composer,), ) .fetchone()["grouping"] ) @@ -118,7 +119,8 @@ def test_library_add_path_inserts_row(self): new_grouping = ( self.lib._connection() .execute( - "select grouping from items " 'where composer="the composer"' + "select grouping from items where composer = ?", + (self.i.composer,), ) .fetchone()["grouping"] ) From 89c0c65bf061669afaf98d1b2b0af8221edb9bde Mon Sep 17 00:00:00 2001 From: Andrew Rogl Date: Sun, 29 Sep 2024 18:32:57 +1000 Subject: [PATCH 2/4] Update changelog as requested --- docs/changelog.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/changelog.rst b/docs/changelog.rst index e48ec3e6d4..63ce2e0c41 100644 --- a/docs/changelog.rst +++ b/docs/changelog.rst @@ -40,7 +40,7 @@ Bug fixes: issues in the future. :bug:`5289` * :doc:`plugins/discogs`: Fix the ``TypeError`` when there is no description. -* Fix double-quoted string literals in SQL queries +* Remove single quotes from all SQL queries :bug:`4709` For packagers: From f295889bf4b62c21f16b0d90d96558bd0ccc732b Mon Sep 17 00:00:00 2001 From: Andrew Rogl Date: Sun, 29 Sep 2024 22:18:42 +1000 Subject: [PATCH 3/4] Update as requested --- CONTRIBUTING.rst | 4 ++-- beetsplug/web/__init__.py | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst index b9593741c5..8761b912ee 100644 --- a/CONTRIBUTING.rst +++ b/CONTRIBUTING.rst @@ -237,7 +237,7 @@ There are a few coding conventions we use in beets: .. code-block:: python with g.lib.transaction() as tx: - rows = tx.query('SELECT DISTINCT "{0}" FROM "{1}" ORDER BY "{2}"' + rows = tx.query("SELECT DISTINCT '{0}'' FROM '{1}'' ORDER BY '{2}'"" .format(field, model._table, sort_field)) To fetch Item objects from the database, use lib.items(…) and supply @@ -248,7 +248,7 @@ There are a few coding conventions we use in beets: .. code-block:: python with lib.transaction() as tx: - rows = tx.query('SELECT …') + rows = tx.query("SELECT …") Transaction objects help control concurrent access to the database and assist in debugging conflicting accesses. diff --git a/beetsplug/web/__init__.py b/beetsplug/web/__init__.py index dcd0ba38c1..55864f503a 100644 --- a/beetsplug/web/__init__.py +++ b/beetsplug/web/__init__.py @@ -231,7 +231,7 @@ def _get_unique_table_field_values(model, field, sort_field): raise KeyError with g.lib.transaction() as tx: rows = tx.query( - 'SELECT DISTINCT "{}" FROM "{}" ORDER BY "{}"'.format( + "SELECT DISTINCT '{}' FROM '{}' ORDER BY '{}'".format( field, model._table, sort_field ) ) From 9a9f4a183c3086f8b4eb33dcc509f7464a32db81 Mon Sep 17 00:00:00 2001 From: Andrew Rogl Date: Mon, 30 Sep 2024 06:30:27 +1000 Subject: [PATCH 4/4] VS code and auto complete :sad: --- CONTRIBUTING.rst | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CONTRIBUTING.rst b/CONTRIBUTING.rst index 8761b912ee..ee4edbdcb7 100644 --- a/CONTRIBUTING.rst +++ b/CONTRIBUTING.rst @@ -237,7 +237,7 @@ There are a few coding conventions we use in beets: .. code-block:: python with g.lib.transaction() as tx: - rows = tx.query("SELECT DISTINCT '{0}'' FROM '{1}'' ORDER BY '{2}'"" + rows = tx.query("SELECT DISTINCT '{0}' FROM '{1}' ORDER BY '{2}'" .format(field, model._table, sort_field)) To fetch Item objects from the database, use lib.items(…) and supply