diff --git a/storage/sql/server.go b/storage/sql/server.go index f75a1e89..9672364b 100644 --- a/storage/sql/server.go +++ b/storage/sql/server.go @@ -93,7 +93,7 @@ func (s settingsBackend) SaveServer(ss *settings.Server) error { if checkError(err, "Fail to begin db transaction") { return err } - sql := fmt.Sprintf("INSERT INTO \"%s\" (key, value) VALUES(?,?)", SettingsTable) + sql := fmt.Sprintf("INSERT INTO \"%s\" (key, value) VALUES($1,$2)", SettingsTable) for i, field := range fields { stmt, err := s.db.Prepare(sql) defer stmt.Close() diff --git a/storage/sql/settings.go b/storage/sql/settings.go index 54737dee..5e1fe5d8 100644 --- a/storage/sql/settings.go +++ b/storage/sql/settings.go @@ -21,7 +21,7 @@ type settingsBackend struct { } func InitSettingsTable(db *sql.DB) error { - sql := fmt.Sprintf("create table if not exists \"%s\"(key string primary key, value string)", SettingsTable) + sql := fmt.Sprintf("create table if not exists \"%s\"(key text primary key, value text);", SettingsTable) _, err := db.Exec(sql) checkError(err, "Fail to create table settings") return err @@ -136,7 +136,7 @@ func boolToString(b bool) string { } func (s settingsBackend) Get() (*settings.Settings, error) { - sql := fmt.Sprintf("select key, value from \"%s\"", SettingsTable) + sql := fmt.Sprintf("select key, value from \"%s\";", SettingsTable) rows, err := s.db.Query(sql) if checkError(err, "Fail to Query settings.Settings") { return nil, err @@ -198,10 +198,11 @@ func (s settingsBackend) Save(ss *settings.Settings) error { } for i, field := range fields { exists := ContainKey(s.db, field) - sql := fmt.Sprintf("INSERT INTO \"%s\" (value, key) VALUES(?,?)", SettingsTable) + sql := fmt.Sprintf("INSERT INTO \"%s\" (value, key) VALUES($1,$2);", SettingsTable) if exists { - sql = fmt.Sprintf("UPDATE \"%s\" set value = ? where key = ?", SettingsTable) + sql = fmt.Sprintf("UPDATE \"%s\" set value = $1 where key = $2;", SettingsTable) } + fmt.Println(sql) stmt, err := s.db.Prepare(sql) defer stmt.Close() if checkError(err, "Fail to prepare statement") { @@ -274,7 +275,7 @@ func cloneSettings(s settings.Settings) settings.Settings { } func SetSetting(db *sql.DB, key string, value string) error { - sql := fmt.Sprintf("select count(key) from \"%s\" where key = '%s'", SettingsTable, key) + sql := fmt.Sprintf("select count(key) from \"%s\" where key = '%s';", SettingsTable, key) count := 0 err := db.QueryRow(sql).Scan(&count) if checkError(err, "Fail to QueryRow for key="+key) { @@ -287,7 +288,7 @@ func SetSetting(db *sql.DB, key string, value string) error { } func GetSetting(db *sql.DB, key string) string { - sql := fmt.Sprintf("select value from \"%s\" where key = '%s'", SettingsTable, key) + sql := fmt.Sprintf("select value from \"%s\" where key = '%s';", SettingsTable, key) value := "" err := db.QueryRow(sql).Scan(&value) if checkError(err, "Fail to QueryRow for key "+key) { @@ -297,15 +298,23 @@ func GetSetting(db *sql.DB, key string) string { } func addSetting(db *sql.DB, key string, value string) error { - sql := fmt.Sprintf("insert into \"%s\" (key, value) values('%s', '%s')", SettingsTable, key, value) - _, err := db.Exec(sql) - checkError(err, "Fail to addSetting") + sql := fmt.Sprintf("insert into \"%s\" (key, value) values($1, $2);", SettingsTable) + stmt, err := db.Prepare(sql) + if checkError(err, "Fail to prepare sql") { + return err + } + _, err = stmt.Exec(key, value) + checkError(err, "Fail to add settings") return err } func updateSetting(db *sql.DB, key string, value string) error { - sql := fmt.Sprintf("update \"%s\" set value = '%s' where key = '%s'", SettingsTable, value, key) - _, err := db.Exec(sql) + sql := fmt.Sprintf("update \"%s\" set value = $1 where key = $2;", SettingsTable) + stmt, err := db.Prepare(sql) + if checkError(err, "Fail to prepare sql") { + return err + } + _, err = stmt.Exec(key, value) checkError(err, "Fail to updateSetting") return err } @@ -319,7 +328,7 @@ func HadSetting(db *sql.DB) bool { } func ContainKey(db *sql.DB, key string) bool { - sql := fmt.Sprintf("select value from \"%s\" where key = '%s'", SettingsTable, key) + sql := fmt.Sprintf("select value from \"%s\" where key = '%s';", SettingsTable, key) value := "" err := db.QueryRow(sql).Scan(&value) if checkError(err, "Fail to QueryRow for key "+key) { diff --git a/storage/sql/share.go b/storage/sql/share.go index 03630d67..d9610da9 100644 --- a/storage/sql/share.go +++ b/storage/sql/share.go @@ -16,7 +16,7 @@ type linkRecord interface { } func InitSharesTable(db *sql.DB) error { - sql := fmt.Sprintf("create table if not exists \"%s\" (hash string, path string, userid integer, expire integer, passwordhash string, token string)", SharesTable) + sql := fmt.Sprintf("create table if not exists \"%s\" (hash text, path text, userid integer, expire integer, passwordhash text, token text)", SharesTable) _, err := db.Exec(sql) checkError(err, "Fail to InitSharesTable") return err diff --git a/storage/sql/sql.go b/storage/sql/sql.go index 16ba7cc6..8a5cabc6 100644 --- a/storage/sql/sql.go +++ b/storage/sql/sql.go @@ -29,13 +29,16 @@ func OpenDB(path string) (*sql.DB, error) { prefixes := []string{"sqlite3", "postgres", "mysql"} for _, prefix := range prefixes { if strings.HasPrefix(path, prefix) { - return connectDB(prefix, strings.TrimPrefix(path, prefix+"://")) + return connectDB(prefix, path) } } return nil, errors.New("Unsupported db scheme") } func connectDB(dbType string, path string) (*sql.DB, error) { + if dbType == "sqlite3" && strings.HasPrefix(path, "sqlite3://") { + path = strings.TrimPrefix(path, "sqlite3://") + } db, err := sql.Open(dbType, path) if err == nil { return db, nil diff --git a/storage/sql/users.go b/storage/sql/users.go index 2d7269aa..88f3d5d4 100644 --- a/storage/sql/users.go +++ b/storage/sql/users.go @@ -115,7 +115,7 @@ func createAdminUser() users.User { } func InitUserTable(db *sql.DB) error { - sql := fmt.Sprintf("CREATE TABLE IF NOT EXISTS \"%s\" (id integer primary key, username string, password string, scope string, locale string, lockpassword bool, viewmode string, perm string, commands string, sorting string, rules string, hidedotfiles bool, dateformat bool, singleclick bool);", UsersTable) + sql := fmt.Sprintf("CREATE TABLE IF NOT EXISTS \"%s\" (id integer primary key, username text, password text, scope text, locale text, lockpassword integer, viewmode text, perm text, commands text, sorting text, rules text, hidedotfiles integer, dateformat integer, singleclick integer);", UsersTable) _, err := db.Exec(sql) checkError(err, "Fail to create users table") return err