terbshaeusser/website
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Activity

use ? placeholders consistently

Browse Source 
Signed-off-by: Tobias Erbshäußer <tobias@tesoft.dev>
This commit is contained in:
Tobias Erbshäußer
2026-05-24 09:22:53 +02:00
parent df6f9d692b
commit 0e07967dab
1 changed files with 25 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files
backend/db.go
+21 -14
View File
@@ -7,7 +7,6 @@ import (
"errors" "errors"
"log" "log"
"slices" "slices"
"strconv"
"strings" "strings"
"time" "time"
@@ -232,18 +231,22 @@ func (db *Database) GetBlogArticles(showAll bool, offset int, limit int, tags []
func (db *Database) GetBlogArticle(showAll bool, id int64) (*Article, error) { func (db *Database) GetBlogArticle(showAll bool, id int64) (*Article, error) {
filter := " WHERE blog_article.id = ?" filter := " WHERE blog_article.id = ?"
filterArgs := make([]interface{}, 0)
filterArgs = append(filterArgs, id)
if !showAll { if !showAll {
filter = filter + " AND status = " + strconv.Itoa(ArticleStatusPublished) filter = filter + " AND status = ?"
filterArgs = append(filterArgs, ArticleStatusPublished)
} }
statement := "SELECT blog_article.status, blog_article.title, blog_article.date, blog_article.modification_date, blog_article.content, blog_tag.name" + rows, err := db.db.Query(
"SELECT blog_article.status, blog_article.title, blog_article.date, blog_article.modification_date, blog_article.content, blog_tag.name"+
" FROM blog_article"+ " FROM blog_article"+
" LEFT JOIN blog_article_to_tag ON blog_article.id = blog_article_to_tag.article_id"+ " LEFT JOIN blog_article_to_tag ON blog_article.id = blog_article_to_tag.article_id"+
" LEFT JOIN blog_tag ON blog_article_to_tag.tag_id = blog_tag.id" + " LEFT JOIN blog_tag ON blog_article_to_tag.tag_id = blog_tag.id"+filter+
" " + filter + " ORDER BY blog_tag.name",
" ORDER BY blog_tag.name" filterArgs...,
)
rows, err := db.db.Query(statement, id)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@@ -305,16 +308,20 @@ func (db *Database) GetBlogArticle(showAll bool, id int64) (*Article, error) {
func (db *Database) GetBlogArticleFile(showAll bool, articleId int64, fileId int64) (ArticleFile, error) { func (db *Database) GetBlogArticleFile(showAll bool, articleId int64, fileId int64) (ArticleFile, error) {
filter := " WHERE blog_file.article_id = ? AND blog_file.id = ?" filter := " WHERE blog_file.article_id = ? AND blog_file.id = ?"
filterArgs := make([]interface{}, 0)
filterArgs = append(filterArgs, articleId)
filterArgs = append(filterArgs, fileId)
if !showAll { if !showAll {
filter = filter + " AND blog_article.status = " + strconv.Itoa(ArticleStatusPublished) filter = filter + " AND blog_article.status = ?"
filterArgs = append(filterArgs, ArticleStatusPublished)
} }
statement := "SELECT blog_file.data FROM blog_file" +
" INNER JOIN blog_article ON blog_article.id = blog_file.article_id" +
" " + filter
var data []byte var data []byte
err := db.db.QueryRow(statement, articleId, fileId).Scan(&data) err := db.db.QueryRow(
"SELECT blog_file.data FROM blog_file INNER JOIN blog_article ON blog_article.id = blog_file.article_id"+filter,
filterArgs...,
).Scan(&data)
if err != nil { if err != nil {
if errors.Is(err, sql.ErrNoRows) { if errors.Is(err, sql.ErrNoRows) {
return ArticleFile{}, ErrNotFound return ArticleFile{}, ErrNotFound