diff options
Diffstat (limited to 'nopsyncd/tempstorage.lua')
-rw-r--r-- | nopsyncd/tempstorage.lua | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/nopsyncd/tempstorage.lua b/nopsyncd/tempstorage.lua index 37f3422..d40ee42 100644 --- a/nopsyncd/tempstorage.lua +++ b/nopsyncd/tempstorage.lua @@ -61,14 +61,16 @@ function tempstorage:getLastCart() end function tempstorage:insertMusic(timestamp, cart, len, title, artist, album) + timestamp = tonumber(timestamp) cart = tonumber(cart) + len = tonumber(len) if cart < 400000 or cart > 450000 then poolnum = 0 else poolnum = math.floor(cart/1000) - 399 end - -- TODO escape "' in strings" - local cur, err = self.con:execute("INSERT into now VALUES(" .. timestamp .. ", " .. cart .. ", " .. len .. ", 'Musikpool " .. poolnum .. "', '" .. title .. "', '" .. artist .."', '" .. album .. "', 1)") + -- usage of undocumented escape function... + local cur, err = self.con:execute("INSERT into now VALUES(" .. timestamp .. ", " .. cart .. ", " .. len .. ", 'Musikpool " .. poolnum .. "', '" .. self.con:escape(title) .. "', '" .. self.con:escape(artist) .."', '" .. self.con:escape(album) .. "', 1)") if cur == nil then return nil, err end |