From f50e9b4d0f617827e9f9473c5ad2bacac0c09a54 Mon Sep 17 00:00:00 2001 From: Wolfgang Sourdeau Date: Mon, 30 Jun 2008 15:15:29 +0000 Subject: [PATCH] Monotone-Parent: c4d0ee7e69c541a6b4b799dae55d03d6b5b67a6a Monotone-Revision: effc0ea5c248c71e6b7996a01b73ce09b7609780 Monotone-Author: wsourdeau@inverse.ca Monotone-Date: 2008-06-30T15:15:29 Monotone-Branch: ca.inverse.sogo --- SOPE/GDLContentStore/GCSFolderManager.m | 57 ++++++++++++------------- 1 file changed, 28 insertions(+), 29 deletions(-) diff --git a/SOPE/GDLContentStore/GCSFolderManager.m b/SOPE/GDLContentStore/GCSFolderManager.m index c6ec4c781..ddc8f3e90 100644 --- a/SOPE/GDLContentStore/GCSFolderManager.m +++ b/SOPE/GDLContentStore/GCSFolderManager.m @@ -710,42 +710,41 @@ static NSCharacterSet *asciiAlphaNumericCS = nil; while ([paths count] < 5) [paths addObject: @"NULL"]; - tableName = [self baseTableNameWithUID: [paths objectAtIndex: 2]]; - aContext = [channel adaptorContext]; [aContext beginTransaction]; - error = [channel createGCSFolderTableWithName: tableName]; + + tableName = [self baseTableNameWithUID: [paths objectAtIndex: 2]]; + quickTableName = [tableName stringByAppendingString: @"_quick"]; + aclTableName = [tableName stringByAppendingString: @"_acl"]; + + // TBD: fix SQL injection issues + baseURL + = [[folderInfoLocation absoluteString] stringByDeletingLastPathComponent]; + + sql = [NSString stringWithFormat: @"INSERT INTO %@" + @" (c_path, c_path1, c_path2, c_path3, c_path4," + @" c_foldername, c_location, c_quick_location," + @" c_acl_location, c_folder_type)" + @" VALUES ('%@', '%@', '%@', '%@', '%@', '%@', '%@/%@'," + @" '%@/%@', '%@/%@', '%@')", + [self folderInfoTableName], path, + [paths objectAtIndex: 1], [paths objectAtIndex: 2], + [paths objectAtIndex: 3], [paths objectAtIndex: 4], + [folderName stringByReplacingString: @"'" withString: @"''"], + baseURL, tableName, + baseURL, quickTableName, + baseURL, aclTableName, + folderType]; + error = [channel evaluateExpressionX: sql]; if (!error) { - quickTableName = [tableName stringByAppendingString: @"_quick"]; - sql = [ftype sqlQuickCreateWithTableName: quickTableName]; - error = [channel evaluateExpressionX: sql]; + error = [channel createGCSFolderTableWithName: tableName]; if (!error) { - aclTableName = [tableName stringByAppendingString: @"_acl"]; - error = [channel createGCSFolderACLTableWithName: aclTableName]; + sql = [ftype sqlQuickCreateWithTableName: quickTableName]; + error = [channel evaluateExpressionX: sql]; if (!error) - { - // TBD: fix SQL injection issues - baseURL - = [[folderInfoLocation absoluteString] stringByDeletingLastPathComponent]; - - sql = [NSString stringWithFormat: @"INSERT INTO %@" - @" (c_path, c_path1, c_path2, c_path3, c_path4," - @" c_foldername, c_location, c_quick_location," - @" c_acl_location, c_folder_type)" - @" VALUES ('%@', '%@', '%@', '%@', '%@', '%@', '%@/%@'," - @" '%@/%@', '%@/%@', '%@')", - [self folderInfoTableName], path, - [paths objectAtIndex: 1], [paths objectAtIndex: 2], - [paths objectAtIndex: 3], [paths objectAtIndex: 4], - [folderName stringByReplacingString: @"'" withString: @"''"], - baseURL, tableName, - baseURL, quickTableName, - baseURL, aclTableName, - folderType]; - error = [channel evaluateExpressionX: sql]; - } + error = [channel createGCSFolderACLTableWithName: aclTableName]; } }