From e00766cce8df8b470b203997dcf58561078ca2b9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luk=C3=A1=C5=A1=20Kucharczyk?= Date: Wed, 16 Nov 2022 12:43:06 +0100 Subject: [PATCH] Properly escape everywhere --- tag.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/tag.sh b/tag.sh index dd5576c..83edd66 100755 --- a/tag.sh +++ b/tag.sh @@ -16,7 +16,7 @@ set -ueo pipefail # TODO: adjust sqlite_insert_multiple to allow defining columns per insert, currently it's hardcoded to 2 # TODO: merge sqlite_insert_single and sqlite_insert_multiple probably as result of the above -SCRIPT_DIR=$(dirname $(readlink "$0")) +SCRIPT_DIR=$(dirname "$(readlink "$0")") SCRIPT_NAME=$(basename "$0") @@ -152,10 +152,10 @@ add_path() { for FILE in "$@"; do [ ! -f "$FILE" ] && fail "File '$FILE' does not exist in the specified path." local FILENAME=$(basename "$FILE") - local FILEPATH=$(realpath $(dirname "$FILE")) + local FILEPATH=$(realpath "$(dirname "$FILE")") file_exists_in_db "$FILE" && fail "File '$FILE' already exists in database." - FILES+=("'$FILENAME'") - FILES+=("'$FILEPATH'") + FILES+=("\"$FILENAME\"") + FILES+=("\"$FILEPATH\"") done sqlite_insert_multi "$TABLE" "$COLUMN" "${FILES[@]}" } @@ -179,7 +179,7 @@ add_path_auto() { tag_exists_in_db() { # $TAGLABEL TAG=${1:-} - RESULT=$(sqlite_query "SELECT id FROM tags WHERE label = '$TAG'") + RESULT=$(sqlite_query "SELECT id FROM tags WHERE label = \"$TAG\"") if [[ -z "$RESULT" ]]; then return 1 else @@ -200,9 +200,9 @@ file_exists_in_db() { file_by_filename() { # FILENAME local FILENAME=$(basename "${1:-}") - local FILEPATH=$(realpath $(dirname "${1:-}")) + local FILEPATH=$(realpath "$(dirname "${1:-}")") local RESULT=0 - RESULT=$(sqlite_query "SELECT id FROM files WHERE filename = '$FILENAME' AND path = '$FILEPATH'") + RESULT=$(sqlite_query "SELECT id FROM files WHERE filename = \"$FILENAME\" AND path = \"$FILEPATH\"") echo $RESULT }