sharpetronics/QGIS
1
0
Fork 0
mirror of https://github.com/qgis/QGIS.git synced 2025-02-28 00:17:30 -05:00
Code Issues Packages Projects Releases Wiki Activity

[mssql] Fix inserting features into tables with an after insert trigger attached

Browse Source 
Fixes #20592
This commit is contained in:
Alex 2019-01-06 20:48:41 -05:00 committed by Nyall Dawson
parent efd54f862f
commit 69f6ea521b
1 changed files with 14 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/providers/mssql/qgsmssqlprovider.cpp
View File

@ -872,7 +872,15 @@ bool QgsMssqlProvider::addFeatures( QgsFeatureList &flist, Flags flags )
QString statement;
QString values;
statement = QStringLiteral( "INSERT INTO [%1].[%2] (" ).arg( mSchemaName, mTableName );
if ( !( flags & QgsFeatureSink::FastInsert ) )
{
statement += QStringLiteral( "DECLARE @px TABLE (id INT); " );
statement += QStringLiteral( "INSERT INTO [%1].[%2] (" ).arg( mSchemaName, mTableName );
}
else
{
statement += QStringLiteral( "INSERT INTO [%1].[%2] (" ).arg( mSchemaName, mTableName );
}
bool first = true;
QSqlQuery query = createQuery();
@ -947,10 +955,14 @@ bool QgsMssqlProvider::addFeatures( QgsFeatureList &flist, Flags flags )
statement += QStringLiteral( ") " );
if ( !( flags & QgsFeatureSink::FastInsert ) )
{
statement += QStringLiteral( " OUTPUT inserted." ) + mFidColName;
statement += QStringLiteral( " OUTPUT inserted." ) + mFidColName + QStringLiteral( " INTO @px " );
}
statement += QStringLiteral( " VALUES (" ) + values + ')';
if ( !( flags & QgsFeatureSink::FastInsert ) )
{
statement += QStringLiteral( "; SELECT id FROM @px;" );
}
// use prepared statement to prevent from sql injection
if ( !query.prepare( statement ) )
{