fix: quote column names in UPDATE statements to handle reserved keywords
'order' is a reserved keyword in SQLite. Quote all column names in update_user, update_goal, and update_task to prevent syntax errors when updating columns with reserved names.
This commit is contained in:
Yuyao Huang
parent
be4d11a60e
commit
8ede63adcd
@ -48,7 +48,7 @@ def create_user(username, password_hash, role="user", max_goals=None):
|
|||||||
def update_user(user_id, **kwargs):
|
def update_user(user_id, **kwargs):
|
||||||
if not kwargs:
|
if not kwargs:
|
||||||
return
|
return
|
||||||
sets = ", ".join(f"{k} = ?" for k in kwargs)
|
sets = ", ".join(f'"{k}" = ?' for k in kwargs)
|
||||||
values = list(kwargs.values()) + [user_id]
|
values = list(kwargs.values()) + [user_id]
|
||||||
conn = get_connection()
|
conn = get_connection()
|
||||||
try:
|
try:
|
||||||
@ -101,7 +101,7 @@ def create_goal(user_id, title):
|
|||||||
def update_goal(goal_id, **kwargs):
|
def update_goal(goal_id, **kwargs):
|
||||||
if not kwargs:
|
if not kwargs:
|
||||||
return
|
return
|
||||||
sets = ", ".join(f"{k} = ?" for k in kwargs)
|
sets = ", ".join(f'"{k}" = ?' for k in kwargs)
|
||||||
values = list(kwargs.values()) + [goal_id]
|
values = list(kwargs.values()) + [goal_id]
|
||||||
conn = get_connection()
|
conn = get_connection()
|
||||||
try:
|
try:
|
||||||
@ -177,7 +177,7 @@ def create_task(goal_id, title, desc="", status="todo", order=None):
|
|||||||
def update_task(task_id, **kwargs):
|
def update_task(task_id, **kwargs):
|
||||||
if not kwargs:
|
if not kwargs:
|
||||||
return
|
return
|
||||||
sets = ", ".join(f"{k} = ?" for k in kwargs)
|
sets = ", ".join(f'"{k}" = ?' for k in kwargs)
|
||||||
values = list(kwargs.values()) + [task_id]
|
values = list(kwargs.values()) + [task_id]
|
||||||
conn = get_connection()
|
conn = get_connection()
|
||||||
try:
|
try:
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user