Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Unresolved
Priority: P3: Somewhat important
Fix Version/s: None
Affects Version/s: 5.15.2, 6.1.2
Component/s: Quick: Core Declarative QML
Labels:
None

Platform/s:

All

Description

Heuristics for determining read-only properties of a SQL statement passed to executeSql in db.readTransaction callback are insufficient, and generate false-positive errors. Basically, it checks whether a statement immediately starts with a "SELECT" keyword (or rather a sub-string — it does not check what follows it), which rejects properly indented code inside multi-line (aka template) string literals.

db.readTransaction(tx => {
  const rs = tx.executeSql(`
    SELECT one, two
    FROM MyTable
  `);
}

qrc:/components/dao/MyDao.qml:42: Error: Read-only Transaction

The code responsible for this mess is inside qmlsqldatabase_executeSql function in qtdeclarative/src/qmllocalstorage/qqmllocalstorage.cpp file.

At the time of writing, it was this:

QString sql = argc ? argv[0].toQString() : QString();

if (r->d()->readonly && !sql.startsWith(QLatin1String("SELECT"),Qt::CaseInsensitive)) {
    V4THROW_SQL(SQLEXCEPTION_SYNTAX_ERR, QQmlEngine::tr("Read-only Transaction"));
}

Note: I DON'T advise stripping/trimming or modifying in any other way a statement string which user passed, as it may lead to much worse diagnostics (wrong locations reported etc).

Attachments

Gerrit Reviews

- Issue Only
- Show All Reviews
- Show Open Reviews

No reviews matched the request. Check your Options in the drop-down menu of this sections header.

Activity

People

Assignee:: Qt Quick and Widgets Team

Reporter:: ivan tkachenko

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 29 Jul '21 21:58

Updated:: 05 Aug '21 14:31

Gerrit Reviews

There are no open Gerrit changes