diff --git a/ArtNet/db/db_adapter.py b/ArtNet/db/db_adapter.py index 328ab0a..2283319 100644 --- a/ArtNet/db/db_adapter.py +++ b/ArtNet/db/db_adapter.py @@ -454,8 +454,9 @@ class DBAdapter: if all_if_empty and (name is None or len(name) == 0) and (domain is None or len(domain) == 0): self.db_cursor.execute("SELECT name, domain, artist_id FROM presence") else: - self.db_cursor.execute("SELECT name, domain, artist_id FROM presence WHERE LOWER(name) LIKE LOWER('%{0}%')".format(name) + - " AND domain LIKE '%{0}%'".format(domain)) + d = {"name":"%"+name+"%", "domain": "%"+domain+"%"} + self.db_cursor.execute("SELECT name, domain, artist_id FROM presence WHERE LOWER(name) LIKE " + "LOWER(%(name)s) AND domain LIKE %(domain)s", d) rows = self.db_cursor.fetchall() result = [] @@ -495,7 +496,8 @@ class DBAdapter: :param search: :return: """ - self.db_cursor.execute("SELECT name FROM tag_category WHERE LOWER(name) LIKE LOWER('%{0}%')".format(search)) + d = {"search": "%"+search+"%"} + self.db_cursor.execute("SELECT name FROM tag_category WHERE LOWER(name) LIKE LOWER(%(search)s)", d) rows = [] for row in self.db_cursor.fetchall(): @@ -513,7 +515,8 @@ class DBAdapter: if all_if_empty and len(name) == 0: self.db_cursor.execute("SELECT name, description, category_id FROM tag") else: - self.db_cursor.execute("SELECT name, description, category_id FROM tag WHERE LOWER(name) LIKE LOWER('%{0}%')".format(name)) + d = {"name": "%"+name+"%"} + self.db_cursor.execute("SELECT name, description, category_id FROM tag WHERE LOWER(name) LIKE LOWER(%(name)s)", d) rows = self.db_cursor.fetchall() new_rows = [] @@ -544,8 +547,8 @@ class DBAdapter: elif all_if_empty and ID is None and len(name) == 0: self.db_cursor.execute("SELECT id, name FROM artist") else: - self.db_cursor.execute("SELECT id, name FROM artist WHERE LOWER(name) LIKE LOWER('%{0}%')" - .format(name)) + d = {"name": "%"+name+"%"} + self.db_cursor.execute("SELECT id, name FROM artist WHERE LOWER(name) LIKE LOWER(%(name)s)", d) return self.db_cursor.fetchall()