media_svc_retvm_if(!STRING_VALID(path), MS_MEDIA_ERR_INVALID_PARAMETER, "path is NULL");
- sql = sqlite3_mprintf("SELECT media_thumbnail_path FROM %q WHERE media_path='%q'", DB_TABLE_MEDIA, path);
+ sql = sqlite3_mprintf("SELECT media_thumbnail_path FROM %q WHERE media_path=%Q", DB_TABLE_MEDIA, path);
ret = _media_svc_sql_prepare_to_step(handle, sql, &sql_stmt);
media_svc_debug("path=[%s], validity=[%d]", path, validity);
- sql = sqlite3_mprintf("UPDATE %q SET validity=%d WHERE media_path='%q';", DB_TABLE_MEDIA, validity, path);
+ sql = sqlite3_mprintf("UPDATE %q SET validity=%d WHERE media_path=%Q;", DB_TABLE_MEDIA, validity, path);
if (!stack_query) {
ret = _media_svc_sql_query_direct(sql, uid);
int _media_svc_update_item_by_path(const char *src_path, const char *dst_storage_id, const char *dest_path, const char *file_name, int modified_time, long long int folder_id, uid_t uid)
{
int ret = MS_MEDIA_ERR_NONE;
-
- char *query = sqlite3_mprintf("UPDATE %q SET media_path=%Q, media_display_name=%Q, media_modified_time=%d, folder_id=%lld, storage_uuid='%q' WHERE media_path=%Q;",
+ char *query = sqlite3_mprintf("UPDATE %q SET media_path=%Q, media_display_name=%Q, media_modified_time=%d, folder_id=%lld, storage_uuid=%Q WHERE media_path=%Q;",
DB_TABLE_MEDIA, dest_path, file_name, modified_time, folder_id, dst_storage_id, src_path);
ret = _media_svc_sql_query(query, uid);