diff --git a/src/calibre/db/backend.py b/src/calibre/db/backend.py index c1f6a876eb..eae15bc112 100644 --- a/src/calibre/db/backend.py +++ b/src/calibre/db/backend.py @@ -2365,18 +2365,20 @@ class DB: fts_engine_query = unicode_normalize(fts_engine_query) fts_table = 'annotations_fts_stemmed' if use_stemming else 'annotations_fts' text = 'annotations.searchable_text' + data = [] if highlight_start is not None and highlight_end is not None: if snippet_size is not None: - text = "snippet({fts_table}, 0, '{highlight_start}', '{highlight_end}', '…', {snippet_size})".format( - fts_table=fts_table, highlight_start=highlight_start, highlight_end=highlight_end, - snippet_size=max(1, min(snippet_size, 64))) + text = "snippet({fts_table}, 0, ?, ?, '…', {snippet_size})".format( + fts_table=fts_table, snippet_size=max(1, min(snippet_size, 64))) else: - text = f"highlight({fts_table}, 0, '{highlight_start}', '{highlight_end}')" + text = f"highlight({fts_table}, 0, ?, ?)" + data.append(highlight_start) + data.append(highlight_end) query = 'SELECT {0}.id, {0}.book, {0}.format, {0}.user_type, {0}.user, {0}.annot_data, {1} FROM {0} ' query = query.format('annotations', text) query += ' JOIN {fts_table} ON annotations.id = {fts_table}.rowid'.format(fts_table=fts_table) query += f' WHERE {fts_table} MATCH ?' - data = [fts_engine_query] + data.append(fts_engine_query) if restrict_to_user: query += ' AND annotations.user_type = ? AND annotations.user = ?' data += list(restrict_to_user) diff --git a/src/calibre/db/fts/connect.py b/src/calibre/db/fts/connect.py index d5ebfe3aea..32f9e04393 100644 --- a/src/calibre/db/fts/connect.py +++ b/src/calibre/db/fts/connect.py @@ -156,20 +156,22 @@ class FTS: return fts_engine_query = unicode_normalize(fts_engine_query) fts_table = 'books_fts' + ('_stemmed' if use_stemming else '') + data = [] if return_text: text = 'books_text.searchable_text' if highlight_start is not None and highlight_end is not None: if snippet_size is not None: - text = f'''snippet("{fts_table}", 0, '{highlight_start}', '{highlight_end}', '…', {max(1, min(snippet_size, 64))})''' + text = f'''snippet("{fts_table}", 0, ?, ?, '…', {max(1, min(snippet_size, 64))})''' else: - text = f'''highlight("{fts_table}", 0, '{highlight_start}', '{highlight_end}')''' + text = f'''highlight("{fts_table}", 0, ?, ?)''' + data.append(highlight_start) + data.append(highlight_end) text = ', ' + text else: text = '' query = 'SELECT {0}.id, {0}.book, {0}.format {1} FROM {0} '.format('books_text', text) query += f' JOIN {fts_table} ON fts_db.books_text.id = {fts_table}.rowid' query += ' WHERE ' - data = [] conn = self.get_connection() temp_table_name = '' if restrict_to_book_ids: diff --git a/src/calibre/db/notes/connect.py b/src/calibre/db/notes/connect.py index 64bfd5ffb7..cdf7d4c402 100644 --- a/src/calibre/db/notes/connect.py +++ b/src/calibre/db/notes/connect.py @@ -413,13 +413,15 @@ class Notes: return fts_engine_query = unicode_normalize(fts_engine_query) fts_table = 'notes_fts' + ('_stemmed' if use_stemming else '') + hl_data = () if return_text: text = 'notes.searchable_text' if highlight_start is not None and highlight_end is not None: if snippet_size is not None: - text = f'''snippet("{fts_table}", 0, '{highlight_start}', '{highlight_end}', '…', {max(1, min(snippet_size, 64))})''' + text = f'''snippet("{fts_table}", 0, ?, ?, '…', {max(1, min(snippet_size, 64))})''' else: - text = f'''highlight("{fts_table}", 0, '{highlight_start}', '{highlight_end}')''' + text = f'''highlight("{fts_table}", 0, ?, ?)''' + hl_data = (highlight_start, highlight_end) text = ', ' + text else: text = '' @@ -433,7 +435,7 @@ class Notes: if limit is not None: query += f' LIMIT {limit}' try: - for record in conn.execute(query, restrict_to_fields+(fts_engine_query,)): + for record in conn.execute(query, hl_data + restrict_to_fields + (fts_engine_query,)): result = { 'id': record[0], 'field': record[1],