refactor: harden field mapping and sqlite boolean toggles

2026-02-22 01:33:02 +08:00
parent 8354e38e89
commit 530d81b565
1 changed files with 16 additions and 5 deletions
--- a/SubMind.py
+++ b/SubMind.py
@@ -242,7 +242,15 @@ def format_frequency(unit, value) -> str:


 CATEGORY_CB_PREFIX = "list_subs_in_category_id_"
-EDITABLE_SUB_FIELDS = {'name', 'cost', 'currency', 'category', 'next_due', 'renewal_type', 'notes'}
+EDITABLE_SUB_FIELDS = {
+    'name': 'name',
+    'cost': 'cost',
+    'currency': 'currency',
+    'category': 'category',
+    'next_due': 'next_due',
+    'renewal_type': 'renewal_type',
+    'notes': 'notes'
+}


 def _build_category_callback_data(category_id: int) -> str:
@@ -1050,7 +1058,8 @@ async def edit_new_value_received(update: Update, context: CallbackContext):
        if update.effective_message:
            await update.effective_message.reply_text("错误：未选择要编辑的字段。")
        return ConversationHandler.END
-    if field not in EDITABLE_SUB_FIELDS:
+    db_field = EDITABLE_SUB_FIELDS.get(field)
+    if not db_field:
        if update.effective_message:
            await update.effective_message.reply_text("错误：不允许编辑该字段。")
        logger.warning(f"Blocked unsafe field update attempt: {field}")
@@ -1111,7 +1120,7 @@ async def edit_new_value_received(update: Update, context: CallbackContext):

    with get_db_connection() as conn:
        cursor = conn.cursor()
-        cursor.execute(f"UPDATE subscriptions SET {field} = ? WHERE id = ? AND user_id = ?",
+        cursor.execute(f"UPDATE subscriptions SET {db_field} = ? WHERE id = ? AND user_id = ?",
                       (new_value, sub_id, user_id))
        conn.commit()

@@ -1195,12 +1204,14 @@ async def remind_action_handler(update: Update, context: CallbackContext):
        cursor = conn.cursor()
        if action == 'toggle_enabled':
            cursor.execute(
-                "UPDATE subscriptions SET reminders_enabled = NOT reminders_enabled WHERE id = ? AND user_id = ?",
+                "UPDATE subscriptions SET reminders_enabled = CASE WHEN reminders_enabled THEN 0 ELSE 1 END "
+                "WHERE id = ? AND user_id = ?",
                (sub_id, user_id)
            )
        elif action == 'toggle_due_date':
            cursor.execute(
-                "UPDATE subscriptions SET reminder_on_due_date = NOT reminder_on_due_date WHERE id = ? AND user_id = ?",
+                "UPDATE subscriptions SET reminder_on_due_date = CASE WHEN reminder_on_due_date THEN 0 ELSE 1 END "
+                "WHERE id = ? AND user_id = ?",
                (sub_id, user_id)
            )
        conn.commit()