tags 590285 + patch
thanks
Hello,
Hereby fix for the mysql and pgsql backend.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590285#10 is the way how
sqlite works and seems to me to be ok.
Code for pgsql is mostly copied from the mysql-code only differs in
function name to postgres specific, I assume it will work correct, but I
didn't test it.
Regards,
Jaco Möhlmann
100,106c100,103
< string a;
<
< for(string::const_iterator i=name.begin();i!=name.end();++i) {
< if(*i=='\'' || *i=='\\')
< a+='\\';
< a+=*i;
< }
---
> char *encoded_data = new char[(name.length() * 2) + 1]; // maximum possible
> data needed to escape
> long encoded_len = mysql_real_escape_string(&d_db, encoded_data,
> name.c_str(), name.length());
> string a(encoded_data, encoded_len);
> delete []encoded_data;
143,148c143,147
< string a;
<
< for(string::const_iterator i=name.begin();i!=name.end();++i) {
< if(*i=='\'' || *i=='\\')
< a+='\\';
< a+=*i;
---
> char *encoded_data = new char[(name.length() * 2) + 1]; // maximum possible
> data needed to escape
> int error;
> long encoded_len = PQescapeStringConn(d_db, encoded_data, name.c_str(),
> name.length(), &error);
> if (error != 0) {
> // escaping data failure, what to do. encoded_data contains data, but it
> can be invalid for the database.
149a149,150
> string a(encoded_data, encoded_len);
> delete []encoded_data;
