# HG changeset patch # User Timo Sirainen # Date 1149073370 -10800 # Node ID 1a98cb7093952fe1d8fc79ebe981e74c52d35dc1 # Parent 539a2dcd92b42fbad84d393c1983035bb0b0d22f Added sql_escape_string() diff -r 539a2dcd92b4 -r 1a98cb709395 src/lib-sql/driver-mysql.c --- a/src/lib-sql/driver-mysql.c Tue May 30 18:10:30 2006 +0300 +++ b/src/lib-sql/driver-mysql.c Wed May 31 14:02:50 2006 +0300 @@ -337,6 +337,23 @@ return 0; } +static char * +driver_mysql_escape_string(struct sql_db *_db, const char *string) +{ + struct mysql_db *db = (struct mysql_db *)_db; + const struct mysql_connection *conn; + size_t len = strlen(string); + char *to; + + /* All the connections should be identical, so just use the first one */ + conn = array_idx(&db->connections, 0); + + to = t_buffer_get(len * 2 + 1); + len = mysql_real_escape_string(conn->mysql, to, string, len); + t_buffer_alloc(len + 1); + return to; +} + static void driver_mysql_exec(struct sql_db *_db, const char *query) { struct mysql_db *db = (struct mysql_db *)_db; @@ -574,6 +591,7 @@ _driver_mysql_deinit, driver_mysql_get_flags, driver_mysql_connect_all, + driver_mysql_escape_string, driver_mysql_exec, driver_mysql_query, driver_mysql_query_s, diff -r 539a2dcd92b4 -r 1a98cb709395 src/lib-sql/driver-pgsql.c --- a/src/lib-sql/driver-pgsql.c Tue May 30 18:10:30 2006 +0300 +++ b/src/lib-sql/driver-pgsql.c Wed May 31 14:02:50 2006 +0300 @@ -441,6 +441,22 @@ i_error("pgsql: sql_exec() failed: %s", last_error(db)); } +static char *driver_pgsql_escape_string(struct sql_db *_db, const char *string) +{ + struct pgsql_db *db = (struct pgsql_db *)_db; + size_t len = strlen(string); + char *to; + + to = t_buffer_get(len * 2 + 1); +#ifdef HAVE_PQESCAPE_STRING_CONN + len = PQescapeStringConn(db->pg, to, string, len, NULL); +#else + len = PQescapeString(to, string, len); +#endif + t_buffer_alloc(len + 1); + return to; +} + static void driver_pgsql_exec(struct sql_db *db, const char *query) { struct pgsql_result *result; @@ -758,6 +774,7 @@ _driver_pgsql_deinit, driver_pgsql_get_flags, driver_pgsql_connect, + driver_pgsql_escape_string, driver_pgsql_exec, driver_pgsql_query, driver_pgsql_query_s, diff -r 539a2dcd92b4 -r 1a98cb709395 src/lib-sql/driver-sqlite.c --- a/src/lib-sql/driver-sqlite.c Tue May 30 18:10:30 2006 +0300 +++ b/src/lib-sql/driver-sqlite.c Wed May 31 14:02:50 2006 +0300 @@ -2,6 +2,7 @@ #include "lib.h" #include "str.h" +#include "strescape.h" #include "sql-api-private.h" #ifdef BUILD_SQLITE @@ -88,6 +89,12 @@ return SQL_DB_FLAG_BLOCKING; } +static char *driver_sqlite_escape_string(struct sql_db *_db __attr_unused__, + const char *string) +{ + return t_strdup_noconst(str_escape(string)); +} + static void driver_sqlite_exec(struct sql_db *_db, const char *query) { struct sqlite_db *db = (struct sqlite_db *)_db; @@ -338,6 +345,7 @@ _driver_sqlite_deinit, driver_sqlite_get_flags, driver_sqlite_connect, + driver_sqlite_escape_string, driver_sqlite_exec, driver_sqlite_query, driver_sqlite_query_s, diff -r 539a2dcd92b4 -r 1a98cb709395 src/lib-sql/sql-api-private.h --- a/src/lib-sql/sql-api-private.h Tue May 30 18:10:30 2006 +0300 +++ b/src/lib-sql/sql-api-private.h Wed May 31 14:02:50 2006 +0300 @@ -12,6 +12,7 @@ enum sql_db_flags (*get_flags)(struct sql_db *db); int (*connect)(struct sql_db *db); + char *(*escape_string)(struct sql_db *db, const char *string); void (*exec)(struct sql_db *db, const char *query); void (*query)(struct sql_db *db, const char *query, sql_query_callback_t *callback, void *context); diff -r 539a2dcd92b4 -r 1a98cb709395 src/lib-sql/sql-api.c --- a/src/lib-sql/sql-api.c Tue May 30 18:10:30 2006 +0300 +++ b/src/lib-sql/sql-api.c Wed May 31 14:02:50 2006 +0300 @@ -66,6 +66,11 @@ return db->connect(db); } +char *sql_escape_string(struct sql_db *db, const char *string) +{ + return db->escape_string(db, string); +} + void sql_exec(struct sql_db *db, const char *query) { db->exec(db, query); diff -r 539a2dcd92b4 -r 1a98cb709395 src/lib-sql/sql-api.h --- a/src/lib-sql/sql-api.h Tue May 30 18:10:30 2006 +0300 +++ b/src/lib-sql/sql-api.h Wed May 31 14:02:50 2006 +0300 @@ -37,6 +37,9 @@ 1 if we are fully connected now. */ int sql_connect(struct sql_db *db); +/* Escape the given string if needed and return it. */ +char *sql_escape_string(struct sql_db *db, const char *string); + /* Execute SQL query without waiting for results. */ void sql_exec(struct sql_db *db, const char *query); /* Execute SQL query and return result in callback. */