[icinga-checkins] icinga.org: icinga-core/master: modify string escaping again for mysql, pgsql
git at icinga.org
git at icinga.org
Thu Apr 29 16:25:22 CEST 2010
Module: icinga-core
Branch: master
Commit: 0a98462f01f6cdf7b4fda3ad0b78e0c8658f5761
URL: https://git.icinga.org/?p=icinga-core.git;a=commit;h=0a98462f01f6cdf7b4fda3ad0b78e0c8658f5761
Author: Michael Friedrich <michael.friedrich at univie.ac.at>
Date: Thu Apr 29 16:25:04 2010 +0200
modify string escaping again for mysql, pgsql
needs a rewrite though. the actual solution is not acceptable anymore.
fixes #384
---
Changelog | 1 +
module/idoutils/src/db.c | 49 +++++++++++++++++++++++++++++++++++++++++++++-
2 files changed, 49 insertions(+), 1 deletions(-)
diff --git a/Changelog b/Changelog
index 8483920..acd0d5c 100644
--- a/Changelog
+++ b/Changelog
@@ -20,6 +20,7 @@ FIXES
* idoutils: Host DB inserts use string 'NULL\n' instead of NULL (William Preston)
* idoutils: ndo2db_get_object_id fails to return existing IDs (William Preston)
* idoutils: fix postgres wrong type in service_object_id
+* idoutils: modify string escaping again (mysql, pgsql), needs a full rewrite though
1.0.1 - 03/03/2010
diff --git a/module/idoutils/src/db.c b/module/idoutils/src/db.c
index d542cff..439bf7b 100644
--- a/module/idoutils/src/db.c
+++ b/module/idoutils/src/db.c
@@ -1813,11 +1813,57 @@ char *ndo2db_db_escape_string(ndo2db_idi *idi, char *buf) {
z = strlen(buf);
+ /* escape characters */
+#ifndef USE_ORACLE /* everything else will be libdbi */
+ /* allocate space for the new string */
+
+ if ((newbuf = (char *) malloc((z * 2) + 1)) == NULL)
+ return NULL;
+
+ for (x = 0, y = 0; x < z; x++) {
+
+ if(idi->dbinfo.server_type==NDO2DB_DBSERVER_MYSQL){
+
+ if(buf[x]=='\'' || buf[x]=='\"' || buf[x]=='*' || buf[x]=='\\' || buf[x]=='$' || buf[x]=='?' || buf[x]=='.' || buf[x]=='^' || buf[x]=='+' || buf[x]=='[' || buf[x]==']' || buf[x]=='(' || buf[x]==')')
+ newbuf[y++]='\\';
+ }
+ else if(idi->dbinfo.server_type==NDO2DB_DBSERVER_PGSQL){
+
+ if (buf[x] == '\'' || buf[x] == '[' || buf[x] == ']' || buf[x] == '(' || buf[x] == ')')
+ newbuf[y++] = '\\';
+
+ /* should be fixed with binding values */
+ /* if(buf[x]=='\'' )
+ newbuf[y++]='\''; */
+ }
+ else {
+
+ if(buf[x]=='\'' )
+ newbuf[y++]='\'';
+
+ }
+
+ newbuf[y++] = buf[x];
+ }
+
+ /* terminate escape string */
+ newbuf[y] = '\0';
+
+ ndo2db_log_debug_info(NDO2DB_DEBUGL_PROCESSINFO, 2, "ndo2db_db_escape_string(%s) end\n", newbuf);
+ return newbuf;
+
+ //size_t res = dbi_conn_quote_string(idi->dbinfo.dbi_conn, &buf);
+
+ //ndo2db_log_debug_info(NDO2DB_DEBUGL_PROCESSINFO, 2, "ndo2db_db_escape_string(%s) end\n", buf);
+ //return buf;
+
+#else /* Oracle ocilib specific */
+
/* allocate space for the new string */
if ((newbuf = (char *) malloc((z * 2) + 1)) == NULL)
return NULL;
- /* escape characters */
+
for (x = 0, y = 0; x < z; x++) {
if(buf[x]=='\'' )
@@ -1825,6 +1871,7 @@ char *ndo2db_db_escape_string(ndo2db_idi *idi, char *buf) {
newbuf[y++] = buf[x];
}
+#endif /* Oracle ocilib specific */
/* terminate escape string */
newbuf[y] = '\0';
More information about the icinga-checkins
mailing list