1
0
mirror of https://github.com/VCMP-SqMod/SqMod.git synced 2025-01-19 12:07:13 +01:00

Implement an a method in the MySQL connection handle to escape strings of unwanted characters.

This commit is contained in:
Sandu Liviu Catalin 2018-07-17 20:46:39 +03:00
parent 3a5563820d
commit 29a5c79fc8
2 changed files with 23 additions and 0 deletions

View File

@ -7,6 +7,7 @@
// ------------------------------------------------------------------------------------------------ // ------------------------------------------------------------------------------------------------
#include <cstring> #include <cstring>
#include <vector>
// ------------------------------------------------------------------------------------------------ // ------------------------------------------------------------------------------------------------
namespace SqMod { namespace SqMod {
@ -348,6 +349,22 @@ SQInteger Connection::QueryF(HSQUIRRELVM vm)
return 1; return 1;
} }
// ------------------------------------------------------------------------------------------------
LightObj Connection::EscapeString(const StackStrF & str)
{
// Is there even a string to escape?
if (str.mLen <= 0)
{
return LightObj(_SC(""), 0, str.mVM); // Default to empty string
}
// Allocate a buffer for the given string
std::vector< SQChar > buffer(str.mLen * 2 + 1);
// Attempt to ecape the specified string
const Ulong len = mysql_real_escape_string(m_Handle->mPtr, buffer.data(), str.mPtr, str.mLen);
// Return the resulted string
return LightObj(buffer.data(), static_cast< SQInteger >(len), str.mVM);
}
// ================================================================================================ // ================================================================================================
void Register_Connection(Table & sqlns) void Register_Connection(Table & sqlns)
{ {
@ -391,6 +408,7 @@ void Register_Connection(Table & sqlns)
.Func(_SC("Query"), &Connection::Query) .Func(_SC("Query"), &Connection::Query)
.Func(_SC("Statement"), &Connection::GetStatement) .Func(_SC("Statement"), &Connection::GetStatement)
.Func(_SC("Transaction"), &Connection::GetTransaction) .Func(_SC("Transaction"), &Connection::GetTransaction)
.FmtFunc(_SC("EscapeString"), &Connection::EscapeString)
// Squirrel Methods // Squirrel Methods
.SquirrelFunc(_SC("ExecuteF"), &Connection::ExecuteF) .SquirrelFunc(_SC("ExecuteF"), &Connection::ExecuteF)
.SquirrelFunc(_SC("InsertF"), &Connection::InsertF) .SquirrelFunc(_SC("InsertF"), &Connection::InsertF)

View File

@ -411,6 +411,11 @@ public:
*/ */
Transaction GetTransaction(); Transaction GetTransaction();
/* --------------------------------------------------------------------------------------------
* Escape unwanted characters from a given string.
*/
LightObj EscapeString(const StackStrF & str);
/* -------------------------------------------------------------------------------------------- /* --------------------------------------------------------------------------------------------
* Attempt to execute the specified query. * Attempt to execute the specified query.
*/ */