Added support for SQL escaping a binary DataBlock.
Replacing with SQL escaping a NamedPointer parameter of a NamedList that holds a DataBlock will insert the escaped binary data instead. git-svn-id: http://yate.null.ro/svn/yate/trunk@2475 acf43c95-373e-0410-b603-e72c3f656dc1
This commit is contained in:
parent
69f5a20772
commit
2c3dd2bc2a
|
@ -332,4 +332,24 @@ bool DataBlock::unHexify(const char* data, unsigned int len, char sep)
|
|||
return (iBuf >= n);
|
||||
}
|
||||
|
||||
String DataBlock::sqlEscape(char extraEsc) const
|
||||
{
|
||||
unsigned int len = m_length;
|
||||
unsigned int i;
|
||||
for (i = 0; i < m_length; i++) {
|
||||
char c = static_cast<char*>(m_data)[i];
|
||||
if (c == '\0' || c == '\\' || c == '\'' || c == extraEsc)
|
||||
len++;
|
||||
}
|
||||
String tmp(' ',len);
|
||||
char* d = const_cast<char*>(tmp.c_str());
|
||||
for (i = 0; i < m_length; i++) {
|
||||
char c = static_cast<char*>(m_data)[i];
|
||||
if (c == '\0' || c == '\\' || c == '\'' || c == extraEsc)
|
||||
*d++ = '\\';
|
||||
*d++ = c ? c : '0';
|
||||
}
|
||||
return tmp;
|
||||
}
|
||||
|
||||
/* vi: set ts=8 sw=4 sts=4 noet: */
|
||||
|
|
|
@ -260,9 +260,25 @@ int NamedList::replaceParams(String& str, bool sqlEsc, char extraEsc) const
|
|||
String tmp = str.substr(p1+2,p2-p1-2);
|
||||
tmp.trimBlanks();
|
||||
DDebug(DebugAll,"NamedList replacing parameter '%s' [%p]",tmp.c_str(),this);
|
||||
tmp = getValue(tmp);
|
||||
if (sqlEsc)
|
||||
tmp = tmp.sqlEscape(extraEsc);
|
||||
const NamedString* ns = getParam(tmp);
|
||||
if (ns) {
|
||||
if (sqlEsc) {
|
||||
const DataBlock* data = 0;
|
||||
if (ns->null()) {
|
||||
NamedPointer* np = YOBJECT(NamedPointer,ns);
|
||||
if (np)
|
||||
data = YOBJECT(DataBlock,np->userData());
|
||||
}
|
||||
if (data)
|
||||
tmp = data->sqlEscape(extraEsc);
|
||||
else
|
||||
tmp = ns->sqlEscape(extraEsc);
|
||||
}
|
||||
else
|
||||
tmp = *ns;
|
||||
}
|
||||
else
|
||||
tmp.clear();
|
||||
str = str.substr(0,p1) + tmp + str.substr(p2+1);
|
||||
// advance search offset past the string we just replaced
|
||||
p1 += tmp.length();
|
||||
|
|
|
@ -2862,6 +2862,13 @@ public:
|
|||
*/
|
||||
bool unHexify(const char* data, unsigned int len, char sep = 0);
|
||||
|
||||
/**
|
||||
* Create an escaped string suitable for use in SQL queries
|
||||
* @param extraEsc Character to escape other than the default ones
|
||||
* @return A string with binary zeros and other special characters escaped
|
||||
*/
|
||||
String sqlEscape(char extraEsc) const;
|
||||
|
||||
private:
|
||||
void* m_data;
|
||||
unsigned int m_length;
|
||||
|
|
Loading…
Reference in New Issue