<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.12.1">
</HEAD>
<BODY>
Hi all,<BR>
<BR>
Just a note to say that from what I see in this source code, this would also work with MS SQL Server (doubling single quotes instead of using backslashes as escape).<BR>
<BR>
Cheers,<BR>
Jerome<BR>
<BR>
On Thu, 2007-06-21 at 14:31 +0300, Papadopoulos Georgios wrote:
<BLOCKQUOTE TYPE=CITE>
<PRE>
<FONT COLOR="#000000">Hello Henning</FONT>
<FONT COLOR="#000000">I just needed something quick and dirty so I just added the following</FONT>
<FONT COLOR="#000000">function and used it instead of escape_common. This works fine with</FONT>
<FONT COLOR="#000000">Oracle.</FONT>
<FONT COLOR="#000000">int sql_escape(char *dst, char *src, int src_len)</FONT>
<FONT COLOR="#000000">{</FONT>
<FONT COLOR="#000000"> int i, j;</FONT>
<FONT COLOR="#000000"> if(dst==0 || src==0 || src_len<=0)</FONT>
<FONT COLOR="#000000"> return 0;</FONT>
<FONT COLOR="#000000"> j = 0;</FONT>
<FONT COLOR="#000000"> for(i=0; i<src_len; i++)</FONT>
<FONT COLOR="#000000"> {</FONT>
<FONT COLOR="#000000"> switch(src[i])</FONT>
<FONT COLOR="#000000"> {</FONT>
<FONT COLOR="#000000"> case '\'':</FONT>
<FONT COLOR="#000000"> dst[j++] = '\'';</FONT>
<FONT COLOR="#000000"> dst[j++] = src[i];</FONT>
<FONT COLOR="#000000"> break;</FONT>
<FONT COLOR="#000000"> default:</FONT>
<FONT COLOR="#000000"> dst[j++] = src[i];</FONT>
<FONT COLOR="#000000"> }</FONT>
<FONT COLOR="#000000"> }</FONT>
<FONT COLOR="#000000"> return j;</FONT>
<FONT COLOR="#000000">} </FONT>
<FONT COLOR="#000000">It would be nice to add this as a configuration parameter in the future.</FONT>
</PRE>
</BLOCKQUOTE>
<BR>
</BODY>
</HTML>