{ }
-void db_escape_string(char *snew, char *old, int len)
+void db_escape_string(JCR *jcr, B_DB *db, char *snew, char *old, int len)
{
memset(snew, 0, len);
bstrncpy(snew, old, len);
* the escaped output.
*/
void
-db_escape_string(char *snew, char *old, int len)
+db_escape_string(JCR *jcr, B_DB *db, char *snew, char *old, int len)
{
- mysql_escape_string(snew, old, len);
-
-#ifdef xDO_IT_MYSELF
-
-/* Should use mysql_real_escape_string ! */
-unsigned long mysql_real_escape_string(MYSQL *mysql, char *to, const char *from, unsigned long length);
-
- char *n, *o;
-
- n = snew;
- o = old;
- while (len--) {
- switch (*o) {
- case 0:
- *n++= '\\';
- *n++= '0';
- o++;
- break;
- case '\n':
- *n++= '\\';
- *n++= 'n';
- o++;
- break;
- case '\r':
- *n++= '\\';
- *n++= 'r';
- o++;
- break;
- case '\\':
- *n++= '\\';
- *n++= '\\';
- o++;
- break;
- case '\'':
- *n++= '\\';
- *n++= '\'';
- o++;
- break;
- case '"':
- *n++= '\\';
- *n++= '"';
- o++;
- break;
- case '\032':
- *n++= '\\';
- *n++= 'Z';
- o++;
- break;
- default:
- *n++= *o++;
- }
- }
- *n = 0;
-#endif
+ mysql_real_escape_string(jcr->db, snew, old, len);
}
/*
* the escaped output.
*/
void
-db_escape_string(char *snew, char *old, int len)
+db_escape_string(JCR *jcr, B_DB *mdb, char *snew, char *old, int len)
{
- PQescapeString(snew, old, len);
+ int error;
+
+ PQescapeStringConn(mdb->db, snew, old, len, &error);
+ if (error) {
+ Jmsg(jcr, M_FATAL, 0, _("PQescapeStringConn returned non-zero.\n"));
+ /* error on encoding, probably invalid multibyte encoding in the source string
+ see PQescapeStringConn documentation for details. */
+ Dmsg0(500, "PQescapeStringConn failed\n");
+ }
}
/*
int mult_db_connections);
int db_open_database(JCR *jcr, B_DB *db);
void db_close_database(JCR *jcr, B_DB *db);
-void db_escape_string(char *snew, char *old, int len);
+void db_escape_string(JCR *jcr, B_DB *db, char *snew, char *old, int len);
char *db_strerror(B_DB *mdb);
int db_next_index(JCR *jcr, B_DB *mdb, char *table, char *index);
int db_sql_query(B_DB *mdb, const char *cmd, DB_RESULT_HANDLER *result_handler, void *ctx);
char ed1[50];
mdb->esc_name = check_pool_memory_size(mdb->esc_name, mdb->fnl*2+1);
- db_escape_string(mdb->esc_name, mdb->fname, mdb->fnl);
+ db_escape_string(jcr, mdb, mdb->esc_name, mdb->fname, mdb->fnl);
mdb->esc_path = check_pool_memory_size(mdb->esc_path, mdb->pnl*2+1);
- db_escape_string(mdb->esc_path, mdb->path, mdb->pnl);
+ db_escape_string(jcr, mdb, mdb->esc_path, mdb->path, mdb->pnl);
if (ar->Digest == NULL || ar->Digest[0] == 0) {
digest = "0";
int stat;
mdb->esc_name = check_pool_memory_size(mdb->esc_name, 2*mdb->pnl+2);
- db_escape_string(mdb->esc_name, mdb->path, mdb->pnl);
+ db_escape_string(jcr, mdb, mdb->esc_name, mdb->path, mdb->pnl);
if (mdb->cached_path_id != 0 && mdb->cached_path_len == mdb->pnl &&
strcmp(mdb->cached_path, mdb->path) == 0) {
SQL_ROW row;
mdb->esc_name = check_pool_memory_size(mdb->esc_name, 2*mdb->fnl+2);
- db_escape_string(mdb->esc_name, mdb->fname, mdb->fnl);
-
+ db_escape_string(jcr, mdb, mdb->esc_name, mdb->fname, mdb->fnl);
+
Mmsg(mdb->cmd, "SELECT FilenameId FROM Filename WHERE Name='%s'", mdb->esc_name);
if (QUERY_DB(jcr, mdb, mdb->cmd)) {
int FilenameId = 0;
mdb->esc_name = check_pool_memory_size(mdb->esc_name, 2*mdb->fnl+2);
- db_escape_string(mdb->esc_name, mdb->fname, mdb->fnl);
+ db_escape_string(jcr, mdb, mdb->esc_name, mdb->fname, mdb->fnl);
Mmsg(mdb->cmd, "SELECT FilenameId FROM Filename WHERE Name='%s'", mdb->esc_name);
if (QUERY_DB(jcr, mdb, mdb->cmd)) {
uint32_t PathId = 0;
mdb->esc_name = check_pool_memory_size(mdb->esc_name, 2*mdb->pnl+2);
- db_escape_string(mdb->esc_name, mdb->path, mdb->pnl);
+ db_escape_string(jcr, mdb, mdb->esc_name, mdb->path, mdb->pnl);
if (mdb->cached_path_id != 0 && mdb->cached_path_len == mdb->pnl &&
strcmp(mdb->cached_path, mdb->path) == 0) {
* the escaped output.
*/
void
-db_escape_string(char *snew, char *old, int len)
+db_escape_string(JCR *jcr, B_DB *db, char *snew, char *old, int len)
{
char *n, *o;
}
ar->Digest = digest;
ar->DigestType = crypto_digest_stream_type(stream);
- db_escape_string(digest, Digest, strlen(Digest));
+ db_escape_string(jcr, jcr->db, digest, Digest, strlen(Digest));
Dmsg4(dbglvl, "stream=%d DigestLen=%d Digest=%s type=%d\n", stream,
strlen(digest), digest, ar->DigestType);
}
}
len = strlen(ua->cmd);
p = (char *)malloc(len * 2 + 1);
- db_escape_string(p, ua->cmd, len);
+ db_escape_string(ua->jcr, ua->db, p, ua->cmd, len);
subst[n] = p;
olen = o - new_query;
new_query = check_pool_memory_size(new_query, olen + strlen(p) + 10);
static bool select_backups_before_date(UAContext *ua, RESTORE_CTX *rx, char *date);
static bool build_directory_tree(UAContext *ua, RESTORE_CTX *rx);
static void free_rx(RESTORE_CTX *rx);
-static void split_path_and_filename(RESTORE_CTX *rx, char *fname);
+static void split_path_and_filename(UAContext *ua, RESTORE_CTX *rx, char *fname);
static int jobid_fileindex_handler(void *ctx, int num_fields, char **row);
static bool insert_file_into_findex_list(UAContext *ua, RESTORE_CTX *rx, char *file,
char *date);
}
len = strlen(ua->cmd);
fname = (char *)malloc(len * 2 + 1);
- db_escape_string(fname, ua->cmd, len);
+ db_escape_string(ua->jcr, ua->db, fname, ua->cmd, len);
Mmsg(rx->query, uar_file, rx->ClientName, fname);
free(fname);
gui_save = ua->jcr->gui;
char *date)
{
strip_trailing_newline(file);
- split_path_and_filename(rx, file);
+ split_path_and_filename(ua, rx, file);
if (*rx->JobIds == 0) {
Mmsg(rx->query, uar_jobid_fileindex, date, rx->path, rx->fname,
rx->ClientName);
return true;
}
-static void split_path_and_filename(RESTORE_CTX *rx, char *name)
+static void split_path_and_filename(UAContext *ua, RESTORE_CTX *rx, char *name)
{
char *p, *f;
rx->fnl = p - f;
if (rx->fnl > 0) {
rx->fname = check_pool_memory_size(rx->fname, 2*(rx->fnl)+1);
- db_escape_string(rx->fname, f, rx->fnl);
+ db_escape_string(ua->jcr, ua->db, rx->fname, f, rx->fnl);
} else {
rx->fname[0] = 0;
rx->fnl = 0;
rx->pnl = f - name;
if (rx->pnl > 0) {
rx->path = check_pool_memory_size(rx->path, 2*(rx->pnl)+1);
- db_escape_string(rx->path, name, rx->pnl);
+ db_escape_string(ua->jcr, ua->db, rx->path, name, rx->pnl);
} else {
rx->path[0] = 0;
rx->pnl = 0;
return false;
}
if (do_Digest != CRYPTO_DIGEST_NONE) {
- db_escape_string(buf, Opts_Digest, strlen(Opts_Digest));
+ db_escape_string(jcr, jcr->db, buf, Opts_Digest, strlen(Opts_Digest));
if (strcmp(buf, fdbr.Digest) != 0) {
prt_fname(jcr);
if (debug_level >= 10) {
/* Loop through list of duplicate names */
for (int i=0; i<name_list.num_ids; i++) {
/* Get all the Ids of each name */
- db_escape_string(esc_name, name_list.name[i], strlen(name_list.name[i]));
+ db_escape_string(NULL, db, esc_name, name_list.name[i], strlen(name_list.name[i]));
bsnprintf(buf, sizeof(buf), "SELECT FilenameId FROM Filename WHERE Name='%s'", esc_name);
if (verbose > 1) {
printf("%s\n", buf);
/* Loop through list of duplicate names */
for (int i=0; i<name_list.num_ids; i++) {
/* Get all the Ids of each name */
- db_escape_string(esc_name, name_list.name[i], strlen(name_list.name[i]));
+ db_escape_string(NULL, db, esc_name, name_list.name[i], strlen(name_list.name[i]));
bsnprintf(buf, sizeof(buf), "SELECT PathId FROM Path WHERE Path='%s'", esc_name);
if (verbose > 1) {
printf("%s\n", buf);
esc_name[1] = 0;
} else {
name[len-1] = 0;
- db_escape_string(esc_name, name, len);
+ db_escape_string(NULL, db, esc_name, name, len);
}
bsnprintf(buf, sizeof(buf),
"UPDATE Filename SET Name='%s' WHERE FilenameId=%s",
}
/* Add trailing slash */
len = pm_strcat(&name, "/");
- db_escape_string(esc_name, name, len);
+ db_escape_string(NULL, db, esc_name, name, len);
bsnprintf(buf, sizeof(buf), "UPDATE Path SET Path='%s' WHERE PathId=%s",
esc_name, edit_int64(id_list.Id[i], ed1));
if (verbose > 1) {
General:
12Sep07
+dvl Pass jcr and db into db_escape_string() to enable better escaping
+ of strings
kes Fix migration code to get correct Volume name with multiple volumes
by skipping |. Fixes bug #936.
kes Implement patch supplied by Landon to fix bug #944 where using
projects / bacula / bacula / commitdiff