diff options
author | joost <joost@3ad0048d-3df7-0310-abae-a5850022a9f2> | 2006-07-01 21:25:52 +0000 |
---|---|---|
committer | joost <joost@3ad0048d-3df7-0310-abae-a5850022a9f2> | 2006-07-01 21:25:52 +0000 |
commit | eb4393536a028482b41bdbde123e1cd93841a9e3 (patch) | |
tree | a7be994ea172dd37b3c74a6292e9db512ac1d15a | |
parent | 64f27642f43f25570675a224cc5b80279a93ff93 (diff) | |
download | fpc-eb4393536a028482b41bdbde123e1cd93841a9e3.tar.gz |
+ Escape strings in string-parameters
+ fix in the MySQL-bindings
git-svn-id: http://svn.freepascal.org/svn/fpc/trunk@4043 3ad0048d-3df7-0310-abae-a5850022a9f2
-rw-r--r-- | fcl/db/sqldb/mysql/mysqlconn.inc | 36 | ||||
-rw-r--r-- | packages/base/mysql/mysql.inc | 2 |
2 files changed, 37 insertions, 1 deletions
diff --git a/fcl/db/sqldb/mysql/mysqlconn.inc b/fcl/db/sqldb/mysql/mysqlconn.inc index 700fbaaa8a..e15f62b3e8 100644 --- a/fcl/db/sqldb/mysql/mysqlconn.inc +++ b/fcl/db/sqldb/mysql/mysqlconn.inc @@ -71,6 +71,9 @@ Type procedure DoInternalDisconnect; override; function GetHandle : pointer; override; + function GetAsSQLText(Field : TField) : string; overload; virtual; + function GetAsSQLText(Param : TParam) : string; overload; virtual; + Function AllocateCursorHandle : TSQLCursor; override; Procedure DeAllocateCursorHandle(var cursor : TSQLCursor); override; Function AllocateTransactionHandle : TSQLHandle; override; @@ -184,6 +187,39 @@ begin MySQlError(Nil,SErrServerConnectFailed,Self); end; +function TConnectionName.GetAsSQLText(Field : TField) : string; + +var esc_str : pchar; + +begin + if (not assigned(field)) or field.IsNull then Result := 'Null' + else if field.DataType = ftString then + begin + Getmem(esc_str,sizeof(field.asstring)*2+1); + mysql_real_escape_string(FMySQL,esc_str,pchar(field.asstring),length(field.asstring)); + Result := '''' + esc_str + ''''; + Freemem(esc_str); + end + else Result := inherited GetAsSqlText(field); +end; + +function TConnectionName.GetAsSQLText(Param: TParam) : string; + +var esc_str : pchar; + +begin + if (not assigned(param)) or param.IsNull then Result := 'Null' + else if param.DataType = ftString then + begin + Getmem(esc_str,sizeof(param.asstring)*2+1); + mysql_real_escape_string(FMySQL,esc_str,pchar(param.asstring),length(param.asstring)); + Result := '''' + esc_str + ''''; + Freemem(esc_str); + end + else Result := inherited GetAsSqlText(Param); +end; + + procedure TConnectionName.ConnectToServer; Var diff --git a/packages/base/mysql/mysql.inc b/packages/base/mysql/mysql.inc index 3d3e4c8dd5..79f3198c0b 100644 --- a/packages/base/mysql/mysql.inc +++ b/packages/base/mysql/mysql.inc @@ -1568,7 +1568,7 @@ begin pointer(mysql_ping) := GetProcedureAddress(MysqlLibraryHandle,'mysql_ping'); pointer(mysql_query) := GetProcedureAddress(MysqlLibraryHandle,'mysql_query'); pointer(mysql_real_connect) := GetProcedureAddress(MysqlLibraryHandle,'mysql_real_connect'); - pointer(mysql_real_escape_string) := GetProcedureAddress(MysqlLibraryHandle,'mysql_real_escape_String'); + pointer(mysql_real_escape_string) := GetProcedureAddress(MysqlLibraryHandle,'mysql_real_escape_string'); pointer(mysql_real_query) := GetProcedureAddress(MysqlLibraryHandle,'mysql_real_query'); pointer(mysql_refresh) := GetProcedureAddress(MysqlLibraryHandle,'mysql_refresh'); // pointer(mysql_reload) := GetProcedureAddress(MysqlLibraryHandle,'mysql_reload'); |