From a35dbab9ba8fbd3a6cd4876e8228fc8ad60bd398 Mon Sep 17 00:00:00 2001 From: Linas Vepstas Date: Sat, 2 Jun 2001 04:12:52 +0000 Subject: [PATCH] move string escape to its own separate file; add GPL notice git-svn-id: svn+ssh://svn.gnucash.org/repo/gnucash/trunk@4358 57a11ea4-9604-0410-9ed3-97b8803252fd --- src/engine/sql/builder.c | 99 ++++++++++++---------------------------- src/engine/sql/builder.h | 24 +++++++++- 2 files changed, 52 insertions(+), 71 deletions(-) diff --git a/src/engine/sql/builder.c b/src/engine/sql/builder.c index 97cd6e9fd9..297c1d1f7d 100644 --- a/src/engine/sql/builder.c +++ b/src/engine/sql/builder.c @@ -1,3 +1,25 @@ +/********************************************************************\ + * builder.c : compile SQL queries from C language data * + * Copyright (C) 2001 Linas Vepstas * + * * + * This program is free software; you can redistribute it and/or * + * modify it under the terms of the GNU General Public License as * + * published by the Free Software Foundation; either version 2 of * + * the License, or (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License* + * along with this program; if not, contact: * + * * + * Free Software Foundation Voice: +1-617-542-5942 * + * 59 Temple Place - Suite 330 Fax: +1-617-542-2652 * + * Boston, MA 02111-1307, USA gnu@gnu.org * +\********************************************************************/ + /* * FILE: * builder.c @@ -19,6 +41,7 @@ #include #include "date.h" +#include "escape.h" #include "builder.h" #include "gnc-engine-util.h" @@ -44,72 +67,9 @@ struct _builder { size_t buflen; /* pointer to temp memory used for escaping arguments */ - char * escape; - size_t esc_buflen; + sqlEscape *escape; }; -/* ================================================ */ -/* escape single-quote marks and backslashes so that the - * database SQL parser doesn't puke on the query string - */ - -static const char * -sqlBuilder_escape (sqlBuilder *b, const char *str) -{ - const char *p, *src_head; - char *dst_tail; - size_t len, slen; - - /* if nothing to escape, just return */ - len = strlen (str); - slen = strcspn (str, "\\\'"); - if (len == slen) return str; - - /* count to see how much space we'll need */ - p = str + slen + 1; - while (*p) - { - len ++; - p += 1 + strcspn (p, "\\\'"); - } - - /* get more space, if needed */ - if (len >= b->esc_buflen) - { - b->escape = g_realloc(b->escape, len+100); - b->esc_buflen = len+100; - } - - /* copy and escape */ - src_head = (char *) str; - dst_tail = b->escape; - p = src_head + strcspn (src_head, "\\\'"); - while (*p) - { - size_t cp_len = p - src_head; - - strncpy (dst_tail, src_head, cp_len); - dst_tail += cp_len; - *dst_tail = '\\'; - dst_tail ++; - *dst_tail = *p; - dst_tail ++; - - src_head = p+1; - p = src_head + strcspn (src_head, "\\\'"); - } - if (p != src_head) - { - size_t cp_len = p - src_head; - - strncpy (dst_tail, src_head, cp_len); - dst_tail += cp_len; - } - *dst_tail = 0; - - return b->escape; -} - /* ================================================ */ #define INITIAL_BUFSZ 16300 @@ -137,20 +97,19 @@ sqlBuilder_new (void) b->where_need_and = 0; /* the escape area */ - b->escape = g_malloc (INITIAL_BUFSZ); - b->esc_buflen = INITIAL_BUFSZ; + b->escape = sqlEscape_new (); return (b); } /* ================================================ */ void -sqlBuilder_destroy (sqlBuilder*b) +sqlBuilder_destroy (sqlBuilder *b) { if (!b) return; g_free (b->tag_base); b->tag_base = NULL; g_free (b->val_base); b->val_base = NULL; - g_free (b->escape); b->escape = NULL; + sqlEscape_destroy (b->escape); b->escape = NULL; g_free (b); } @@ -211,7 +170,7 @@ sqlBuild_Set_Str (sqlBuilder *b, const char *tag, const char *val) if (!b || !tag) return; if (!val) val= ""; - val = sqlBuilder_escape (b, val); + val = sqlEscapeString (b->escape, val); if (b->tag_need_comma) b->ptag = stpcpy(b->ptag, ", "); b->tag_need_comma = 1; @@ -343,7 +302,7 @@ sqlBuild_Where_Str (sqlBuilder *b, const char *tag, const char *val) { if (!b || !tag || !val) return; - val = sqlBuilder_escape (b, val); + val = sqlEscapeString (b->escape, val); switch (b->qtype) { case SQL_INSERT: diff --git a/src/engine/sql/builder.h b/src/engine/sql/builder.h index f9e1433ddb..5c9e736282 100644 --- a/src/engine/sql/builder.h +++ b/src/engine/sql/builder.h @@ -1,5 +1,27 @@ +/********************************************************************\ + * builder.h : Compile SQL queries from C language values * + * Copyright (C) 2001 Linas Vepstas * + * * + * This program is free software; you can redistribute it and/or * + * modify it under the terms of the GNU General Public License as * + * published by the Free Software Foundation; either version 2 of * + * the License, or (at your option) any later version. * + * * + * This program is distributed in the hope that it will be useful, * + * but WITHOUT ANY WARRANTY; without even the implied warranty of * + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * + * GNU General Public License for more details. * + * * + * You should have received a copy of the GNU General Public License* + * along with this program; if not, contact: * + * * + * Free Software Foundation Voice: +1-617-542-5942 * + * 59 Temple Place - Suite 330 Fax: +1-617-542-2652 * + * Boston, MA 02111-1307, USA gnu@gnu.org * +\********************************************************************/ + /* - * FIEL: + * FILE: * builder.h * * FUNCTION: