eheh right!
new file attached.
Vincent.
Alexander Malysh a écrit :
Hi Vincent,
seems you sent reverse patch?
Thanks,
Alexander Malysh
Am 13.11.2009 um 18:45 schrieb Vincent CHAVANIS:
Here is the PostgreSQL patch.
Vincent.
refs:
http://www.postgresql.org/docs/8.0/static/sql-syntax.html#SQL-SYNTAX-IDENTIFIERS
This allows constructing table or column names containing
spaces,ampersands,quotes and reserverd names.
--- dlr_pgsql.c 2009-10-22 17:11:53.000000000 +0200
+++ dlr_pgsql.c 2009-11-13 18:20:51.536700676 +0100
@@ -141,7 +141,7 @@
{
Octstr *sql;
- sql = octstr_format("INSERT INTO %s (%s, %s, %s, %s, %s, %s, %s, %s, %s)
VALUES "
+ sql = octstr_format("INSERT INTO \"%s\" (\"%s\", \"%s\", \"%s\", \"%s\",
\"%s\", \"%s\", \"%s\", \"%s\", \"%s\") VALUES "
"('%s', '%s', '%s', '%s', '%s', '%s', '%d', '%s',
'%d');",
octstr_get_cstr(fields->table),
octstr_get_cstr(fields->field_smsc),
octstr_get_cstr(fields->field_ts),
@@ -168,7 +168,7 @@
Octstr *sql;
List *result, *row;
- sql = octstr_format("SELECT %s, %s, %s, %s, %s, %s FROM %s WHERE %s='%s'
AND %s='%s' LIMIT 1;",
+ sql = octstr_format("SELECT \"%s\", \"%s\", \"%s\", \"%s\", \"%s\", \"%s\"
FROM \"%s\" WHERE \"%s\"='%s' AND \"%s\"='%s' LIMIT 1;",
octstr_get_cstr(fields->field_mask),
octstr_get_cstr(fields->field_serv),
octstr_get_cstr(fields->field_url),
octstr_get_cstr(fields->field_src),
octstr_get_cstr(fields->field_dst),
octstr_get_cstr(fields->field_boxc),
@@ -221,7 +221,7 @@
Octstr *sql;
debug("dlr.pgsql", 0, "removing DLR from database");
- sql = octstr_format("DELETE FROM %s WHERE oid = (SELECT oid FROM %s WHERE
%s='%s' AND %s='%s' LIMIT 1);",
+ sql = octstr_format("DELETE FROM \"%s\" WHERE oid = (SELECT oid FROM
\"%s\" WHERE \"%s\"='%s' AND \"%s\"='%s' LIMIT 1);",
octstr_get_cstr(fields->table),
octstr_get_cstr(fields->table),
octstr_get_cstr(fields->field_smsc),
octstr_get_cstr(smsc),
octstr_get_cstr(fields->field_ts), octstr_get_cstr(ts));
@@ -238,7 +238,7 @@
Octstr *sql;
debug("dlr.pgsql", 0, "updating DLR status in database");
- sql = octstr_format("UPDATE %s SET %s=%d WHERE oid = (SELECT oid FROM %s
WHERE %s='%s' AND %s='%s' LIMIT 1);",
+ sql = octstr_format("UPDATE \"%s\" SET \"%s\"=%d WHERE oid = (SELECT oid
FROM \"%s\" WHERE \"%s\"='%s' AND \"%s\"='%s' LIMIT 1);",
octstr_get_cstr(fields->table),
octstr_get_cstr(fields->field_status), status,
octstr_get_cstr(fields->table),
@@ -256,7 +256,7 @@
long ret;
List *res;
- sql = octstr_format("SELECT count(*) FROM %s;",
octstr_get_cstr(fields->table));
+ sql = octstr_format("SELECT count(*) FROM \"%s\";",
octstr_get_cstr(fields->table));
res = pgsql_select(sql);
octstr_destroy(sql);
@@ -279,7 +279,7 @@
{
Octstr *sql;
- sql = octstr_format("DELETE FROM %s;", octstr_get_cstr(fields->table));
+ sql = octstr_format("DELETE FROM \"%s\";", octstr_get_cstr(fields->table));
pgsql_update(sql);
octstr_destroy(sql);
@@ -322,6 +322,20 @@
gw_assert(fields != NULL);
/*
+ * Escaping special quotes for field/table names
+ */
+ octstr_replace(fields->table, octstr_imm("\""), octstr_imm("\"\""));
+ octstr_replace(fields->field_smsc, octstr_imm("\""), octstr_imm("\"\""));
+ octstr_replace(fields->field_ts, octstr_imm("\""), octstr_imm("\"\""));
+ octstr_replace(fields->field_src, octstr_imm("\""), octstr_imm("\"\""));
+ octstr_replace(fields->field_dst, octstr_imm("\""), octstr_imm("\"\""));
+ octstr_replace(fields->field_serv, octstr_imm("\""), octstr_imm("\"\""));
+ octstr_replace(fields->field_url, octstr_imm("\""), octstr_imm("\"\""));
+ octstr_replace(fields->field_mask, octstr_imm("\""), octstr_imm("\"\""));
+ octstr_replace(fields->field_status, octstr_imm("\""),
octstr_imm("\"\""));
+ octstr_replace(fields->field_boxc, octstr_imm("\""), octstr_imm("\"\""));
+
+ /*
* now grap the required information from the 'pgsql-connection' group
* with the pgsql-id we just obtained
*
