Results 1 to 3 of 3
  1. #1
    Join Date
    Dec 2002
    Location
    United Kingdom
    Posts
    635

    C++ version of addslashes

    So I have a C++ program to run menial updates of a mySQL database.

    There were previosuly run in PHP, but php is never good for "daemonising" to this extent, and the php version frequently ran into the set memory limit and crashed.... *sigh*

    No matter I thought, C++ I thought, yey 99.72% faster I thought.


    OMG it's going mad I thought as a single errant appostraphe killed the mysql element of the daemon.


    Yes I need to write an addslashses or mysql_escape_string() type funtion in C++

    I've been googleing a couple of hour fruitlessly, can anyone help me out?


    thanks in advance.
    Saiweb ~ Ramblings of a sysadmin

    My Current Recomended WebHost: Nativespace



    "Acies Latin: a sharp edge or point; mental acuity, sharpness of vision"

    NOTE: Acies is currently beta, the "down" page will be displayed untill I have finished a release candidate

    3DBuzz has a reputation system please rate posts using the icon

  2. #2
    Join Date
    Dec 2002
    Location
    United Kingdom
    Posts
    635
    apparently the mysql library has a function for mysql_escape_string() I am looking at how to implement that, any help would be appreciated.
    Saiweb ~ Ramblings of a sysadmin

    My Current Recomended WebHost: Nativespace



    "Acies Latin: a sharp edge or point; mental acuity, sharpness of vision"

    NOTE: Acies is currently beta, the "down" page will be displayed untill I have finished a release candidate

    3DBuzz has a reputation system please rate posts using the icon

  3. #3
    Join Date
    Dec 2002
    Location
    United Kingdom
    Posts
    635
    OK seems I figured it outmyself, I have a habit of doing that hehe.


    Anyway see the code below, should you need it, note this is dependant on including the mySQL libraries at buildtime.

    PHP Code:
    /**
    * escapes the mysql string
    * note running on the entire SQL screws it so just run it on elements to be inserted
    * @param string sql
    * @author D.Busby
    */
    char *db_connection::escape_string(string sql)
    {
            
    char *= new char[sql.size()*1];
            
    mysql_escape_string(sconst_cast<char *>(sql.c_str()), sql.size());
            return 
    s;

    The reason running it on the whole query screws it up is


    i.e.

    UPDATE table SET field='value';

    becomes

    UPDATE table SET field=\'value\';

    So just run it on the element i.e. "omg it's a value"

    UPDATE table SET field='omg it's a value' > omg it\'s a value

    enjoy.
    Saiweb ~ Ramblings of a sysadmin

    My Current Recomended WebHost: Nativespace



    "Acies Latin: a sharp edge or point; mental acuity, sharpness of vision"

    NOTE: Acies is currently beta, the "down" page will be displayed untill I have finished a release candidate

    3DBuzz has a reputation system please rate posts using the icon

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •