static void test_escape(abts_case *tc, apr_dbd_t *handle, const apr_dbd_driver_t *driver) { const char *escaped = apr_dbd_escape(driver, p, "foo'bar", handle); ABTS_STR_EQUAL(tc, "foo''bar", escaped); }
/* Routine to escape the 'dangerous' characters that would otherwise * corrupt the INSERT string: ', \, and " */ static const char *log_sql_dbd_escape(request_rec *r, const char *from_str, apr_pool_t *p, logsql_dbconnection *db) { // Acquire a DBD connection from mod_dbd ap_dbd_t *dbd = log_sql_dbd_getconnection(r); if (!dbd) return NULL; if (!from_str) return NULL; return apr_pstrcat(p, "'",apr_dbd_escape(dbd->driver, p, from_str, dbd->handle),"'",NULL); }
/* sql语句转义 */ const char *dbd_escape(const apr_dbd_driver_t *driver, apr_pool_t *pool, const char *string, apr_dbd_t *handle) { const char *p; p = apr_dbd_escape(driver, pool, string, handle); if (p == NULL) { return ""; } return p; }