util/Database: added a wrapper function for mysql_real_escape_string()

Change-Id: I999aad3c35c5f389fa3acfe8d7a11c417c478787
2014-01-24 16:00:41 +01:00
parent 13175c259b
commit 119ae40be9
2 changed files with 18 additions and 0 deletions
--- a/src/core/util/Database.cc
+++ b/src/core/util/Database.cc
@ -218,6 +218,19 @@ int Database::get_fspmethod_id(const std::string &method)
 	return id;
 }

+std::string Database::escape_string(const std::string unescaped_string) {
+
+	char *temp = new char[(unescaped_string.size() * 2) + 1];
+
+	mysql_real_escape_string(handle, temp, unescaped_string.c_str(), unescaped_string.size());
+
+	std::string result = temp;
+
+	delete temp;
+
+	return result;
+}
+
 static CommandLine::option_handle DATABASE, HOSTNAME, USERNAME;

 void Database::cmdline_setup() {
--- a/src/core/util/Database.hpp
+++ b/src/core/util/Database.hpp
@ -99,6 +99,11 @@ namespace fail {
 		 */
 		my_ulonglong insert_id();

+		/**
+		 * Escapes illegal characters in a string.
+		 */
+		std::string escape_string(const std::string unescaped_string);
+
 		/**
 		 * Interface to the util/CommandLine.hpp interface. In you
 		 * application you first call cmdline_setup(), which adds