From 119ae40be9930c82a42961d2d0819a7875a940dd Mon Sep 17 00:00:00 2001
From: Richard Hellwig <richard.hellwig@tu-dortmund.de>
Date: Fri, 24 Jan 2014 16:00:41 +0100
Subject: [PATCH] util/Database: added a wrapper function for
 mysql_real_escape_string()

Change-Id: I999aad3c35c5f389fa3acfe8d7a11c417c478787
---
 src/core/util/Database.cc  | 13 +++++++++++++
 src/core/util/Database.hpp |  5 +++++
 2 files changed, 18 insertions(+)

diff --git a/src/core/util/Database.cc b/src/core/util/Database.cc
index d4e987d6..41f8eed6 100644
--- a/src/core/util/Database.cc
+++ b/src/core/util/Database.cc
@@ -218,6 +218,19 @@ int Database::get_fspmethod_id(const std::string &method)
 	return id;
 }
 
+std::string Database::escape_string(const std::string unescaped_string) {
+
+	char *temp = new char[(unescaped_string.size() * 2) + 1];
+
+	mysql_real_escape_string(handle, temp, unescaped_string.c_str(), unescaped_string.size());
+
+	std::string result = temp;
+
+	delete temp;
+
+	return result;
+}
+
 static CommandLine::option_handle DATABASE, HOSTNAME, USERNAME;
 
 void Database::cmdline_setup() {
diff --git a/src/core/util/Database.hpp b/src/core/util/Database.hpp
index 66c0710b..626b9eaa 100644
--- a/src/core/util/Database.hpp
+++ b/src/core/util/Database.hpp
@@ -99,6 +99,11 @@ namespace fail {
 		 */
 		my_ulonglong insert_id();
 
+		/**
+		 * Escapes illegal characters in a string.
+		 */
+		std::string escape_string(const std::string unescaped_string);
+
 		/**
 		 * Interface to the util/CommandLine.hpp interface. In you
 		 * application you first call cmdline_setup(), which adds