Changeset 15747

Show
Ignore:
Timestamp:
28.05.2008 14:14:53 (11 years ago)
Author:
mdewsnip
Message:

(Adding new DB support) Added an sqlite_safe() function to escape single quotes in values.

Files:
1 modified

Legend:

Unmodified
Added
Removed
  • gsdl/trunk/perllib/dbutil.pm

    r15746 r15747  
    233233    my $infodb_map = shift(@_); 
    234234 
     235    # Add the key -> value mapping into the "data" table 
    235236    my $infodb_entry_value = ""; 
    236237    foreach my $infodb_value_key (keys(%$infodb_map)) 
     
    242243    } 
    243244 
     245    print $infodb_handle "DELETE FROM data WHERE key='" . &sqlite_safe($infodb_key) . "';\n"; 
     246    print $infodb_handle "INSERT INTO data (key, value) VALUES ('" . &sqlite_safe($infodb_key) . "', '" . &sqlite_safe($infodb_entry_value) . "');\n"; 
     247} 
     248 
     249 
     250sub sqlite_safe 
     251{ 
     252    my $value = shift(@_); 
     253 
    244254    # Escape any single quotes in the value 
    245     $infodb_entry_value =~ s/\'/\'\'/g; 
    246  
    247     print $infodb_handle "DELETE FROM data WHERE key='" . $infodb_key . "';\n"; 
    248     print $infodb_handle "INSERT INTO data (key, value) VALUES ('" . $infodb_key . "', '" . $infodb_entry_value . "');\n"; 
     255    $value =~ s/\'/\'\'/g; 
     256 
     257    return $value; 
    249258} 
    250259