From: Russell Bryant Date: Wed, 11 Jul 2007 18:34:51 +0000 (+0000) Subject: Merged revisions 74656 via svnmerge from X-Git-Tag: 1.4.8~31 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=8b7295be2dea4dfe15c5d4ff193aef522da47c1d;p=thirdparty%2Fasterisk.git Merged revisions 74656 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.2 ........ r74656 | russell | 2007-07-11 13:33:23 -0500 (Wed, 11 Jul 2007) | 4 lines Make sure that the ESCAPE immediately follows the condition that uses LIKE. This fixes realtime extensions with ODBC. (closes issue #10175, reported by stuarth, patch by me) ........ git-svn-id: https://origsvn.digium.com/svn/asterisk/branches/1.4@74657 65c4cc65-6c06-0410-ace0-fbb531ad65f3 --- diff --git a/res/res_config_odbc.c b/res/res_config_odbc.c index 642e6b0755..4fe3dce6b7 100644 --- a/res/res_config_odbc.c +++ b/res/res_config_odbc.c @@ -101,16 +101,15 @@ static struct ast_variable *realtime_odbc(const char *database, const char *tabl return NULL; } newval = va_arg(aq, const char *); - if (!strchr(newparam, ' ')) op = " ="; else op = ""; + op = !strchr(newparam, ' ') ? " =" : ""; snprintf(sql, sizeof(sql), "SELECT * FROM %s WHERE %s%s ?", table, newparam, op); while((newparam = va_arg(aq, const char *))) { - if (!strchr(newparam, ' ')) op = " ="; else op = ""; - snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), " AND %s%s ?", newparam, op); + op = !strchr(newparam, ' ') ? " =" : ""; + snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), " AND %s%s ?%s", newparam, op, + strcasestr(newparam, "LIKE") ? " ESCAPE '\\'" : ""); newval = va_arg(aq, const char *); } va_end(aq); - if (strcasestr(sql, "LIKE")) - snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), " ESCAPE '\\'"); res = SQLPrepare(stmt, (unsigned char *)sql, SQL_NTS); if ((res != SQL_SUCCESS) && (res != SQL_SUCCESS_WITH_INFO)) { @@ -258,18 +257,17 @@ static struct ast_config *realtime_multi_odbc(const char *database, const char * if ((op = strchr(initfield, ' '))) *op = '\0'; newval = va_arg(aq, const char *); - if (!strchr(newparam, ' ')) op = " ="; else op = ""; + op = !strchr(newparam, ' ') ? " =" : ""; snprintf(sql, sizeof(sql), "SELECT * FROM %s WHERE %s%s ?", table, newparam, op); while((newparam = va_arg(aq, const char *))) { - if (!strchr(newparam, ' ')) op = " ="; else op = ""; - snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), " AND %s%s ?", newparam, op); + op = !strchr(newparam, ' ') ? " =" : ""; + snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), " AND %s%s ?%s", newparam, op, + strcasestr(newparam, "LIKE") ? " ESCAPE '\\'" : ""); newval = va_arg(aq, const char *); } if (initfield) snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), " ORDER BY %s", initfield); va_end(aq); - if (strcasestr(sql, "LIKE")) - snprintf(sql + strlen(sql), sizeof(sql) - strlen(sql), " ESCAPE '\\'"); res = SQLPrepare(stmt, (unsigned char *)sql, SQL_NTS); if ((res != SQL_SUCCESS) && (res != SQL_SUCCESS_WITH_INFO)) {