Commit 724a6ede authored by Ted Trask's avatar Ted Trask

Truncate squid clientuserid before importing

parent aab583bb
......@@ -60,9 +60,10 @@ local function assert (v, m)
return v, m
end
-- Escape special characters in sql statements
local escape = function(sql)
-- Escape special characters in sql statements and truncate to length
local escape = function(sql, length)
sql = sql or ""
if length then sql = string.sub(sql, 1, length) end
sql = string.gsub(sql, "'", "''")
return string.gsub(sql, "\\", "\\\\")
end
......@@ -181,7 +182,7 @@ end
local importsquidlog = function(entry, sourcename)
if entry then
local sql = string.format("INSERT INTO weblog VALUES ('%s', '%s', '%s', '%s', '%s', '%s')",
escape(sourcename), escape(entry.clientip), escape(entry.clientuserid):lower(),
escape(sourcename), escape(entry.clientip), escape(entry.clientuserid, 64):lower(),
escape(entry.logdatetime), escape(entry.URL), escape(entry.bytes))
local res = assert (con:execute(sql))
end
......@@ -190,7 +191,7 @@ end
local importdglog = function(entry, sourcename)
if entry then
local sql = string.format("INSERT INTO blocklog VALUES ('%s', '0.0.0.0', '%s', '%s', '%s', '%s', '%s', '%s', '%s')",
escape(sourcename), escape(entry.clientuserid:lower()), escape(entry.logdatetime), escape(entry.URL),
escape(sourcename), escape(entry.clientuserid:lower(), 64), escape(entry.logdatetime), escape(entry.URL),
escape(entry.bytes), escape(entry.reason), escape(entry.score or "0"), escape(entry.shortreason))
local res = assert (con:execute(sql))
end
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment