Commit ed757db9 authored by Ted Trask's avatar Ted Trask

Fixed escape function to not escape \

parent 682f6095
......@@ -62,8 +62,7 @@ end
local escape = function(sql, length)
sql = sql or ""
if length then sql = string.sub(sql, 1, length) end
sql = string.gsub(sql, "'", "''")
return string.gsub(sql, "\\", "\\\\")
return string.gsub(sql, "'", "''")
end
-- List the postgres databases on this system
......@@ -397,7 +396,7 @@ end
local testdatabaseentry = function(datatype, value)
local success = true
local errtxt
local sql = "CREATE TEMP TABLE testing ( test "..escape(datatype).." DEFAULT '"..escape(value).."' ) ON COMMIT DROP"
local sql = "CREATE TEMP TABLE testing ( test "..datatype.." DEFAULT '"..escape(value).."' ) ON COMMIT DROP"
local res, err = pcall(function()
assert (con:execute(sql))
end)
......@@ -413,9 +412,9 @@ local convertdatabaseentry = function(datatype, value)
local errtxt
local result = value
local res, err = pcall(function()
local sql = "CREATE TEMP TABLE testing ( test "..escape(datatype).." )"
local sql = "CREATE TEMP TABLE testing ( test "..datatype.." )"
assert (con:execute(sql))
sql = "INSERT INTO testing VALUES ('"..value.."')"
sql = "INSERT INTO testing VALUES ('"..escape(value).."')"
assert (con:execute(sql))
sql = "SELECT * FROM testing"
local cur = assert (con:execute(sql))
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment