Fixed escape function to not escape \

ed757db9 · Ted Trask · 682f6095 · ed757db9
Commit ed757db9 authored Jan 03, 2012 by Ted Trask
Hide whitespace changes
Inline Side-by-side

Showing with 4 additions and 5 deletions

weblog-model.lua weblog-model.lua +4 -5

No files found.
--- a/weblog-model.lua
+++ b/weblog-model.lua
@@ -62,8 +62,7 @@ end
 local escape = function(sql, length)
 	sql = sql or ""
 	if length then sql = string.sub(sql, 1, length) end
-	sql = string.gsub(sql, "'", "''")
-	return string.gsub(sql, "\\", "\\\\")
+	return string.gsub(sql, "'", "''")
 end

 -- List the postgres databases on this system
@@ -397,7 +396,7 @@ end
 local testdatabaseentry = function(datatype, value)
 	local success = true
 	local errtxt
-	local sql = "CREATE TEMP TABLE testing ( test "..escape(datatype).." DEFAULT '"..escape(value).."' ) ON COMMIT DROP"
+	local sql = "CREATE TEMP TABLE testing ( test "..datatype.." DEFAULT '"..escape(value).."' ) ON COMMIT DROP"
 	local res, err = pcall(function()
 		assert (con:execute(sql))
 	end)
@@ -413,9 +412,9 @@ local convertdatabaseentry = function(datatype, value)
 	local errtxt
 	local result = value
 	local res, err = pcall(function()
-		local sql = "CREATE TEMP TABLE testing ( test "..escape(datatype).." )"
+		local sql = "CREATE TEMP TABLE testing ( test "..datatype.." )"
 		assert (con:execute(sql))
-		sql = "INSERT INTO testing VALUES ('"..value.."')"
+		sql = "INSERT INTO testing VALUES ('"..escape(value).."')"
 		assert (con:execute(sql))
 		sql = "SELECT * FROM testing"
 		local cur = assert (con:execute(sql))