diff options
author | Alexey Shchepin <alexey@process-one.net> | 2020-01-13 03:36:52 +0300 |
---|---|---|
committer | Alexey Shchepin <alexey@process-one.net> | 2020-02-04 04:53:54 +0300 |
commit | b2f536ec8b40adca1e7c619507116155d6a8497a (patch) | |
tree | 0c3c429bea87d6a43e9985a979d7297c5a925b0b /src/ejabberd_sql.erl | |
parent | Add missing oauth_client table declaration in lite.new.sql (diff) |
Use SQL ESCAPE statement only with MSSQL and SQLite, improve compatibility with CockroachDB (#3074)
Diffstat (limited to '')
-rw-r--r-- | src/ejabberd_sql.erl | 32 |
1 files changed, 24 insertions, 8 deletions
diff --git a/src/ejabberd_sql.erl b/src/ejabberd_sql.erl index 6c7507e9..308c3302 100644 --- a/src/ejabberd_sql.erl +++ b/src/ejabberd_sql.erl @@ -227,6 +227,8 @@ escape_like_arg(S) when is_binary(S) -> escape_like_arg($%) -> <<"\\%">>; escape_like_arg($_) -> <<"\\_">>; escape_like_arg($\\) -> <<"\\\\">>; +escape_like_arg($[) -> <<"\\[">>; % For MSSQL +escape_like_arg($]) -> <<"\\]">>; escape_like_arg(C) when is_integer(C), C >= 0, C =< 255 -> <<C>>. escape_like_arg_circumflex(S) when is_binary(S) -> @@ -718,7 +720,8 @@ generic_escape() -> boolean = fun(true) -> <<"1">>; (false) -> <<"0">> end, - in_array_string = fun(X) -> <<"'", (escape(X))/binary, "'">> end + in_array_string = fun(X) -> <<"'", (escape(X))/binary, "'">> end, + like_escape = fun() -> <<"">> end }. pgsql_sql_query(SQLQuery) -> @@ -736,7 +739,8 @@ pgsql_escape() -> boolean = fun(true) -> <<"1">>; (false) -> <<"0">> end, - in_array_string = fun(X) -> <<"E'", (escape(X))/binary, "'">> end + in_array_string = fun(X) -> <<"E'", (escape(X))/binary, "'">> end, + like_escape = fun() -> <<"">> end }. sqlite_sql_query(SQLQuery) -> @@ -754,7 +758,8 @@ sqlite_escape() -> boolean = fun(true) -> <<"1">>; (false) -> <<"0">> end, - in_array_string = fun(X) -> <<"'", (standard_escape(X))/binary, "'">> end + in_array_string = fun(X) -> <<"'", (standard_escape(X))/binary, "'">> end, + like_escape = fun() -> <<"ESCAPE '\\'">> end }. standard_escape(S) -> @@ -767,9 +772,18 @@ mssql_sql_query(SQLQuery) -> sqlite_sql_query(SQLQuery). pgsql_prepare(SQLQuery, State) -> - Escape = #sql_escape{_ = fun(X) -> X end}, - N = length((SQLQuery#sql_query.args)(Escape)), - Args = [<<$$, (integer_to_binary(I))/binary>> || I <- lists:seq(1, N)], + Escape = #sql_escape{_ = fun(_) -> arg end, + like_escape = fun() -> escape end}, + {RArgs, _} = + lists:foldl( + fun(arg, {Acc, I}) -> + {[<<$$, (integer_to_binary(I))/binary>> | Acc], I + 1}; + (escape, {Acc, I}) -> + {[<<"">> | Acc], I} + end, {[], 1}, (SQLQuery#sql_query.args)(Escape)), + Args = lists:reverse(RArgs), + %N = length((SQLQuery#sql_query.args)(Escape)), + %Args = [<<$$, (integer_to_binary(I))/binary>> || I <- lists:seq(1, N)], Query = (SQLQuery#sql_query.format_query)(Args), pgsql:prepare(State#state.db_ref, SQLQuery#sql_query.hash, Query). @@ -779,13 +793,15 @@ pgsql_execute_escape() -> boolean = fun(true) -> "1"; (false) -> "0" end, - in_array_string = fun(X) -> <<"\"", (escape(X))/binary, "\"">> end + in_array_string = fun(X) -> <<"\"", (escape(X))/binary, "\"">> end, + like_escape = fun() -> ignore end }. pgsql_execute_sql_query(SQLQuery, State) -> Args = (SQLQuery#sql_query.args)(pgsql_execute_escape()), + Args2 = lists:filter(fun(ignore) -> false; (_) -> true end, Args), ExecuteRes = - pgsql:execute(State#state.db_ref, SQLQuery#sql_query.hash, Args), + pgsql:execute(State#state.db_ref, SQLQuery#sql_query.hash, Args2), % {T, ExecuteRes} = % timer:tc(pgsql, execute, [State#state.db_ref, SQLQuery#sql_query.hash, Args]), % io:format("T ~ts ~p~n", [SQLQuery#sql_query.hash, T]), |