Thread: [Refdb-cvs] CVS: refdb/src xmlhandler.c,1.22.2.24,1.22.2.25

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Update of /cvsroot/refdb/refdb/src
In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv1095

Modified Files:
      Tag: Release_0_9_5_stable
	xmlhandler.c 
Log Message:
escape periodical title

Index: xmlhandler.c
===================================================================
RCS file: /cvsroot/refdb/refdb/src/xmlhandler.c,v
retrieving revision 1.22.2.24
retrieving revision 1.22.2.25
diff -u -U2 -r1.22.2.24 -r1.22.2.25

--- xmlhandler.c	8 Feb 2006 20:46:54 -0000	1.22.2.24
+++ xmlhandler.c	22 Feb 2006 21:02:45 -0000	1.22.2.25
@@ -1355,4 +1355,5 @@
   char* my_xaempty = NULL;
   char *my_refdb_title = NULL;
+  char* escape_buffer;
   char titlespec[16];
   char periodical[256] = "";
@@ -1777,11 +1778,11 @@
 
 	  /* journal */
-	  sprintf(sql_command, "UPDATE %s SET periodical=\'", ptr_gbdata->ptr_table_name);
+	  sprintf(sql_command, "UPDATE %s SET periodical=", ptr_gbdata->ptr_table_name);
 	  
 	  if (!strcmp(my_dbi_conn_get_cap(ptr_gbdata->conn, "multiple_db"), "t")) {
-	    item = get_periodical(ptr_gbdata->conn, periodical, database, 3, &errcode, real_orig_id); 
+	    item = get_periodical(ptr_gbdata->conn, periodical, database, 4, &errcode, real_orig_id); 
 	  }
 	  else {
-	    item = get_periodical(conn_source, periodical, NULL, 3, &errcode, real_orig_id); 
+	    item = get_periodical(conn_source, periodical, NULL, 4, &errcode, real_orig_id); 
 	  }
 	  
@@ -1792,8 +1793,24 @@
 	  else if (!errcode) {
 	    if (*periodical) {
+/* 	      printf("periodical went to:%s<<\n", periodical); */
 	      /* string is short enough, don't need mstrcat here */
-	      strcat(sql_command, periodical);
+	      escape_buffer = strdup(item);
+
+	      if (!escape_buffer) {
+		LOG_PRINT(LOG_WARNING, "malloc failed");
+		(*(ptr_gbdata->ptr_nmem_error))++;
+	      }
+
+	      /* escape any characters that the database server cannot digest */
+	      if (dbi_conn_quote_string(ptr_gbdata->conn, &escape_buffer) == 0) {
+		LOG_PRINT(LOG_WARNING, "out of memory");
+		(*(ptr_gbdata->ptr_nmem_error))++;
+	      }
+
+/* 	      printf("escape_buffer went to:%s<<\n", escape_buffer); */
+	      strcat(sql_command, escape_buffer);
+	      free(escape_buffer);
 	    }
-	    strcat(sql_command, "\' WHERE id=");
+	    strcat(sql_command, " WHERE id=");
 	    /* buffer still has temp_id*/
 	    strcat(sql_command, buffer);





Thread: [Refdb-cvs] CVS: refdb/src xmlhandler.c,1.22.2.24,1.22.2.25

refdb-cvs