Faster sequence id retrieval.

author Ilia Alshanetsky <iliaa@php.net>

Thu, 7 Jul 2005 00:52:19 +0000 (00:52 +0000)

committer Ilia Alshanetsky <iliaa@php.net>

Thu, 7 Jul 2005 00:52:19 +0000 (00:52 +0000)
author Ilia Alshanetsky <iliaa@php.net>
Thu, 7 Jul 2005 00:52:19 +0000 (00:52 +0000)
committer Ilia Alshanetsky <iliaa@php.net>
Thu, 7 Jul 2005 00:52:19 +0000 (00:52 +0000)
diff --git a/ext/pdo_pgsql/pgsql_driver.c b/ext/pdo_pgsql/pgsql_driver.c

index 9fe78dad2a6112c75bba89ca69914b4480d80a9d..4f7bd2eceb599654a815de9d9f684c3a48c22d45 100644 (file)
--- a/ext/pdo_pgsql/pgsql_driver.c
+++ b/ext/pdo_pgsql/pgsql_driver.c
@@ -210,15 +210,16 @@ static char *pdo_pgsql_last_insert_id(pdo_dbh_t *dbh, const char *name, unsigned
                 *len = spprintf(&id, 0, "%ld", (long) H->pgoid);
         } else {
                 PGresult *res;
-               char *name_escaped, *q;
-               size_t l = strlen(name);
+               char *q;
                 ExecStatusType status;
  
-               name_escaped = safe_emalloc(l, 2, 1);
-               PQescapeString(name_escaped, name, l);
-               spprintf(&q, 0, "SELECT CURRVAL('%s')", name_escaped);
+               /* SQL injection protection */
+               if (strchr(name, '\'')) {
+                       return NULL;
+               }
+
+               spprintf(&q, sizeof("SELECT CURRVAL('')") + strlen(name), "SELECT CURRVAL('%s')", name);
                 res = PQexec(H->server, q);
-               efree(name_escaped);
                 efree(q);
                 status = PQresultStatus(res);
author	Ilia Alshanetsky <iliaa@php.net>
	Thu, 7 Jul 2005 00:52:19 +0000 (00:52 +0000)
committer	Ilia Alshanetsky <iliaa@php.net>
	Thu, 7 Jul 2005 00:52:19 +0000 (00:52 +0000)