1 diff -urN proftpd-1.2.5rc1/contrib/mod_sql_postgres.c proftpd-1.2.5rc1-debian/contrib/mod_sql_postgres.c
2 --- proftpd-1.2.5rc1/contrib/mod_sql_postgres.c 2003-06-19 15:32:52.000000000 +0200
3 +++ proftpd-1.2.5rc1-debian/contrib/mod_sql_postgres.c 2003-06-19 15:38:14.000000000 +0200
6 conn_entry_t *entry = NULL;
7 db_conn_t *conn = NULL;
8 + char *unescaped = NULL;
9 + char *escaped = NULL;
11 log_debug(DEBUG_FUNC, _MOD_VERSION ": entering \tcmd_escapestring");
13 @@ -1108,9 +1110,17 @@
14 conn = (db_conn_t *) entry->data;
16 /* PostgreSQL has no way to escape strings internally */
17 + /* Note: the PQescapeString() function appeared in the C API as of
20 + unescaped = cmd->argv[1];
21 + escaped = (char *) pcalloc(cmd->tmp_pool, sizeof(char) *
22 + (strlen(unescaped) * 2) + 1);
24 + PQescapeString(escaped, unescaped, strlen(unescaped));
26 log_debug(DEBUG_FUNC, _MOD_VERSION ": exiting \tcmd_escapestring");
27 - return mod_create_data(cmd, (void *) cmd->argv[1]);
28 + return mod_create_data(cmd, (void *) escaped );