diff options
| author | Nikita Popov <nikita.ppv@gmail.com> | 2020-09-18 15:26:04 +0200 |
|---|---|---|
| committer | Nikita Popov <nikita.ppv@gmail.com> | 2020-09-18 15:26:04 +0200 |
| commit | 9962ad64445e845707f5e203b18b5de2d794b40c (patch) | |
| tree | 2fbd8b9e53c4c8fe7ac529ef9e938eb3a32dff31 | |
| parent | 74d16999fc7cd5cf778547d796f5ac8e761b8518 (diff) | |
| parent | e6dc9abdb77aa72b9d1b8e2158ac6d8811b75e4b (diff) | |
| download | php-git-9962ad64445e845707f5e203b18b5de2d794b40c.tar.gz | |
Merge branch 'PHP-7.4'
* PHP-7.4:
Support NO_BACKSLASH_ESCAPES with newer libmysqlclient
| -rw-r--r-- | ext/mysqli/mysqli_api.c | 9 | ||||
| -rw-r--r-- | ext/pdo_mysql/mysql_driver.c | 9 |
2 files changed, 13 insertions, 5 deletions
diff --git a/ext/mysqli/mysqli_api.c b/ext/mysqli/mysqli_api.c index a22e710c75..aa283505e1 100644 --- a/ext/mysqli/mysqli_api.c +++ b/ext/mysqli/mysqli_api.c @@ -1885,7 +1885,11 @@ PHP_FUNCTION(mysqli_real_query) } /* }}} */ -/* {{{ Escapes special characters in a string for use in a SQL statement, taking into account the current charset of the connection */ +#if defined(PDO_USE_MYSQLND) || MYSQL_VERSION_ID < 50707 || defined(MARIADB_BASE_VERSION) +# define mysql_real_escape_string_quote(mysql, to, from, length, quote) \ + mysql_real_escape_string(mysql, to, from, length) +#endif + PHP_FUNCTION(mysqli_real_escape_string) { MY_MYSQL *mysql; zval *mysql_link = NULL; @@ -1899,12 +1903,11 @@ PHP_FUNCTION(mysqli_real_escape_string) { MYSQLI_FETCH_RESOURCE_CONN(mysql, mysql_link, MYSQLI_STATUS_VALID); newstr = zend_string_alloc(2 * escapestr_len, 0); - ZSTR_LEN(newstr) = mysql_real_escape_string(mysql->mysql, ZSTR_VAL(newstr), escapestr, escapestr_len); + ZSTR_LEN(newstr) = mysql_real_escape_string_quote(mysql->mysql, ZSTR_VAL(newstr), escapestr, escapestr_len, '\''); newstr = zend_string_truncate(newstr, ZSTR_LEN(newstr), 0); RETURN_NEW_STR(newstr); } -/* }}} */ /* {{{ Undo actions from current transaction */ PHP_FUNCTION(mysqli_rollback) diff --git a/ext/pdo_mysql/mysql_driver.c b/ext/pdo_mysql/mysql_driver.c index 8c6f6a37f1..95f719a615 100644 --- a/ext/pdo_mysql/mysql_driver.c +++ b/ext/pdo_mysql/mysql_driver.c @@ -291,6 +291,11 @@ static char *pdo_mysql_last_insert_id(pdo_dbh_t *dbh, const char *name, size_t * } /* }}} */ +#if defined(PDO_USE_MYSQLND) || MYSQL_VERSION_ID < 50707 || defined(MARIADB_BASE_VERSION) +# define mysql_real_escape_string_quote(mysql, to, from, length, quote) \ + mysql_real_escape_string(mysql, to, from, length) +#endif + /* {{{ mysql_handle_quoter */ static int mysql_handle_quoter(pdo_dbh_t *dbh, const char *unquoted, size_t unquotedlen, char **quoted, size_t *quotedlen, enum pdo_param_type paramtype ) { @@ -313,13 +318,13 @@ static int mysql_handle_quoter(pdo_dbh_t *dbh, const char *unquoted, size_t unqu *quoted = safe_emalloc(2, unquotedlen, 3 + (use_national_character_set ? 1 : 0)); if (use_national_character_set) { - *quotedlen = mysql_real_escape_string(H->server, *quoted + 2, unquoted, unquotedlen); + *quotedlen = mysql_real_escape_string_quote(H->server, *quoted + 2, unquoted, unquotedlen, '\''); (*quoted)[0] = 'N'; (*quoted)[1] = '\''; ++*quotedlen; /* N prefix */ } else { - *quotedlen = mysql_real_escape_string(H->server, *quoted + 1, unquoted, unquotedlen); + *quotedlen = mysql_real_escape_string_quote(H->server, *quoted + 1, unquoted, unquotedlen, '\''); (*quoted)[0] = '\''; } |