Faster sequence id retrieval.

author: Ilia Alshanetsky <iliaa@php.net> 2005-07-07 00:52:19 +0000
committer: Ilia Alshanetsky <iliaa@php.net> 2005-07-07 00:52:19 +0000
commit: bcb447f6b83c7fe3758aa6e6ba5f42705a728aac (patch)
tree: 96d39ca2e993262ab0fbff2c935d079c0df68853 /ext/pdo_pgsql/pgsql_driver.c
parent: 56dd9f57311a2e47ef50a919d5dcfaf401e2ca6b (diff)
download: php-git-bcb447f6b83c7fe3758aa6e6ba5f42705a728aac.tar.gz
1 files changed, 7 insertions, 6 deletions
diff --git a/ext/pdo_pgsql/pgsql_driver.c b/ext/pdo_pgsql/pgsql_driver.c
index 9fe78dad2a..4f7bd2eceb 100644
--- a/ext/pdo_pgsql/pgsql_driver.c
+++ b/ext/pdo_pgsql/pgsql_driver.c
@@ -210,15 +210,16 @@ static char *pdo_pgsql_last_insert_id(pdo_dbh_t *dbh, const char *name, unsigned
 		*len = spprintf(&id, 0, "%ld", (long) H->pgoid);
 	} else {
 		PGresult *res;
-		char *name_escaped, *q;
-		size_t l = strlen(name);
+		char *q;
 		ExecStatusType status;
 
-		name_escaped = safe_emalloc(l, 2, 1);
-		PQescapeString(name_escaped, name, l);
-		spprintf(&q, 0, "SELECT CURRVAL('%s')", name_escaped);
+		/* SQL injection protection */
+		if (strchr(name, '\'')) {
+			return NULL;
+		}
+
+		spprintf(&q, sizeof("SELECT CURRVAL('')") + strlen(name), "SELECT CURRVAL('%s')", name);
 		res = PQexec(H->server, q);
-		efree(name_escaped);
 		efree(q);
 		status = PQresultStatus(res);
author	Ilia Alshanetsky <iliaa@php.net>	2005-07-07 00:52:19 +0000
committer	Ilia Alshanetsky <iliaa@php.net>	2005-07-07 00:52:19 +0000
commit	bcb447f6b83c7fe3758aa6e6ba5f42705a728aac (patch)
tree	96d39ca2e993262ab0fbff2c935d079c0df68853 /ext/pdo_pgsql/pgsql_driver.c
parent	56dd9f57311a2e47ef50a919d5dcfaf401e2ca6b (diff)
download	php-git-bcb447f6b83c7fe3758aa6e6ba5f42705a728aac.tar.gz