c++ Mysql C API mysql_real_escape_string

发布于 2024-08-13 01:05:49 字数 403 浏览 5 评论 0原文

我正在为 mysql c api 构建一个类包装器，特别是目前为 mysql_real_escape_string 构建的类包装器，但我认为我做得不太正确。

这就是我对该函数的了解：

std::string Database::EscapeString(const char *pStr)
{
    char *tStr = new char[strlen(pStr)*2+1];
    mysql_real_escape_string(m_sqlCon, tStr, pStr, strlen(pStr));
    string retStr(tStr);
    delete [] tStr;
    return retStr;
}

我尝试运行它，但它没有按预期执行并以 mysql 错误结束。

原文

I'm building a class wrapper for the mysql c api, specifically at the moment for mysql_real_escape_string and I don't think I'm doing it quite right.

this is what I have for the function:

std::string Database::EscapeString(const char *pStr)
{
    char *tStr = new char[strlen(pStr)*2+1];
    mysql_real_escape_string(m_sqlCon, tStr, pStr, strlen(pStr));
    string retStr(tStr);
    delete [] tStr;
    return retStr;
}

I tried running this through but it did not perform as expected and ended in mysql errors.

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

趁微风不噪 2024-08-20 01:05:49

我觉得不错。我怀疑你的数据库问题出在其他地方。

有一个简单的检查方法：暂时用虚拟函数替换 Database::EscapeString ，即

std::string Database::EscapeString(const char *pStr) {return string(pStr);}

然后看看是否会出现相同的错误。

编辑：
由于不确切知道错误是什么，或者导致错误的查询是什么，因此很难缩小问题范围。这里有一些可以尝试的事情：

A) 删除所有需要转义的字符。它会将虚假数据放入数据库，但希望您只是进行测试：

std::string Database::EscapeString(const char *pStr) {
    string result;
    while (*pStr) {
        if (strchr("\"'\r\n\t",*pStr))
        {
            //bad character, skip
        }
        else
        {
            result.push_back(*pStr);
        }
        ++pStr;
    }
    return result;
}

B) 在其他地方查找错误。 Database::Execute 编码是否正确？也许它在内部使用硬编码的缓冲区大小（您可能会超出）执行 snprintf

C) 尝试获取调试输出并将其直接输入到 mysql 客户端程序中（不要忘记添加分号在最后）。同样的错误？

Looks good to me. I suspect your database problem is elsewhere.

There's an easy way to check: temporarily replace Database::EscapeString with a dummy function, i.e.

std::string Database::EscapeString(const char *pStr) {return string(pStr);}

Then see if you get the same errors.

Edit:
Not knowing exactly what the error is, or what the query causing it is, it's tough to narrow down the problem. Here are some things to try:

A) Just get rid of all characters that would need to be escaped. It'll put bogus data into the database, but hopefully you're just testing anyways:

std::string Database::EscapeString(const char *pStr) {
    string result;
    while (*pStr) {
        if (strchr("\"'\r\n\t",*pStr))
        {
            //bad character, skip
        }
        else
        {
            result.push_back(*pStr);
        }
        ++pStr;
    }
    return result;
}

B) Look for errors elsewhere. Is Database::Execute coded well? Maybe it does a snprintf internally with a hardcoded buffer size (which you may be exceeding)

C) Try taking your debug output and entering it straight into the mysql client program (don't forget to put a semicolon at the end). Same error?

回复收藏 0 原文

~没有更多了~