Mercurial > urweb
diff src/mysql.sml @ 1285:514be09d5018
Better UTF-8 escaping for JavaScript and SQL literals
| author | Adam Chlipala <adam@chlipala.net> |
|---|---|
| date | Tue, 10 Aug 2010 15:55:43 -0400 |
| parents | 134da5110bf7 |
| children | acabf3935060 |
line wrap: on
line diff
--- a/src/mysql.sml Tue Aug 10 14:52:33 2010 -0400 +++ b/src/mysql.sml Tue Aug 10 15:55:43 2010 -0400 @@ -344,7 +344,7 @@ fun stringOf r = case !r of NONE => string "NULL" | SOME s => box [string "\"", - string (String.toString s), + string (String.toCString s), string "\""] in app (fn s => @@ -477,7 +477,7 @@ newline, string "if (mysql_stmt_prepare(stmt, \"", - string (String.toString s), + string (String.toCString s), string "\", ", string (Int.toString (size s)), string ")) {", @@ -974,7 +974,7 @@ else box [], string "if (mysql_stmt_prepare(stmt, \"", - string (String.toString query), + string (String.toCString query), string "\", ", string (Int.toString (size query)), string ")) {", @@ -1185,7 +1185,7 @@ newline, queryCommon {loc = loc, cols = cols, doCols = doCols, query = box [string "\"", - string (String.toString query), + string (String.toCString query), string "\""]}, if nested then @@ -1276,7 +1276,7 @@ string "if (stmt == NULL) uw_error(ctx, FATAL, \"Out of memory allocating prepared statement\");", newline, string "if (mysql_stmt_prepare(stmt, \"", - string (String.toString dml), + string (String.toCString dml), string "\", ", string (Int.toString (size dml)), string ")) {", @@ -1470,7 +1470,7 @@ newline, dmlCommon {loc = loc, dml = box [string "\"", - string (String.toString dml), + string (String.toCString dml), string "\""]}] fun nextval {loc, seqE, seqName} = @@ -1514,7 +1514,7 @@ (ErrorMsg.error "Non-printing character found in SQL string literal"; "")) - (String.toString s) ^ "'" + (String.toCString s) ^ "'" fun p_cast (s, _) = s