Mercurial > urweb
diff src/postgres.sml @ 1285:514be09d5018
Better UTF-8 escaping for JavaScript and SQL literals
| author | Adam Chlipala <adam@chlipala.net> |
|---|---|
| date | Tue, 10 Aug 2010 15:55:43 -0400 |
| parents | 134da5110bf7 |
| children | acabf3935060 |
line wrap: on
line diff
--- a/src/postgres.sml Tue Aug 10 14:52:33 2010 -0400 +++ b/src/postgres.sml Tue Aug 10 15:55:43 2010 -0400 @@ -331,7 +331,7 @@ box [string "res = PQprepare(conn, \"uw", string (Int.toString i), string "\", \"", - string (String.toString s), + string (String.toCString s), string "\", ", string (Int.toString n), string ", NULL);", @@ -349,7 +349,7 @@ string "PQfinish(conn);", newline, string "uw_error(ctx, FATAL, \"Unable to create prepared statement:\\n", - string (String.toString s), + string (String.toCString s), string "\\n%s\", msg);", newline], string "}", @@ -473,7 +473,7 @@ string "static void uw_db_init(uw_context ctx) {", newline, string "PGconn *conn = PQconnectdb(\"", - string (String.toString dbstring), + string (String.toCString dbstring), string "\");", newline, string "if (conn == NULL) uw_error(ctx, FATAL, ", @@ -698,14 +698,14 @@ string ", paramValues, paramLengths, paramFormats, 0);"] else box [string "PQexecParams(conn, \"", - string (String.toString query), + string (String.toCString query), string "\", ", string (Int.toString (length inputs)), string ", NULL, paramValues, paramLengths, paramFormats, 0);"], newline, newline, queryCommon {loc = loc, cols = cols, doCols = doCols, query = box [string "\"", - string (String.toString query), + string (String.toCString query), string "\""]}] fun dmlCommon {loc, dml} = @@ -779,14 +779,14 @@ string ", paramValues, paramLengths, paramFormats, 0);"] else box [string "PQexecParams(conn, \"", - string (String.toString dml), + string (String.toCString dml), string "\", ", string (Int.toString (length inputs)), string ", NULL, paramValues, paramLengths, paramFormats, 0);"], newline, newline, dmlCommon {loc = loc, dml = box [string "\"", - string (String.toString dml), + string (String.toCString dml), string "\""]}] fun nextvalCommon {loc, query} = @@ -863,12 +863,12 @@ string "\", 0, NULL, NULL, NULL, 0);"] else box [string "PQexecParams(conn, \"", - string (String.toString query), + string (String.toCString query), string "\", 0, NULL, NULL, NULL, NULL, 0);"], newline, newline, nextvalCommon {loc = loc, query = box [string "\"", - string (String.toString query), + string (String.toCString query), string "\""]}] fun setvalCommon {loc, query} = @@ -921,7 +921,7 @@ else "\\" ^ StringCvt.padLeft #"0" 3 (Int.fmt StringCvt.OCT (ord ch))) - (String.toString s) ^ "'::text" + (String.toCString s) ^ "'::text" fun p_cast (s, t) = s ^ "::" ^ p_sql_type t