mysql_odbc_escape_string —


char *mysql_odbc_escape_string(MYSQL *mysql, char *result_string, unsigned long 
result_string_length, char *original_string, unsigned long original_string_length, 
void *parameters, char *(*extend_buffer))

Creates a properly escaped SQL query string from a given string. This function is intended for use with ODBC clients, and mysql_real_escape_string provides the same functionality with a simpler interface. This function takes the string given in the fourth argument (with the length given in the fifth argument, not including the terminating null character) and escapes it so that the resulting string (which is put into the address given in the second argument, with a maximum length given in the third argument) is safe to use as a MySQL SQL statement. This function returns a copy of the result string (the second argument). The seventh argument must be a pointer to a function that can be used to allocate memory for the result string. The function must take three arguments: a pointer to a set of parameters that control how the memory is allocated (these parameters are passed in as the sixth argument to the original function), a pointer to the result string, and a pointer to the maximum length of the result string.


char *data = "\000\002\001"; int data_length = 3; char *result; int result_length = 5; /* We don't want the final string to be longer than 5. extend_buffer( ) is a function that meets the criteria given above. */ mysql_odbc_escape_string( ...

Get Managing & Using MySQL, 2nd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.