char *mysql_odbc_escape_string(MYSQL *mysql, char *result_string, unsigned long result_string_length, char *original_string, unsigned long original_string_length, void *parameters, char *(*extend_buffer))
a properly escaped SQL query string from a given string. This
function is intended for use with
ODBC clients, and
mysql_real_escape_string provides the same
functionality with a simpler interface. This function takes the
string given in the fourth argument (with the length given in the
fifth argument, not including the terminating null character) and
escapes it so that the resulting string (which is put into the
address given in the second argument, with a maximum length given in
the third argument) is safe to use as a MySQL SQL statement. This
function returns a copy of the result string (the second argument).
The seventh argument must be a pointer to a function that can be used
to allocate memory for the result string. The function must take
three arguments: a pointer to a set of parameters that control how
the memory is allocated (these parameters are passed in as the sixth
argument to the original function), a pointer to the result string,
and a pointer to the maximum length of the result string.
char *data = "\000\002\001"; int data_length = 3; char *result; int result_length = 5; /* We don't want the final string to be longer than 5. extend_buffer( ) is a function that meets the criteria given above. */ mysql_odbc_escape_string( ...