While we're at it, escape all the columns in our TDS queries as well. Double
authorSean Bright <sean@malleable.com>
Sun, 29 Jun 2008 13:11:55 +0000 (13:11 +0000)
committerSean Bright <sean@malleable.com>
Sun, 29 Jun 2008 13:11:55 +0000 (13:11 +0000)
quotes seems to be more standard than square brackets (Sybase and SQL Server
both support them).

git-svn-id: https://origsvn.digium.com/svn/asterisk/trunk@126312 65c4cc65-6c06-0410-ace0-fbb531ad65f3

cdr/cdr_tds.c

index 2f17cac..9287308 100644 (file)
@@ -136,25 +136,25 @@ static int tds_log(struct ast_cdr *cdr)
        }
 
        erc = dbfcmd(settings->dbproc,
-               "INSERT INTO %s "
+               "INSERT INTO \"%s\" "
                "("
-                       "accountcode, "
-                       "src, "
-                       "dst, "
-                       "dcontext, "
-                       "clid, "
-                       "channel, "
-                       "dstchannel, "
-                       "lastapp, "
-                       "lastdata, "
-                       "start, "
-                       "answer, "
-                       "[end], "
-                       "duration, "
-                       "billsec, "
-                       "disposition, "
-                       "amaflags, "
-                       "uniqueid"
+                       "\"accountcode\", "
+                       "\"src\", "
+                       "\"dst\", "
+                       "\"dcontext\", "
+                       "\"clid\", "
+                       "\"channel\", "
+                       "\"dstchannel\", "
+                       "\"lastapp\", "
+                       "\"lastdata\", "
+                       "\"start\", "
+                       "\"answer\", "
+                       "\"end\", "
+                       "\"duration\", "
+                       "\"billsec\", "
+                       "\"disposition\", "
+                       "\"amaflags\", "
+                       "\"uniqueid\""
                ") "
                "VALUES "
                "("
@@ -317,7 +317,7 @@ static int mssql_connect(void)
                goto failed;
        }
 
-       if (dbfcmd(settings->dbproc, "SELECT 1 FROM [%s]", settings->table) == FAIL) {
+       if (dbfcmd(settings->dbproc, "SELECT 1 FROM \"%s\"", settings->table) == FAIL) {
                ast_log(LOG_ERROR, "Unable to build query while verifying the existence of table '%s'\n", settings->table);
                goto failed;
        }