diff options
| author | Davey Shafik <me@daveyshafik.com> | 2016-02-02 13:35:51 -0500 |
|---|---|---|
| committer | Davey Shafik <me@daveyshafik.com> | 2016-02-02 13:35:51 -0500 |
| commit | 0beca6be082fce3e7e10d7495bd07e1f2e3f972e (patch) | |
| tree | 780852f3b19ab055fb9cd12e7e09bc4204405f46 /lib/mysql.php | |
| parent | 3527de42a66bcc7462f86f85bb7fce57ca77b540 (diff) | |
| download | php7-mysql-shim-0beca6be082fce3e7e10d7495bd07e1f2e3f972e.zip php7-mysql-shim-0beca6be082fce3e7e10d7495bd07e1f2e3f972e.tar.gz php7-mysql-shim-0beca6be082fce3e7e10d7495bd07e1f2e3f972e.tar.bz2 | |
Fix escaping not copying non-escapeable chars to the escaped string
Diffstat (limited to 'lib/mysql.php')
| -rw-r--r-- | lib/mysql.php | 16 |
1 files changed, 10 insertions, 6 deletions
diff --git a/lib/mysql.php b/lib/mysql.php index c2f3aad..9fa32cb 100644 --- a/lib/mysql.php +++ b/lib/mysql.php @@ -688,24 +688,28 @@ namespace Dshafik { for ($i = 0; $i < strlen($unescapedString); $i++) { switch ($unescapedString{$i}) { case "\0": - $esc = 0; + $esc = "\\0"; break; case "\n": - $esc = "n"; + $esc = "\\n"; break; case "\r": - $esc = "r"; + $esc = "\\r"; break; case '\\': case '\'': case '"': - $esc = $unescapedString{$i}; + $esc = "\\{$unescapedString{$i}}"; break; case "\032": - $esc = 'Z'; + $esc = "\\Z"; + break; + default: + $esc = $unescapedString{$i}; break; } - $escapedString .= "\\$esc"; + + $escapedString .= $esc; } |