diff options
| -rw-r--r-- | lib/mysql.php | 16 | ||||
| -rw-r--r-- | tests/MySqlShimTest.php | 2 |
2 files changed, 11 insertions, 7 deletions
diff --git a/lib/mysql.php b/lib/mysql.php index c2f3aad..9fa32cb 100644 --- a/lib/mysql.php +++ b/lib/mysql.php @@ -688,24 +688,28 @@ namespace Dshafik { for ($i = 0; $i < strlen($unescapedString); $i++) { switch ($unescapedString{$i}) { case "\0": - $esc = 0; + $esc = "\\0"; break; case "\n": - $esc = "n"; + $esc = "\\n"; break; case "\r": - $esc = "r"; + $esc = "\\r"; break; case '\\': case '\'': case '"': - $esc = $unescapedString{$i}; + $esc = "\\{$unescapedString{$i}}"; break; case "\032": - $esc = 'Z'; + $esc = "\\Z"; + break; + default: + $esc = $unescapedString{$i}; break; } - $escapedString .= "\\$esc"; + + $escapedString .= $esc; } diff --git a/tests/MySqlShimTest.php b/tests/MySqlShimTest.php index b4ae963..097692d 100644 --- a/tests/MySqlShimTest.php +++ b/tests/MySqlShimTest.php @@ -656,7 +656,7 @@ class MySqlShimTest extends \PHPUnit_Framework_TestCase public function test_mysql_escape_string() { - $this->assertEquals('\\\'\0\Z\r\n\"\\\\', @mysql_escape_string("'\0\032\r\n\"\\")); + $this->assertEquals('\\\'\0\Z\r\n\"\\\\safestring', @mysql_escape_string("'\0\032\r\n\"\\safestring")); } /** |