aboutsummaryrefslogtreecommitdiffstats
path: root/Source
diff options
context:
space:
mode:
authorbamse16 <marius@marius.me.uk>2009-07-11 14:57:10 +0000
committerbamse16 <marius@marius.me.uk>2009-07-11 14:57:10 +0000
commit04e807c2ca899cabe57ee834eab4336b8e3dbb7a (patch)
treef8111a9e41b44c1bafcd53d6475c361273c915fa /Source
parent8b79c6ae1d19532932aace89d58bf9e0bc326029 (diff)
downloadsequelpro-04e807c2ca899cabe57ee834eab4336b8e3dbb7a.tar.gz
sequelpro-04e807c2ca899cabe57ee834eab4336b8e3dbb7a.tar.bz2
sequelpro-04e807c2ca899cabe57ee834eab4336b8e3dbb7a.zip
Issue 333: Problems with single quotes in table name by escaping the single quotes in queries like SHOW TABLE STATUS LIKE 'I\'m';
Diffstat (limited to 'Source')
-rw-r--r--Source/SPTableData.m4
1 files changed, 3 insertions, 1 deletions
diff --git a/Source/SPTableData.m b/Source/SPTableData.m
index e348ac79..fee2e85e 100644
--- a/Source/SPTableData.m
+++ b/Source/SPTableData.m
@@ -715,7 +715,9 @@
}
// Run the status query and retrieve as a dictionary.
- CMMCPResult *tableStatusResult = [mySQLConnection queryString:[NSString stringWithFormat:@"SHOW TABLE STATUS LIKE '%@'", [tableListInstance tableName]]];
+ NSMutableString *escapedTableName = [NSMutableString stringWithString:[tableListInstance tableName]];
+ [escapedTableName replaceOccurrencesOfString:@"'" withString:@"\\\'" options:0 range:NSMakeRange(0, [escapedTableName length])];
+ CMMCPResult *tableStatusResult = [mySQLConnection queryString:[NSString stringWithFormat:@"SHOW TABLE STATUS LIKE '%@'", escapedTableName ]];
// Check for any errors, only displaying them if the connection hasn't been terminated
if (![[mySQLConnection getLastErrorMessage] isEqualToString:@""]) {