From 04e807c2ca899cabe57ee834eab4336b8e3dbb7a Mon Sep 17 00:00:00 2001
From: bamse16 <marius@marius.me.uk>
Date: Sat, 11 Jul 2009 14:57:10 +0000
Subject: Issue 333: Problems with single quotes in table name by escaping the
 single quotes in queries like SHOW TABLE STATUS LIKE 'I\'m';

---
 Source/SPTableData.m | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'Source/SPTableData.m')

diff --git a/Source/SPTableData.m b/Source/SPTableData.m
index e348ac79..fee2e85e 100644
--- a/Source/SPTableData.m
+++ b/Source/SPTableData.m
@@ -715,7 +715,9 @@
 	}
 
 	// Run the status query and retrieve as a dictionary.
-	CMMCPResult *tableStatusResult = [mySQLConnection queryString:[NSString stringWithFormat:@"SHOW TABLE STATUS LIKE '%@'", [tableListInstance tableName]]];
+	NSMutableString *escapedTableName = [NSMutableString stringWithString:[tableListInstance tableName]];
+	[escapedTableName replaceOccurrencesOfString:@"'" withString:@"\\\'" options:0 range:NSMakeRange(0, [escapedTableName length])];
+	CMMCPResult *tableStatusResult = [mySQLConnection queryString:[NSString stringWithFormat:@"SHOW TABLE STATUS LIKE '%@'", escapedTableName ]];
 
 	// Check for any errors, only displaying them if the connection hasn't been terminated
 	if (![[mySQLConnection getLastErrorMessage] isEqualToString:@""]) {
-- 
cgit v1.2.3