Browse files

set_quote_sql_str no longer accepts the for=pg option; instead, we in…

…troduce the set_quote_pgsql_str directive which can be combined with ngx_arrray module's array_map_op, the same applies to set_quote_sql_str.
  • Loading branch information...
1 parent 505e69d commit b714070f99196f97d3b1b103832c245da5015383 @agentzh agentzh committed Aug 18, 2010
Showing with 60 additions and 96 deletions.
  1. +5 −8 README
  2. +3 −0 src/ngx_http_set_escape_uri.c
  3. +25 −2 src/ngx_http_set_misc_module.c
  4. +16 −64 src/ngx_http_set_quote_sql.c
  5. +6 −17 src/ngx_http_set_quote_sql.h
  6. +5 −5 test/t/quote-sql.t
View
13 README
@@ -20,20 +20,17 @@ Synopsis
location /bar {
set $foo "hello\n\n'\"\\";
- set_quote_sql_str $foo $foo;
+ set_quote_sql_str $foo $foo; # for mysql
# OR in-place editing:
# set_quote_sql_str $foo;
# now $foo is: 'hello\n\n\'\"\\'
}
- lacation /bar {
+ location /bar {
set $foo "hello\n\n'\"\\";
- set_quote_sql_str for=pg $foo;
-
- # if your db is pg, use 'for=pg'
- # default db is mysql
+ set_quote_pgsql_str $foo; # for PostgreSQL
# now $foo is: E'hello\n\n\'\"\\'
}
@@ -161,9 +158,9 @@ Installation
Compatibility
The following versions of Nginx should work with this module:
- * 0.8.x (last tested version is 0.8.38)
+ * 0.8.x (last tested version is 0.8.49)
- * 0.7.x >= 0.7.46 (last tested version is 0.7.65)
+ * 0.7.x >= 0.7.46 (last tested version is 0.7.67)
Earlier versions of Nginx like 0.6.x and 0.5.x will *not* work.
View
3 src/ngx_http_set_escape_uri.c
@@ -35,13 +35,16 @@ ngx_http_set_misc_escape_uri(ngx_http_request_t *r,
if (escape == 0) {
ngx_memcpy(dst, src, len);
dd("escape == 0");
+
} else {
ngx_escape_uri(dst, src, v->len, NGX_ESCAPE_URI);
}
res->data = dst;
res->len = len;
+
dd("after eacape:%.*s", res->len, res->data);
+
return NGX_OK;
}
View
27 src/ngx_http_set_misc_module.c
@@ -49,6 +49,20 @@ static ndk_set_var_t ngx_http_set_misc_decode_base32_filter = {
NULL
};
+static ndk_set_var_t ngx_http_set_misc_quote_sql_str_filter = {
+ NDK_SET_VAR_VALUE,
+ ngx_http_set_misc_quote_sql_str,
+ 1,
+ NULL
+};
+
+static ndk_set_var_t ngx_http_set_misc_quote_pgsql_str_filter = {
+ NDK_SET_VAR_VALUE,
+ ngx_http_set_misc_quote_pgsql_str,
+ 1,
+ NULL
+};
+
static ndk_set_var_t ngx_http_set_misc_quote_json_str_filter = {
NDK_SET_VAR_VALUE,
ngx_http_set_misc_quote_json_str,
@@ -110,10 +124,19 @@ static ngx_command_t ngx_http_set_misc_commands[] = {
ngx_string ("set_quote_sql_str"),
NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_SIF_CONF
|NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF|NGX_CONF_TAKE12,
- ngx_http_set_quote_sql_str,
+ ndk_set_var_value,
0,
0,
- NULL
+ &ngx_http_set_misc_quote_sql_str_filter
+ },
+ {
+ ngx_string ("set_quote_pgsql_str"),
+ NGX_HTTP_MAIN_CONF|NGX_HTTP_SRV_CONF|NGX_HTTP_SIF_CONF
+ |NGX_HTTP_LOC_CONF|NGX_HTTP_LIF_CONF|NGX_CONF_TAKE12,
+ ndk_set_var_value,
+ 0,
+ 0,
+ &ngx_http_set_misc_quote_pgsql_str_filter
},
{
ngx_string ("set_quote_json_str"),
View
80 src/ngx_http_set_quote_sql.c
@@ -1,59 +1,8 @@
#define DDEBUG 0
+
#include "ddebug.h"
#include <ndk.h>
#include "ngx_http_set_quote_sql.h"
-#define true 1
-#define false 0
-
-char *
-ngx_http_set_quote_sql_str(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
-{
- ndk_set_var_t filter;
- ngx_str_t *value;
- ngx_str_t result[3];
- ngx_str_t *bad_arg;
-
- filter.type = NDK_SET_VAR_MULTI_VALUE;
- filter.size = 1;
-
- value = cf->args->elts;
- result[0] = value[1];
-
- if (cf->args->nelts == 2) {
- dd("set_quote_sql $foo");
- filter.func = &ngx_http_set_misc_quote_sql_str;
- return ndk_set_var_multi_value_core(cf, &result[0], &value[1], &filter);
- }
-
- if (value[1].len >= sizeof("for=") -1 && (ngx_strncasecmp((u_char *) "for=", value[1].data, sizeof("for=") -1))==0)
- {
- result[1] = value[2];
- result[0].data += sizeof("for=") -1;
-
- if (ngx_strncasecmp((u_char *) "pg", result[0].data, sizeof("pg") - 1) == 0) {
- filter.func = &ngx_http_set_misc_quote_pgsql_str;
- } else {
- bad_arg = &result[0];
- }
-
- if (cf->args->nelts > 4){
- bad_arg = &value[4];
- } else {
- return ndk_set_var_multi_value_core(cf, &result[1], &value[2], &filter);
- }
- } else if (cf->args->nelts == 3){
- dd("set_quote_sql $foo $foo");
- filter.func = &ngx_http_set_misc_quote_sql_str;
- return ndk_set_var_multi_value_core(cf, &result[0], &value[1], &filter);
- } else {
- bad_arg = &value[1];
- }
-
- ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
- "%V: unexpected argument \"%V\"",
- &cmd->name, bad_arg);
- return NGX_CONF_ERROR;
-}
ngx_int_t
@@ -123,57 +72,59 @@ ngx_http_pg_utf_islegal(const unsigned char *s, ngx_int_t len)
while (slen > 0) {
mblen = ngx_http_pg_utf_mblen(s);
if (slen < mblen)
- return false;
+ return 0;
switch(mblen)
{
default:
- return false;
+ return 0;
case 4:
a = *(s + 3);
if (a < 0x80 || a > 0xBF)
- return false;
+ return 0;
case 3:
a = *(s + 2);
if (a < 0x80 || a > 0xBF)
- return false;
+ return 0;
case 2:
a = *(s + 1);
switch (*s)
{
case 0xE0:
if (a < 0xA0 || a > 0xBF)
- return false;
+ return 0;
break;
case 0xED:
if (a < 0x80 || a > 0x9F)
- return false;
+ return 0;
break;
case 0xF0:
if (a < 0x90 || a > 0xBF)
- return false;
+ return 0;
break;
case 0xF4:
if (a < 0x80 || a > 0x8F)
- return false;
+ return 0;
break;
default:
if (a < 0x80 || a > 0xBF)
- return false;
+ return 0;
break;
}
case 1:
a = *s;
if (a >= 0x80 && a < 0xC2)
- return false;
+ return 0;
if (a > 0xF4)
- return false;
+ return 0;
break;
}
+
s += mblen;
slen -= mblen;
}
- return true;
+
+ return 1;
}
@@ -199,6 +150,7 @@ ngx_http_pg_utf_escape(ngx_http_request_t *r, ngx_str_t *res)
d = res->data;
l = res->len;
+
p = ngx_palloc(r->pool, count);
if (p == NULL) {
return result;
View
23 src/ngx_http_set_quote_sql.h
@@ -1,5 +1,5 @@
-#ifndef NGX_SET_QUOTE_SQL
-#define NGX_SET_QUOTE_SQL
+#ifndef NGX_SET_QUOTE_SQL_H
+#define NGX_SET_QUOTE_SQL_H
#include <ngx_core.h>
@@ -10,29 +10,18 @@
uintptr_t ngx_http_set_misc_escape_sql_str(u_char *dst, u_char *src,
size_t size);
-
ngx_int_t ngx_http_set_misc_quote_sql_str(ngx_http_request_t *r,
ngx_str_t *res, ngx_http_variable_value_t *v);
-
-char *
-ngx_http_set_quote_sql_str(ngx_conf_t *cf, ngx_command_t *cmd, void *conf);
-
-
ngx_int_t ngx_http_set_misc_quote_pgsql_str(ngx_http_request_t *r,
ngx_str_t *res, ngx_http_variable_value_t *v);
+ngx_int_t ngx_http_pg_utf_mblen(const unsigned char *s);
-ngx_int_t
-ngx_http_pg_utf_mblen(const unsigned char *s);
-
-
-ngx_str_t *
-ngx_http_pg_utf_escape(ngx_http_request_t *r, ngx_str_t *res);
+ngx_str_t * ngx_http_pg_utf_escape(ngx_http_request_t *r, ngx_str_t *res);
+ngx_int_t ngx_http_pg_utf_islegal(const unsigned char *s, ngx_int_t len);
-ngx_int_t
-ngx_http_pg_utf_islegal(const unsigned char *s, ngx_int_t len);
-#endif /* NGX_SET_QUOTE_SQL */
+#endif /* NGX_SET_QUOTE_SQL_H */
View
10 test/t/quote-sql.t
@@ -1,4 +1,4 @@
-# vi:filetype=perl
+# vi:filetype=
use lib 'lib';
use Test::Nginx::Socket;
@@ -72,7 +72,7 @@ null
=== TEST 5: set quote null pgsql value
--- config
location /foo {
- set_quote_sql_str for=pg $foo;
+ set_quote_pgsql_str $foo;
echo $foo;
}
--- request
@@ -85,7 +85,7 @@ null
--- config
location /foo {
set $foo "hello\n\r'\"\\";
- set_quote_sql_str for=pg $foo;
+ set_quote_pgsql_str $foo;
echo $foo;
}
--- request
@@ -98,7 +98,7 @@ E'hello\n\r\'\"\\'
--- config
location /foo {
set $foo "你好";
- set_quote_sql_str for=pg $foo;
+ set_quote_pgsql_str $foo;
echo $foo;
}
--- request
@@ -112,7 +112,7 @@ E'你好'
location /foo {
set $foo "你好";
set_iconv $foo $foo from=utf-8 to=gbk;
- set_quote_sql_str for=pg $foo;
+ set_quote_pgsql_str $foo;
echo $foo;
}
--- request

0 comments on commit b714070

Please sign in to comment.