Bug #12630 | mysql_real_escape_string bad result | ||
---|---|---|---|
Submitted: | 17 Aug 2005 20:24 | Modified: | 24 Aug 2005 9:23 |
Reporter: | Anker Berg-Sonne | Email Updates: | |
Status: | Can't repeat | Impact on me: | |
Category: | MySQL++ | Severity: | S2 (Serious) |
Version: | 5.0.4 | OS: | Windows (Windows Server 2000 SP1) |
Assigned to: | CPU Architecture: | Any |
[17 Aug 2005 20:24]
Anker Berg-Sonne
[19 Aug 2005 13:34]
MySQL Verification Team
I assume you mean C API and not MySQL++ how reported. Could you please provide a code's sample. Thank you in advance.
[19 Aug 2005 13:58]
Anker Berg-Sonne
Yes, it is the C API, but that wasn't a choice on the bug reporting site. C++ was the closest match. :-) Ooops! I just realized that it is the version of the client library file that you need, not the server that I an connected to. I looked up and I am linking against the 5.0.4 libraries. I'll correct the version. printf("%d",mysql_real_escape_string(Conn,ResultString,"'",1)); Returns -1 It should have returned a positive value.
[24 Aug 2005 9:23]
Georg Richter
Can't repeat (tested with libmysql 5.0.12) printf("client library version: %d\n", mysql_get_client_version()); mysql_query(mysql, "SET sql_mode=''"); rc= mysql_real_escape_string(mysql, (char *)&to, from, strlen(from)); printf("rc=%d From=%s To=%s\n", rc, from, to); mysql_query(mysql, "SET sql_mode='NO_BACKSLASH_ESCAPES'"); rc= mysql_real_escape_string(mysql, (char *)&to, from, strlen(from)); printf("rc=%d From=%s To=%s\n", rc, from, to); Output: client library version: 50012 rc=2 From=' To=\' rc=2 From=' To=''