diff -ur ocaml-mysql-1.0.4.orig/mysql.ml ocaml-mysql-1.0.4/mysql.ml
--- ocaml-mysql-1.0.4.orig/mysql.ml 2006-02-23 22:13:22.000000000 +0000
+++ ocaml-mysql-1.0.4/mysql.ml 2009-10-16 11:42:08.074508283 +0100
@@ -333,6 +333,7 @@
external real_status : dbd -> int = "db_status"
external errmsg : dbd -> string option = "db_errmsg"
external escape : string -> string = "db_escape"
+external real_escape: dbd -> string -> string = "db_real_escape"
external fetch : result -> string option array option = "db_fetch"
external to_row : result -> int64 -> unit = "db_to_row"
external size : result -> int64 = "db_size"
@@ -516,7 +517,9 @@
the corresponding type *)
let ml2str str = "'" ^ escape str ^ "'"
+let ml2rstr conn str = "'" ^ real_escape conn str ^ "'"
let ml2blob = ml2str
+let ml2rblob = ml2rstr
let ml2int x = string_of_int x
let ml2decimal x = x
let ml322int x = Int32.to_string x
@@ -524,12 +527,15 @@
let mlnative2int x = Nativeint.to_string x
let ml2float x = string_of_float x
let ml2enum x = escape x
-let ml2set x = let rec loop arg = match arg with
- | [] -> ""
- | [x] -> escape x
- | x::y::ys -> escape x ^ "," ^ loop (y::ys)
- in
- loop x
+let ml2renum x = real_escape x
+let ml2set_filter f x =
+ let rec loop f = function
+ | [] -> ""
+ | [x] -> f x
+ | x::y::ys -> f x ^ "," ^ loop f (y::ys)
+ in loop f x
+let ml2set x = ml2set_filter escape x
+let ml2rset conn x = ml2set_filter (real_escape conn) x
let ml2datetimel ~year ~month ~day ~hour ~min ~sec =
Printf.sprintf "'%04d-%02d-%02d %02d:%02d:%02d'"
diff -ur ocaml-mysql-1.0.4.orig/mysql.mli ocaml-mysql-1.0.4/mysql.mli
--- ocaml-mysql-1.0.4.orig/mysql.mli 2006-02-23 22:13:22.000000000 +0000
+++ ocaml-mysql-1.0.4/mysql.mli 2009-10-16 11:42:08.075507981 +0100
@@ -230,6 +230,7 @@
(** [escape str] returns the same string as [str] in MySQL syntax with
special characters quoted to not confuse the MySQL parser *)
val escape : string -> string
+val real_escape : dbd -> string -> string
(** [xxx2ml str] decodes a MySQL value of type xxx into a corresponding
OCaml value *)
@@ -277,14 +278,18 @@
(** [ml2xxx v] encodes [v] into MySQL syntax. *)
val ml2str : string -> string
+val ml2rstr : dbd -> string -> string
val ml2blob : string -> string
+val ml2rblob : dbd -> string -> string
val ml2int : int -> string
val ml2decimal : string -> string
val ml322int : int32 -> string
val ml642int : int64 -> string
val ml2float : float -> string
val ml2enum : string -> string
+val ml2renum : dbd -> string -> string
val ml2set : string list -> string
+val ml2rset : dbd -> string list -> string
val ml2datetime : int * int * int * int * int * int -> string
val ml2datetimel : year:int -> month:int -> day:int -> hour:int -> min:int -> sec:int -> string
val ml2date : int * int * int -> string
diff -ur ocaml-mysql-1.0.4.orig/mysql_stubs.c ocaml-mysql-1.0.4/mysql_stubs.c
--- ocaml-mysql-1.0.4.orig/mysql_stubs.c 2006-02-23 23:12:36.000000000 +0000
+++ ocaml-mysql-1.0.4/mysql_stubs.c 2009-10-16 11:42:08.076508492 +0100
@@ -472,6 +472,33 @@
CAMLreturn(res);
}
+EXTERNAL value
+db_real_escape(value dbd, value str)
+{
+ CAMLparam2(dbd, str);
+ char *s;
+ char *buf;
+ int len, esclen;
+ MYSQL *mysql;
+ CAMLlocal1(res);
+
+ check_dbd(dbd, "escape");
+ mysql = DBDmysql(dbd);
+
+ s = String_val(str);
+ len = string_length(str);
+ buf = (char*) stat_alloc(2*len+1);
+ caml_enter_blocking_section();
+ esclen = mysql_real_escape_string(mysql,buf,s,len);
+ caml_leave_blocking_section();
+
+ res = alloc_string(esclen);
+ memcpy(String_val(res), buf, esclen);
+ stat_free(buf);
+
+ CAMLreturn(res);
+}
+
/*
* db_size -- returns the size of the current result (number of rows).
*/