John Hansen <[EMAIL PROTECTED]> said:
>> The query string is allocated, strings escaped, parameters replaced:
>
> add to that:
>
> dbresult *dbquery(char *query, void *params, void *paramtypes)
> {
> if (backend_has_binary)
> binary_db_query(query,params,paramtypes);
> else
> text_db_query(query,params,paramtypes)
> }
>
> use ? as placeholders... replace them with the backend specific
> placeholders for the binary protocols, and with properly escaped
> parameters for the plaintext protocols.
It's not binary safe yet, but I figure the next big step is to use gchar's
throughout the application, which are a struct with a char * and a size_t
inside. In the mean time, we don't allow nul's to come in over the wire.
Aaron
--
