| dordnung |
03-31-2013 08:07 |
[SNIPPET] Escape a char from a String (With SQL support)
5 Attachment(s)
Escape a char from a String (With SQL support)
Because the stock to escape a string is only possible with a database handle and also limited on the used SQL driver, i write an little snippet to escape a char from a string. Also i added two methods to escape a string for MySQL and SQLite.
This can be also useful if you want to convert the database from a driver to another.
PHP Code:
/**
* Escapes a string from a char with a given escaper char
*
* @param input The string to escape
* @param escape Char to escape
* @param escaper Char to escape with
* @param output Output string to store escaped string
* @param maxlen Size of the output string
*
* @return Number of escaped chars
*/
stock EscapeString(String:input[], escape, escaper, String:output[], maxlen)
{
// Number of chars we escaped
new escaped = 0;
// Format output buffer to ""
Format(output, maxlen, "");
// For each char in the input string
for (new offset = 0; offset < strlen(input); offset++)
{
// Get char at the current position
new ch = input[offset];
// Found the escape or escaper char
if (ch == escape || ch == escaper)
{
// Escape the escape char with the escaper^^
Format(output, maxlen, "%s%c%c", output, escaper, ch);
// Increase numbers of chars we escaped
escaped++;
}
else
{
// Add other char to output buffer
Format(output, maxlen, "%s%c", output, ch);
}
}
// Return escaped chars
return escaped;
}
/**
* Escapes string's ' or " chars with MySQL rules. Escape char is the \ char
*
* @param input The string to escape
* @param output Output string to store escaped string
* @param maxlen Size of the output string
* @param escape True to escape ' char, false to escape " char
*
* @return Number of escaped chars
*/
stock EscapeStringMySQL(String:input[], String:output[], maxlen, bool:escape = true)
{
// Number of chars we escaped
new escaped = 0;
// Escape the ' char
if (escape)
{
escaped = EscapeString(input, '\'', '\\', output, maxlen);
}
// Escape the " char
else
{
escaped = EscapeString(input, '"', '\\', output, maxlen);
}
// Return escaped chars
return escaped;
}
/**
* Escapes string's ' or " chars with SQLite rules. Escape char is the ' or " char
*
* @param input The string to escape
* @param output Output string to store escaped string
* @param maxlen Size of the output string
* @param escape True to escape ' char, false to escape " char
*
* @return Number of escaped chars
*/
stock EscapeStringSQLite(String:input[], String:output[], maxlen, bool:escape = true)
{
// Number of chars we escaped
new escaped = 0;
// Escape the ' char
if (escape)
{
escaped = EscapeString(input, '\'', '\'', output, maxlen);
}
// Escape the " char
else
{
escaped = EscapeString(input, '"', '"', output, maxlen);
}
// Return escaped chars
return escaped;
}
Here is a little test:
PHP Code:
#include <sourcemod>
#include <stringescape>
public OnPluginStart()
{
// Just some strings to escape
new String:firstString[] = "This is a normal string";
new String:secondString[] = "Just use some ' chars, or more than one ' \'' '";
new String:thirdString[] = "Just a \" \" escape it the \".. stupid \\\"\\\\\"";
new String:fourthString[] = "We don't need the eeee, so escape them with a s";
// Just Escape
decl String:fourthOutput[sizeof(fourthString) * 2];
// Output buffers mysql, twice size should be enough
decl String:firstOutputMySQL[sizeof(firstString) * 2];
decl String:secondOutputMySQL[sizeof(secondString) * 2];
decl String:thirdOutputMySQL[sizeof(thirdString) * 2];
// Output buffers sqlite, twice size should be enough
decl String:firstOutputSQLite[sizeof(firstString) * 2];
decl String:secondOutputSQLite[sizeof(secondString) * 2];
decl String:thirdOutputSQLite[sizeof(thirdString) * 2];
// Just Escape
new escapedFourthChar = EscapeString(fourthString, 'e', 's', fourthOutput, sizeof(fourthOutput));
// Now escape them :) First for mysql
new escapedFirstCharMySQL = EscapeStringMySQL(firstString, firstOutputMySQL, sizeof(firstOutputMySQL));
new escapedSecondCharMySQL = EscapeStringMySQL(secondString, secondOutputMySQL, sizeof(secondOutputMySQL), true);
new escapedThirdCharMySQL = EscapeStringMySQL(thirdString, thirdOutputMySQL, sizeof(thirdOutputMySQL), false);
// Now for sqlite
new escapedFirstCharSQLite = EscapeStringSQLite(firstString, firstOutputSQLite, sizeof(firstOutputSQLite));
new escapedSecondCharSQLite = EscapeStringSQLite(secondString, secondOutputSQLite, sizeof(secondOutputSQLite), true);
new escapedThirdCharSQLite = EscapeStringSQLite(thirdString, thirdOutputSQLite, sizeof(thirdOutputSQLite), false);
// Print result of first string
PrintToServer("The first string '%s' is escaped for MySQL = '%s' (%i chars escaped) and for SQLite = '%s' (%i chars escaped)",
firstString, firstOutputMySQL, escapedFirstCharMySQL, firstOutputSQLite, escapedFirstCharSQLite);
// Print result of second string
PrintToServer("The second string '%s' is escaped for MySQL = '%s' (%i chars escaped) and for SQLite = '%s' (%i chars escaped)",
secondString, secondOutputMySQL, escapedSecondCharMySQL, secondOutputSQLite, escapedSecondCharSQLite);
// Print result of third string
PrintToServer("The third string '%s' is escaped for MySQL = '%s' (%i chars escaped) and for SQLite = '%s' (%i chars escaped)",
thirdString, thirdOutputMySQL, escapedThirdCharMySQL, thirdOutputSQLite, escapedThirdCharSQLite);
// Print result of fourth string
PrintToServer("The fourth string '%s' is escaped with 's' = '%s' (%i chars escaped)",
fourthString, fourthOutput, escapedFourthChar);
/*
Output:
The first string 'This is a normal string' is escaped
for MySQL = 'This is a normal string' (0 chars escaped) and for SQLite = 'This is a normal string' (0 chars escaped)
The second string 'Just use some ' chars, or more than one ' '' '' is escaped
for MySQL = 'Just use some \' chars, or more than one \' \'\' \'' (5 chars escaped) and for SQLite = 'Just use some '' chars, or more than one '' '''' ''' (5 chars escaped)
The third string 'Just a " " escape it the ".. stupid \"\\"' is escaped
for MySQL = 'Just a \" \" escape it the \".. stupid \\\"\\\\\"' (8 chars escaped) and for SQLite = 'Just a "" "" escape it the "".. stupid \""\\""' (5 chars escaped)
The fourth string 'We don't need the eeee, so escape them with a s' is escaped
with 's' = 'Wse don't nsesed thse sesesese, sso sesscapse thsem with a ss' (14 chars escaped)
*/
}
I hope it's useful for you. Have fun
greetz Popoklopsi
|
