On Sat, Sep 01, 2001 at 10:52:04PM +0200, Artovil wrote:
>At 16:46 2001-09-01 -0400, you wrote:
>>Did you bother with mysql_escape()?
>>
>> >I don't know how to do it properly.
>>
>>see the texinfo on that function.
>
>Well, I just assumed that those functions where called through the API and
>the MySQL server, which could slow them down a little depending on the load
>on the MySQL server, especially if I escaped a lot of string at the same
>time, am I right? That is why I wanted to make my own. That would be
>better, server load-wise, as well as performance-wise for the mud server,
>am I right?
That's a library call, not an action taken by the sql server.
The worst part of it is the size of the destination buffer, which if
you're doing one large write as I do for the playerfiles, can, I suppose
be somewhat large. (strlen(in_buf) * 2 + 1) to be exact.
I did something like (pseudo-mailer-code-from-memory)
(this define's just to save me some typing)
#define sql_esc(from, to) if(from) mysql_real_escape_string( \
&mysql, to, from, strlen(from)); else to[0] = '\0';
char *query, *esc_targ1, *esc_targ2;
esc_targ1 = (char *)malloc(strlen(var1)*2+1);
sql_esc(var1, esc_targ1);
esc_targ2 = (char *)malloc(strlen(var2)*2+1);
sql_esc(var2, esc_targ2);
asprintf(query, "(the whole format string for the query)",
var1, var2, var3, esc_targ1, esc_targ2);
(of course they go where apropriate).
free(esc_targ1); free(esc_targ2);
the only load on the server comes when you actually perform the
mysql_real_query() command.
-me
--
+---------------------------------------------------------------+
| FAQ: http://qsilver.queensu.ca/~fletchra/Circle/list-faq.html |
| Archives: http://post.queensu.ca/listserv/wwwarch/circle.html |
+---------------------------------------------------------------+
This archive was generated by hypermail 2b30 : 12/06/01 PST