[asterisk-dev] cdr_addon_mysql.c backticks
Philipp Kempgen
philipp.kempgen at amooma.de
Wed Oct 17 11:08:51 CDT 2007
sprintf(sqlcmd, "INSERT INTO %s (calldate,clid,src,dst, [...]
It would be slightly better to enclose the table name in backticks
or else if someone wants to use a reserved word as the table name
the query would fail.
sprintf(sqlcmd, "INSERT INTO `%s` (calldate,clid,src,dst, [...]
(see http://dev.mysql.com/doc/refman/5.1/en/identifiers.html)
One could even do it for the column names just to be on the
safe side, but that is optional as none of the identifiers
is a reserved word in SQL (/MySQL's SQL) currently.
Regards,
Philipp Kempgen
--
amooma GmbH - Bachstr. 126 - 56566 Neuwied - http://www.amooma.de
Let's use IT to solve problems and not to create new ones.
Asterisk? -> http://www.das-asterisk-buch.de
Geschäftsführer: Stefan Wintermeyer
Handelsregister: Neuwied B 14998
More information about the asterisk-dev
mailing list