[asterisk-addons-commits] tilghman: branch 1.4 r466 - in /branches/1.4: ./ cdr_addon_mysql.c
SVN commits to the Asterisk addons project
asterisk-addons-commits at lists.digium.com
Tue Oct 16 18:09:27 CDT 2007
Author: tilghman
Date: Tue Oct 16 18:09:26 2007
New Revision: 466
URL: http://svn.digium.com/view/asterisk-addons?view=rev&rev=466
Log:
Merged revisions 465 via svnmerge from
https://origsvn.digium.com/svn/asterisk-addons/branches/1.2
........
r465 | tilghman | 2007-10-16 16:48:04 -0500 (Tue, 16 Oct 2007) | 2 lines
Escape all text-based fields for the insert (fixes AST-2007-023)
........
Modified:
branches/1.4/ (props changed)
branches/1.4/cdr_addon_mysql.c
Propchange: branches/1.4/
------------------------------------------------------------------------------
--- branch-1.2-merged (original)
+++ branch-1.2-merged Tue Oct 16 18:09:26 2007
@@ -1,1 +1,1 @@
-/branches/1.2:1-183,209,211,257-258,264,268-273,305-328,332-336,339-344,346-351,357,404
+/branches/1.2:1-183,209,211,257-258,264,268-273,305-328,332-336,339-344,346-351,357,404,465
Modified: branches/1.4/cdr_addon_mysql.c
URL: http://svn.digium.com/view/asterisk-addons/branches/1.4/cdr_addon_mysql.c?view=diff&rev=466&r1=465&r2=466
==============================================================================
--- branches/1.4/cdr_addon_mysql.c (original)
+++ branches/1.4/cdr_addon_mysql.c Tue Oct 16 18:09:26 2007
@@ -119,7 +119,7 @@
struct ast_module_user *u;
char *userfielddata = NULL;
char sqlcmd[2048], timestr[128];
- char *clid=NULL, *dcontext=NULL, *channel=NULL, *dstchannel=NULL, *lastapp=NULL, *lastdata=NULL;
+ char *clid=NULL, *dcontext=NULL, *channel=NULL, *dstchannel=NULL, *lastapp=NULL, *lastdata=NULL, *src=NULL, *dst=NULL, *accountcode=NULL;
int retries = 5;
#ifdef MYSQL_LOGUNIQUEID
char *uniqueid = NULL;
@@ -189,6 +189,12 @@
mysql_escape_string(lastapp, cdr->lastapp, strlen(cdr->lastapp));
if ((lastdata = alloca(strlen(cdr->lastdata) * 2 + 1)) != NULL)
mysql_escape_string(lastdata, cdr->lastdata, strlen(cdr->lastdata));
+ if ((src = alloca(strlen(cdr->src) * 2 + 1)) != NULL)
+ mysql_escape_string(src, cdr->src, strlen(cdr->src));
+ if ((dst = alloca(strlen(cdr->dst) * 2 + 1)) != NULL)
+ mysql_escape_string(dst, cdr->dst, strlen(cdr->dst));
+ if ((accountcode = alloca(strlen(cdr->accountcode) * 2 + 1)) != NULL)
+ mysql_escape_string(accountcode, cdr->accountcode, strlen(cdr->accountcode));
#ifdef MYSQL_LOGUNIQUEID
if ((uniqueid = alloca(strlen(cdr->uniqueid) * 2 + 1)) != NULL)
mysql_escape_string(uniqueid, cdr->uniqueid, strlen(cdr->uniqueid));
@@ -198,9 +204,9 @@
/* Check for all alloca failures above at once */
#ifdef MYSQL_LOGUNIQUEID
- if ((!clid) || (!dcontext) || (!channel) || (!dstchannel) || (!lastapp) || (!lastdata) || (!uniqueid)) {
+ if ((!clid) || (!dcontext) || (!channel) || (!dstchannel) || (!lastapp) || (!lastdata) || (!uniqueid) || !(src) || (!dst) || (!accountcode)) {
#else
- if ((!clid) || (!dcontext) || (!channel) || (!dstchannel) || (!lastapp) || (!lastdata)) {
+ if ((!clid) || (!dcontext) || (!channel) || (!dstchannel) || (!lastapp) || (!lastdata) || !(src) || (!dst) || (!accountcode)) {
#endif
ast_log(LOG_ERROR, "cdr_mysql: Out of memory error (insert fails)\n");
ast_mutex_unlock(&mysql_lock);
@@ -212,15 +218,15 @@
if (userfield && userfielddata) {
#ifdef MYSQL_LOGUNIQUEID
- sprintf(sqlcmd, "INSERT INTO %s (calldate,clid,src,dst,dcontext,channel,dstchannel,lastapp,lastdata,duration,billsec,disposition,amaflags,accountcode,uniqueid,userfield) VALUES ('%s','%s','%s','%s','%s', '%s','%s','%s','%s',%i,%i,'%s',%i,'%s','%s','%s')", dbtable, timestr, clid, cdr->src, cdr->dst, dcontext, channel, dstchannel, lastapp, lastdata, cdr->duration, cdr->billsec, ast_cdr_disp2str(cdr->disposition), cdr->amaflags, cdr->accountcode, uniqueid, userfielddata);
+ sprintf(sqlcmd, "INSERT INTO %s (calldate,clid,src,dst,dcontext,channel,dstchannel,lastapp,lastdata,duration,billsec,disposition,amaflags,accountcode,uniqueid,userfield) VALUES ('%s','%s','%s','%s','%s', '%s','%s','%s','%s',%i,%i,'%s',%i,'%s','%s','%s')", dbtable, timestr, clid, src, dst, dcontext, channel, dstchannel, lastapp, lastdata, cdr->duration, cdr->billsec, ast_cdr_disp2str(cdr->disposition), cdr->amaflags, accountcode, uniqueid, userfielddata);
#else
- sprintf(sqlcmd, "INSERT INTO %s (calldate,clid,src,dst,dcontext,channel,dstchannel,lastapp,lastdata,duration,billsec,disposition,amaflags,accountcode,userfield) VALUES ('%s','%s','%s','%s','%s', '%s','%s','%s','%s',%i,%i,'%s',%i,'%s','%s')", dbtable, timestr, clid, cdr->src, cdr->dst, dcontext,channel, dstchannel, lastapp, lastdata, cdr->duration, cdr->billsec, ast_cdr_disp2str(cdr->disposition), cdr->amaflags, cdr->accountcode, userfielddata);
+ sprintf(sqlcmd, "INSERT INTO %s (calldate,clid,src,dst,dcontext,channel,dstchannel,lastapp,lastdata,duration,billsec,disposition,amaflags,accountcode,userfield) VALUES ('%s','%s','%s','%s','%s', '%s','%s','%s','%s',%i,%i,'%s',%i,'%s','%s')", dbtable, timestr, clid, src, dst, dcontext, channel, dstchannel, lastapp, lastdata, cdr->duration, cdr->billsec, ast_cdr_disp2str(cdr->disposition), cdr->amaflags, accountcode, userfielddata);
#endif
} else {
#ifdef MYSQL_LOGUNIQUEID
- sprintf(sqlcmd, "INSERT INTO %s (calldate,clid,src,dst,dcontext,channel,dstchannel,lastapp,lastdata,duration,billsec,disposition,amaflags,accountcode,uniqueid) VALUES ('%s','%s','%s','%s','%s', '%s','%s','%s','%s',%i,%i,'%s',%i,'%s','%s')", dbtable, timestr, clid, cdr->src, cdr->dst, dcontext,channel, dstchannel, lastapp, lastdata, cdr->duration, cdr->billsec, ast_cdr_disp2str(cdr->disposition), cdr->amaflags, cdr->accountcode, uniqueid);
+ sprintf(sqlcmd, "INSERT INTO %s (calldate,clid,src,dst,dcontext,channel,dstchannel,lastapp,lastdata,duration,billsec,disposition,amaflags,accountcode,uniqueid) VALUES ('%s','%s','%s','%s','%s', '%s','%s','%s','%s',%i,%i,'%s',%i,'%s','%s')", dbtable, timestr, clid, src, dst, dcontext, channel, dstchannel, lastapp, lastdata, cdr->duration, cdr->billsec, ast_cdr_disp2str(cdr->disposition), cdr->amaflags, accountcode, uniqueid);
#else
- sprintf(sqlcmd, "INSERT INTO %s (calldate,clid,src,dst,dcontext,channel,dstchannel,lastapp,lastdata,duration,billsec,disposition,amaflags,accountcode) VALUES ('%s','%s','%s','%s','%s', '%s','%s','%s','%s',%i,%i,'%s',%i,'%s')", dbtable, timestr, clid, cdr->src, cdr->dst, dcontext, channel, dstchannel, lastapp, lastdata, cdr->duration, cdr->billsec, ast_cdr_disp2str(cdr->disposition), cdr->amaflags, cdr->accountcode);
+ sprintf(sqlcmd, "INSERT INTO %s (calldate,clid,src,dst,dcontext,channel,dstchannel,lastapp,lastdata,duration,billsec,disposition,amaflags,accountcode) VALUES ('%s','%s','%s','%s','%s', '%s','%s','%s','%s',%i,%i,'%s',%i,'%s')", dbtable, timestr, clid, src, dst, dcontext, channel, dstchannel, lastapp, lastdata, cdr->duration, cdr->billsec, ast_cdr_disp2str(cdr->disposition), cdr->amaflags, accountcode);
#endif
}
More information about the asterisk-addons-commits
mailing list