← Back to branch summary

~drizzle-trunk/drizzle/development

« back to all changes in this revision

Viewing changes to plugin/auth_schema/module.cc

  • Committer: Daniel
  • Date: 2011-10-08 19:47:11 UTC
  • mto: This revision was merged to the branch mainline in revision 2437.
  • Revision ID: daniel@ubuntu-10-20111008194711-dp47vra0qzjm2o8x
Escape user in SQL statement to avoid SQL injection.  Verify auth table name.  Include auth query in error message.  Tweak formatting to match coding standards.

Show diffs side-by-side

added added

removed removed

Lines of Context:
plugin/auth_schema/module.cc
43
43
 
44
44
bool update_table(Session *, set_var *var)
45
45
{
46
 
  return auth_schema->setTable(var->value->str_value.ptr());
 
46
  if (not var->value->str_value.data())
 
47
  {
 
48
    errmsg_printf(error::ERROR, _("auth_schema table cannot be NULL"));
 
49
    return true; // error
 
50
  }
 
51
  const string table(var->value->str_value.data());
 
52
  return auth_schema->setTable(table);
47
53
}
48
54
 
49
55
static void init_options(module::option_context &context)
60
66
  const module::option_map &vm= context.getOptions();
61
67
 
62
68
  if (not vm["table"].as<string>().empty())
63
 
    auth_schema->setTable(vm["table"].as<string>().c_str());
 
69
    auth_schema->setTable(vm["table"].as<string>());
64
70
 
65
71
  context.add(auth_schema);
66
72