diff options
author | Ondřej Surý <ondrej@sury.org> | 2013-10-27 20:38:12 +0100 |
---|---|---|
committer | Ondřej Surý <ondrej@sury.org> | 2013-10-27 20:38:12 +0100 |
commit | 749e5ad39dbac3f4f62be438367f8cdf90056815 (patch) | |
tree | ad0677df3bf44a6761380686e400ffd878585288 /ext/pgsql/pgsql.c | |
parent | 4ed39205864f58ba7c368e4ae1362d8214469fd9 (diff) | |
download | php-749e5ad39dbac3f4f62be438367f8cdf90056815.tar.gz |
New upstream version 5.4.21upstream/5.4.21
Diffstat (limited to 'ext/pgsql/pgsql.c')
-rw-r--r-- | ext/pgsql/pgsql.c | 323 |
1 files changed, 273 insertions, 50 deletions
diff --git a/ext/pgsql/pgsql.c b/ext/pgsql/pgsql.c index d01dda603..f4c4cb37e 100644 --- a/ext/pgsql/pgsql.c +++ b/ext/pgsql/pgsql.c @@ -63,6 +63,7 @@ #define PGSQL_MAX_LENGTH_OF_LONG 30 #define PGSQL_MAX_LENGTH_OF_DOUBLE 60 +#if LONG_MAX < UINT_MAX #define PGSQL_RETURN_OID(oid) do { \ if (oid > LONG_MAX) { \ smart_str s = {0}; \ @@ -72,7 +73,9 @@ } \ RETURN_LONG((long)oid); \ } while(0) - +#else +#define PGSQL_RETURN_OID(oid) (RETURN_LONG((long)oid)) +#endif #if HAVE_PQSETNONBLOCKING #define PQ_SETNONBLOCKING(pg_link, flag) PQsetnonblocking(pg_link, flag) @@ -914,6 +917,82 @@ static void _free_result(zend_rsrc_list_entry *rsrc TSRMLS_DC) } /* }}} */ + +static int _php_pgsql_detect_identifier_escape(const char *identifier, size_t len) +{ + size_t i; + + /* Handle edge case. Cannot be a escaped string */ + if (len <= 2) { + return FAILURE; + } + /* Detect double qoutes */ + if (identifier[0] == '"' && identifier[len-1] == '"') { + /* Detect wrong format of " inside of escaped string */ + for (i = 1; i < len-1; i++) { + if (identifier[i] == '"' && (identifier[++i] != '"' || i == len-1)) { + return FAILURE; + } + } + } else { + return FAILURE; + } + /* Escaped properly */ + return SUCCESS; +} + +#if !HAVE_PQESCAPELITERAL +/* {{{ _php_pgsql_escape_identifier + * Since PQescapeIdentifier() is unavailable (PostgreSQL 9.0 <), idenfifers + * should be escaped by pgsql module. + * Note: this function does not care for encoding. Therefore users should not + * use this with SJIS/BIG5 etc. (i.e. Encoding base injection may possible with + * before PostgreSQL 9.0) + */ +static char *_php_pgsql_escape_identifier(const char *field, size_t field_len) +{ + ulong field_escaped_len = field_len*2 + 3; + ulong i, j = 0; + char *field_escaped; + + field_escaped = (char *)malloc(field_escaped_len); + field_escaped[j++] = '"'; + for (i = 0; i < field_len; i++) { + if (field[i] == '"') { + field_escaped[j++] = '"'; + field_escaped[j++] = '"'; + } else { + field_escaped[j++] = field[i]; + } + } + field_escaped[j++] = '"'; + field_escaped[j] = '\0'; + return field_escaped; +} +/* }}} */ +#endif + +/* {{{ _php_pgsql_strndup, no strndup should be used */ +static char *_php_pgsql_strndup(const char *s, size_t len) +{ + char *new; + + if (NULL == s) { + return (char *)NULL; + } + + new = (char *) malloc(len + 1); + + if (NULL == new) { + return (char *)NULL; + } + + new[len] = '\0'; + + return memmove(new, s, len); +} +/* }}} */ + /* {{{ PHP_INI */ PHP_INI_BEGIN() @@ -4076,7 +4155,7 @@ PHP_FUNCTION(pg_escape_bytea) #ifdef HAVE_PQESCAPE_BYTEA_CONN if (pgsql_link != NULL || id != -1) { ZEND_FETCH_RESOURCE2(pgsql, PGconn *, &pgsql_link, id, "PostgreSQL link", le_link, le_plink); - to = (char *)PQescapeByteaConn(pgsql, from, (size_t)from_len, &to_len); + to = (char *)PQescapeByteaConn(pgsql, (unsigned char *)from, (size_t)from_len, &to_len); } else #endif to = (char *)PQescapeBytea((unsigned char*)from, from_len, &to_len); @@ -4270,10 +4349,9 @@ static char* php_pgsql_PQescapeInternal(PGconn *conn, const char *str, size_t le #endif static void php_pgsql_escape_internal(INTERNAL_FUNCTION_PARAMETERS, int escape_literal) { - char *from = NULL, *to = NULL, *tmp = NULL; + char *from = NULL, *to = NULL; zval *pgsql_link = NULL; PGconn *pgsql; - int to_len; int from_len; int id = -1; @@ -4294,26 +4372,32 @@ static void php_pgsql_escape_internal(INTERNAL_FUNCTION_PARAMETERS, int escape_l } if (pgsql_link == NULL && id == -1) { + php_error_docref(NULL TSRMLS_CC, E_WARNING,"Cannot get default pgsql link"); RETURN_FALSE; } ZEND_FETCH_RESOURCE2(pgsql, PGconn *, &pgsql_link, id, "PostgreSQL link", le_link, le_plink); if (pgsql == NULL) { - php_error_docref(NULL TSRMLS_CC, E_WARNING,"Cannot get default pgsql link"); + php_error_docref(NULL TSRMLS_CC, E_WARNING,"Cannot get pgsql link"); RETURN_FALSE; } #ifdef HAVE_PQESCAPELITERAL - if (escape_literal) { - tmp = PQescapeLiteral(pgsql, from, (size_t)from_len); - } else { - tmp = PQescapeIdentifier(pgsql, from, (size_t)from_len); - } - if (!tmp) { - php_error_docref(NULL TSRMLS_CC, E_WARNING,"Failed to escape"); - RETURN_FALSE; + /* Use a block with a local var to avoid unused variable warnings */ + { + char *tmp; + + if (escape_literal) { + tmp = PQescapeLiteral(pgsql, from, (size_t)from_len); + } else { + tmp = PQescapeIdentifier(pgsql, from, (size_t)from_len); + } + if (!tmp) { + php_error_docref(NULL TSRMLS_CC, E_WARNING,"Failed to escape"); + RETURN_FALSE; + } + to = estrdup(tmp); + PQfreemem(tmp); } - to = estrdup(tmp); - PQfreemem(tmp); #else to = php_pgsql_PQescapeInternal(pgsql, from, (size_t)from_len, escape_literal); if (!to) { @@ -4573,6 +4657,7 @@ PHP_FUNCTION(pg_send_query) PGconn *pgsql; PGresult *res; int leftover = 0; + int ret; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rs", &pgsql_link, &query, &len) == FAILURE) { @@ -4600,6 +4685,14 @@ PHP_FUNCTION(pg_send_query) RETURN_FALSE; } } + /* Wait to finish sending buffer */ + while ((ret = PQflush(pgsql))) { + if (ret == -1) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Could not empty PostgreSQL send buffer"); + break; + } + usleep(10000); + } if (PQ_SETNONBLOCKING(pgsql, 0)) { php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Cannot set connection to blocking mode"); } @@ -4620,6 +4713,7 @@ PHP_FUNCTION(pg_send_query_params) PGconn *pgsql; PGresult *res; int leftover = 0; + int ret; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rsa/", &pgsql_link, &query, &query_len, &pv_param_arr) == FAILURE) { return; @@ -4686,6 +4780,14 @@ PHP_FUNCTION(pg_send_query_params) } } _php_pgsql_free_params(params, num_params); + /* Wait to finish sending buffer */ + while ((ret = PQflush(pgsql))) { + if (ret == -1) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Could not empty PostgreSQL send buffer"); + break; + } + usleep(10000); + } if (PQ_SETNONBLOCKING(pgsql, 0)) { php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Cannot set connection to blocking mode"); } @@ -4705,6 +4807,7 @@ PHP_FUNCTION(pg_send_prepare) PGconn *pgsql; PGresult *res; int leftover = 0; + int ret; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rss", &pgsql_link, &stmtname, &stmtname_len, &query, &query_len) == FAILURE) { return; @@ -4735,6 +4838,14 @@ PHP_FUNCTION(pg_send_prepare) RETURN_FALSE; } } + /* Wait to finish sending buffer */ + while ((ret = PQflush(pgsql))) { + if (ret == -1) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Could not empty postgres send buffer"); + break; + } + usleep(10000); + } if (PQ_SETNONBLOCKING(pgsql, 0)) { php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Cannot set connection to blocking mode"); } @@ -4757,6 +4868,7 @@ PHP_FUNCTION(pg_send_execute) PGconn *pgsql; PGresult *res; int leftover = 0; + int ret; if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "rsa", &pgsql_link, &stmtname, &stmtname_len, &pv_param_arr) == FAILURE) { return; @@ -4823,6 +4935,14 @@ PHP_FUNCTION(pg_send_execute) } } _php_pgsql_free_params(params, num_params); + /* Wait to finish sending buffer */ + while ((ret = PQflush(pgsql))) { + if (ret == -1) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Could not empty postgres send buffer"); + break; + } + usleep(10000); + } if (PQ_SETNONBLOCKING(pgsql, 0)) { php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Cannot set connection to blocking mode"); } @@ -4978,8 +5098,9 @@ PHP_PGSQL_API int php_pgsql_meta_data(PGconn *pg_link, const char *table_name, z { PGresult *pg_result; char *src, *tmp_name, *tmp_name2 = NULL; + char *escaped; smart_str querystr = {0}; - int new_len; + size_t new_len; int i, num_rows; zval *elem; @@ -4998,23 +5119,36 @@ PHP_PGSQL_API int php_pgsql_meta_data(PGconn *pg_link, const char *table_name, z } smart_str_appends(&querystr, - "SELECT a.attname, a.attnum, t.typname, a.attlen, a.attnotNULL, a.atthasdef, a.attndims " + "SELECT a.attname, a.attnum, t.typname, a.attlen, a.attnotnull, a.atthasdef, a.attndims, t.typtype = 'e' " "FROM pg_class as c, pg_attribute a, pg_type t, pg_namespace n " "WHERE a.attnum > 0 AND a.attrelid = c.oid AND c.relname = '"); - tmp_name2 = php_addslashes(tmp_name2, strlen(tmp_name2), &new_len, 0 TSRMLS_CC); - smart_str_appendl(&querystr, tmp_name2, new_len); - + escaped = (char *)safe_emalloc(strlen(tmp_name2), 2, 1); +#if HAVE_PQESCAPE_CONN + new_len = PQescapeStringConn(pg_link, escaped, tmp_name2, strlen(tmp_name2), NULL); +#else + new_len = PQescapeString(escaped, tmp_name2, strlen(tmp_name2)); +#endif + if (new_len) { + smart_str_appends(&querystr, escaped); + } + efree(escaped); + smart_str_appends(&querystr, "' AND c.relnamespace = n.oid AND n.nspname = '"); - tmp_name = php_addslashes(tmp_name, strlen(tmp_name), &new_len, 0 TSRMLS_CC); - smart_str_appendl(&querystr, tmp_name, new_len); + escaped = (char *)safe_emalloc(strlen(tmp_name), 2, 1); +#if HAVE_PQESCAPE_CONN + new_len = PQescapeStringConn(pg_link, escaped, tmp_name, strlen(tmp_name), NULL); +#else + new_len = PQescapeString(escaped, tmp_name, strlen(tmp_name)); +#endif + if (new_len) { + smart_str_appends(&querystr, escaped); + } + efree(escaped); smart_str_appends(&querystr, "' AND a.atttypid = t.oid ORDER BY a.attnum;"); smart_str_0(&querystr); - - efree(tmp_name2); - efree(tmp_name); - efree(src); - + efree(src); + pg_result = PQexec(pg_link, querystr.c); if (PQresultStatus(pg_result) != PGRES_TUPLES_OK || (num_rows = PQntuples(pg_result)) == 0) { php_error_docref(NULL TSRMLS_CC, E_WARNING, "Table '%s' doesn't exists", table_name); @@ -5044,6 +5178,12 @@ PHP_PGSQL_API int php_pgsql_meta_data(PGconn *pg_link, const char *table_name, z add_assoc_bool(elem, "has default", 0); } add_assoc_long(elem, "array dims", atoi(PQgetvalue(pg_result,i,6))); + if (!strcmp(PQgetvalue(pg_result,i,7), "t")) { + add_assoc_bool(elem, "is enum", 1); + } + else { + add_assoc_bool(elem, "is enum", 0); + } name = PQgetvalue(pg_result,i,0); add_assoc_zval(meta, name, elem); } @@ -5077,7 +5217,18 @@ PHP_FUNCTION(pg_meta_data) zval_dtor(return_value); /* destroy array */ RETURN_FALSE; } -} + else { + HashPosition pos; + zval **val; + + for (zend_hash_internal_pointer_reset_ex(Z_ARRVAL_P(return_value), &pos); + zend_hash_get_current_data_ex(Z_ARRVAL_P(return_value), (void **)&val, &pos) == SUCCESS; + zend_hash_move_forward_ex(Z_ARRVAL_P(return_value), &pos)) { + /* delete newly added entry, in order to keep BC */ + zend_hash_del_key_or_index(Z_ARRVAL_PP(val), "is enum", sizeof("is enum"), 0, HASH_DEL_KEY); + } + } +} /* }}} */ /* {{{ php_pgsql_get_data_type @@ -5220,6 +5371,7 @@ static int php_pgsql_add_quotes(zval *src, zend_bool should_free TSRMLS_DC) assert(Z_TYPE_P(src) == IS_STRING); assert(should_free == 1 || should_free == 0); + smart_str_appendc(&str, 'E'); smart_str_appendc(&str, '\''); smart_str_appendl(&str, Z_STRVAL_P(src), Z_STRLEN_P(src)); smart_str_appendc(&str, '\''); @@ -5259,8 +5411,9 @@ PHP_PGSQL_API int php_pgsql_convert(PGconn *pg_link, const char *table_name, con char *field = NULL; uint field_len = -1; ulong num_idx = -1; - zval *meta, **def, **type, **not_null, **has_default, **val, *new_val; - int new_len, key_type, err = 0, skip_field; + zval *meta, **def, **type, **not_null, **has_default, **is_enum, **val, *new_val; + int key_type, err = 0, skip_field; + php_pgsql_data_type data_type; assert(pg_link != NULL); assert(Z_TYPE_P(values) == IS_ARRAY); @@ -5272,6 +5425,8 @@ PHP_PGSQL_API int php_pgsql_convert(PGconn *pg_link, const char *table_name, con } MAKE_STD_ZVAL(meta); array_init(meta); + +/* table_name is escaped by php_pgsql_meta_data */ if (php_pgsql_meta_data(pg_link, table_name, meta TSRMLS_CC) == FAILURE) { zval_dtor(meta); FREE_ZVAL(meta); @@ -5311,17 +5466,30 @@ PHP_PGSQL_API int php_pgsql_convert(PGconn *pg_link, const char *table_name, con php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Detected broken meta data. Missing 'has default'"); err = 1; } + if (!err && zend_hash_find(Z_ARRVAL_PP(def), "is enum", sizeof("is enum"), (void **)&is_enum) == FAILURE) { + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Detected broken meta data. Missing 'is enum'"); + err = 1; + } if (!err && (Z_TYPE_PP(val) == IS_ARRAY || Z_TYPE_PP(val) == IS_OBJECT || Z_TYPE_PP(val) == IS_CONSTANT_ARRAY)) { - php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Expects scaler values as field values"); + php_error_docref(NULL TSRMLS_CC, E_NOTICE, "Expects scalar values as field values"); err = 1; } if (err) { break; /* break out for() */ } ALLOC_INIT_ZVAL(new_val); - switch(php_pgsql_get_data_type(Z_STRVAL_PP(type), Z_STRLEN_PP(type))) + + if (Z_BVAL_PP(is_enum)) { + /* enums need to be treated like strings */ + data_type = PG_TEXT; + } + else { + data_type = php_pgsql_get_data_type(Z_STRVAL_PP(type), Z_STRLEN_PP(type)); + } + + switch(data_type) { case PG_BOOL: switch (Z_TYPE_PP(val)) { @@ -5471,15 +5639,15 @@ PHP_PGSQL_API int php_pgsql_convert(PGconn *pg_link, const char *table_name, con } else { Z_TYPE_P(new_val) = IS_STRING; -#if HAVE_PQESCAPE +#if HAVE_PQESCAPE_CONN { char *tmp; - tmp = (char *)safe_emalloc(Z_STRLEN_PP(val), 2, 1); - Z_STRLEN_P(new_val) = (int)PQescapeString(tmp, Z_STRVAL_PP(val), Z_STRLEN_PP(val)); + tmp = (char *)safe_emalloc(Z_STRLEN_PP(val), 2, 1); + Z_STRLEN_P(new_val) = (int)PQescapeStringConn(pg_link, tmp, Z_STRVAL_PP(val), Z_STRLEN_PP(val), NULL); Z_STRVAL_P(new_val) = tmp; } #else - Z_STRVAL_P(new_val) = php_addslashes(Z_STRVAL_PP(val), Z_STRLEN_PP(val), &Z_STRLEN_P(new_val), 0 TSRMLS_CC); + Z_STRVAL_P(new_val) = (int)PQescapeString(Z_STRVAL_PP(val), Z_STRLEN_PP(val), &Z_STRLEN_P(new_val), 0 TSRMLS_CC); #endif php_pgsql_add_quotes(new_val, 1 TSRMLS_CC); } @@ -5765,10 +5933,11 @@ PHP_PGSQL_API int php_pgsql_convert(PGconn *pg_link, const char *table_name, con else { unsigned char *tmp; size_t to_len; + smart_str s = {0}; #ifdef HAVE_PQESCAPE_BYTEA_CONN - tmp = PQescapeByteaConn(pg_link, Z_STRVAL_PP(val), Z_STRLEN_PP(val), &to_len); + tmp = PQescapeByteaConn(pg_link, (unsigned char *)Z_STRVAL_PP(val), Z_STRLEN_PP(val), &to_len); #else - tmp = PQescapeBytea(Z_STRVAL_PP(val), Z_STRLEN_PP(val), &to_len); + tmp = PQescapeBytea(Z_STRVAL_PP(val), (unsigned char *)Z_STRLEN_PP(val), &to_len); #endif Z_TYPE_P(new_val) = IS_STRING; Z_STRLEN_P(new_val) = to_len-1; /* PQescapeBytea's to_len includes additional '\0' */ @@ -5776,7 +5945,11 @@ PHP_PGSQL_API int php_pgsql_convert(PGconn *pg_link, const char *table_name, con memcpy(Z_STRVAL_P(new_val), tmp, to_len); PQfreemem(tmp); php_pgsql_add_quotes(new_val, 1 TSRMLS_CC); - + smart_str_appendl(&s, Z_STRVAL_P(new_val), Z_STRLEN_P(new_val)); + smart_str_0(&s); + efree(Z_STRVAL_P(new_val)); + Z_STRVAL_P(new_val) = s.c; + Z_STRLEN_P(new_val) = s.len; } break; @@ -5861,11 +6034,22 @@ PHP_PGSQL_API int php_pgsql_convert(PGconn *pg_link, const char *table_name, con FREE_ZVAL(new_val); break; /* break out for() */ } + /* If field is NULL and HAS DEFAULT, should be skipped */ if (!skip_field) { - /* If field is NULL and HAS DEFAULT, should be skipped */ - field = php_addslashes(field, strlen(field), &new_len, 0 TSRMLS_CC); - add_assoc_zval(result, field, new_val); - efree(field); + char *escaped; + size_t field_len = strlen(field); + + if (_php_pgsql_detect_identifier_escape(field, field_len) == SUCCESS) { + escaped = _php_pgsql_strndup(field, field_len); + } else { +#if HAVE_PQESCAPELITERAL + escaped = PQescapeIdentifier(pg_link, field, field_len); +#else + escaped = _php_pgsql_escape_identifier(field, field_len); +#endif + } + add_assoc_zval(result, escaped, new_val); + free(escaped); } } /* for */ zval_dtor(meta); @@ -5940,6 +6124,45 @@ static int do_exec(smart_str *querystr, int expect, PGconn *pg_link, ulong opt T return -1; } +static inline void build_tablename(smart_str *querystr, PGconn *pg_link, const char *table) +{ + char *table_copy, *escaped, *token, *tmp; + size_t len; + + /* schame.table should be "schame"."table" */ + table_copy = estrdup(table); + token = php_strtok_r(table_copy, ".", &tmp); + len = strlen(token); + if (_php_pgsql_detect_identifier_escape(token, len) == SUCCESS) { + escaped = _php_pgsql_strndup(token, len); + } else { +#if HAVE_PQESCAPELITERAL + escaped = PQescapeIdentifier(pg_link, token, len); +#else + escaped = _php_pgsql_escape_identifier(token, len); +#endif + } + smart_str_appends(querystr, escaped); + free(escaped); + if (tmp && *tmp) { + len = strlen(tmp); + /* "schema"."table" format */ + if (_php_pgsql_detect_identifier_escape(tmp, len) == SUCCESS) { + escaped = _php_pgsql_strndup(tmp, len); + } else { +#if HAVE_PQESCAPELITERAL + escaped = PQescapeIdentifier(pg_link, tmp, len); +#else + escaped = _php_pgsql_escape_identifier(tmp, len); +#endif + } + smart_str_appendc(querystr, '.'); + smart_str_appends(querystr, escaped); + free(escaped); + } + efree(table_copy); +} + /* {{{ php_pgsql_insert */ PHP_PGSQL_API int php_pgsql_insert(PGconn *pg_link, const char *table, zval *var_array, ulong opt, char **sql TSRMLS_DC) @@ -5959,7 +6182,7 @@ PHP_PGSQL_API int php_pgsql_insert(PGconn *pg_link, const char *table, zval *var if (zend_hash_num_elements(Z_ARRVAL_P(var_array)) == 0) { smart_str_appends(&querystr, "INSERT INTO "); - smart_str_appends(&querystr, table); + build_tablename(&querystr, pg_link, table); smart_str_appends(&querystr, " DEFAULT VALUES"); goto no_values; @@ -5974,11 +6197,11 @@ PHP_PGSQL_API int php_pgsql_insert(PGconn *pg_link, const char *table, zval *var } var_array = converted; } - + smart_str_appends(&querystr, "INSERT INTO "); - smart_str_appends(&querystr, table); + build_tablename(&querystr, pg_link, table); smart_str_appends(&querystr, " ("); - + zend_hash_internal_pointer_reset_ex(Z_ARRVAL_P(var_array), &pos); while ((key_type = zend_hash_get_current_key_ex(Z_ARRVAL_P(var_array), &fld, &fld_len, &num_idx, 0, &pos)) != HASH_KEY_NON_EXISTANT) { @@ -6165,7 +6388,7 @@ PHP_PGSQL_API int php_pgsql_update(PGconn *pg_link, const char *table, zval *var } smart_str_appends(&querystr, "UPDATE "); - smart_str_appends(&querystr, table); + build_tablename(&querystr, pg_link, table); smart_str_appends(&querystr, " SET "); if (build_assignment_string(&querystr, Z_ARRVAL_P(var_array), 0, ",", 1 TSRMLS_CC)) @@ -6266,7 +6489,7 @@ PHP_PGSQL_API int php_pgsql_delete(PGconn *pg_link, const char *table, zval *ids } smart_str_appends(&querystr, "DELETE FROM "); - smart_str_appends(&querystr, table); + build_tablename(&querystr, pg_link, table); smart_str_appends(&querystr, " WHERE "); if (build_assignment_string(&querystr, Z_ARRVAL_P(ids_array), 1, " AND ", sizeof(" AND ")-1 TSRMLS_CC)) @@ -6402,7 +6625,7 @@ PHP_PGSQL_API int php_pgsql_select(PGconn *pg_link, const char *table, zval *ids } smart_str_appends(&querystr, "SELECT * FROM "); - smart_str_appends(&querystr, table); + build_tablename(&querystr, pg_link, table); smart_str_appends(&querystr, " WHERE "); if (build_assignment_string(&querystr, Z_ARRVAL_P(ids_array), 1, " AND ", sizeof(" AND ")-1 TSRMLS_CC)) |