diff --git a/mysql-dbadm.c b/mysql-dbadm.c index 5a19fe1..1efe856 100644 --- a/mysql-dbadm.c +++ b/mysql-dbadm.c @@ -1,5 +1,5 @@ /* - * @(#) $Header: /tmp/cvs/mysql-admutils/mysql-dbadm.c,v 1.13 2005-06-27 10:13:01 knuta Exp $ + * @(#) $Header: /tmp/cvs/mysql-admutils/mysql-dbadm.c,v 1.14 2006-07-05 09:00:52 andersmo Exp $ * * mysql-dbadm.c * @@ -18,6 +18,18 @@ #include #include "mysql-admutils.h" +/* New database names may only use these characters in their identifier */ +const char dbname_validchars[] = + "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-"; + +/* Returns true if dbname contains only characters in dbname_validchars. */ +int dbname_isclean(char* dbname) { + int reallen, cleanlen; + reallen = strlen(dbname); + cleanlen = strspn(dbname, dbname_validchars); + return (reallen == cleanlen); +} + char * strchr_whitespace(const char *s) { @@ -500,7 +512,13 @@ main(int argc, char *argv[]) switch (command) { case c_create: - create(&mysql, db); + // We only check newly created databases. Many old ("unclean") databases are still in use. + if(dbname_isclean(db)) { + create(&mysql, db); + } else { + dberror(NULL, "Database name '%s' contains invalid characters.\n" + "Only A-Z, a-z, 0-9, _ (underscore) and - (dash) permitted. Skipping.", db); + } break; case c_drop: drop(&mysql, db);