From 2191acfd7876c917de0ce3657a01e391bfac5f7b Mon Sep 17 00:00:00 2001 From: Anders Morken Date: Wed, 5 Jul 2006 09:00:52 +0000 Subject: [PATCH] =?UTF-8?q?La=20inn=20ein=20argumentsjekk=20av=20databasen?= =?UTF-8?q?amn=20n=C3=A5r=20vi=20lagar=20databaser.=20Det=20er=20masse=20c?= =?UTF-8?q?ruft=20i=20databasekatalogen=20til=20mysql.stud=20-=20databasen?= =?UTF-8?q?amn=20med=20space,=20newline,=20osv...=20=3D)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- mysql-dbadm.c | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/mysql-dbadm.c b/mysql-dbadm.c index 5a19fe1..1efe856 100644 --- a/mysql-dbadm.c +++ b/mysql-dbadm.c @@ -1,5 +1,5 @@ /* - * @(#) $Header: /tmp/cvs/mysql-admutils/mysql-dbadm.c,v 1.13 2005-06-27 10:13:01 knuta Exp $ + * @(#) $Header: /tmp/cvs/mysql-admutils/mysql-dbadm.c,v 1.14 2006-07-05 09:00:52 andersmo Exp $ * * mysql-dbadm.c * @@ -18,6 +18,18 @@ #include #include "mysql-admutils.h" +/* New database names may only use these characters in their identifier */ +const char dbname_validchars[] = + "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789_-"; + +/* Returns true if dbname contains only characters in dbname_validchars. */ +int dbname_isclean(char* dbname) { + int reallen, cleanlen; + reallen = strlen(dbname); + cleanlen = strspn(dbname, dbname_validchars); + return (reallen == cleanlen); +} + char * strchr_whitespace(const char *s) { @@ -500,7 +512,13 @@ main(int argc, char *argv[]) switch (command) { case c_create: - create(&mysql, db); + // We only check newly created databases. Many old ("unclean") databases are still in use. + if(dbname_isclean(db)) { + create(&mysql, db); + } else { + dberror(NULL, "Database name '%s' contains invalid characters.\n" + "Only A-Z, a-z, 0-9, _ (underscore) and - (dash) permitted. Skipping.", db); + } break; case c_drop: drop(&mysql, db);