From 3c252f6cdee62d2b14ea3f11bbf44dd1b63f3a2d Mon Sep 17 00:00:00 2001 From: Rupa Schomaker Date: Fri, 22 Jan 2010 17:55:39 +0000 Subject: [PATCH] MODAPP-354 - add sql_escape git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@16462 d0543943-73ff-0310-b7d9-9358b9ac24b2 --- src/mod/applications/mod_commands/mod_commands.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/src/mod/applications/mod_commands/mod_commands.c b/src/mod/applications/mod_commands/mod_commands.c index e5b66c2c92..da19c63ce2 100644 --- a/src/mod/applications/mod_commands/mod_commands.c +++ b/src/mod/applications/mod_commands/mod_commands.c @@ -4040,6 +4040,18 @@ SWITCH_STANDARD_API(uuid_loglevel) return SWITCH_STATUS_SUCCESS; } +#define SQL_ESCAPE_SYNTAX "" +SWITCH_STANDARD_API(sql_escape) +{ + if (zstr(cmd)) { + stream->write_function(stream, "-USAGE: %s\n", SQL_ESCAPE_SYNTAX); + } else { + stream->write_function(stream, "%q", cmd); + } + + return SWITCH_STATUS_SUCCESS; +} + SWITCH_MODULE_SHUTDOWN_FUNCTION(mod_commands_shutdown) { int x; @@ -4116,6 +4128,7 @@ SWITCH_MODULE_LOAD_FUNCTION(mod_commands_load) SWITCH_ADD_API(commands_api_interface, "sched_hangup", "Schedule a running call to hangup", sched_hangup_function, SCHED_HANGUP_SYNTAX); SWITCH_ADD_API(commands_api_interface, "sched_transfer", "Schedule a transfer for a running call", sched_transfer_function, SCHED_TRANSFER_SYNTAX); SWITCH_ADD_API(commands_api_interface, "show", "Show", show_function, SHOW_SYNTAX); + SWITCH_ADD_API(commands_api_interface, "sql_escape", "Escape a string to prevent sql injection", sql_escape, SQL_ESCAPE_SYNTAX); SWITCH_ADD_API(commands_api_interface, "status", "status", status_function, ""); SWITCH_ADD_API(commands_api_interface, "strftime_tz", "strftime_tz", strftime_tz_api_function, " [format string]"); SWITCH_ADD_API(commands_api_interface, "stun", "stun", stun_function, "[:port]"); @@ -4219,6 +4232,7 @@ SWITCH_MODULE_LOAD_FUNCTION(mod_commands_load) switch_console_set_complete("add show say"); switch_console_set_complete("add show timer"); switch_console_set_complete("add shutdown"); + switch_console_set_complete("add sql_escape"); switch_console_set_complete("add uuid_audio ::console::list_uuid start read mute"); switch_console_set_complete("add uuid_audio ::console::list_uuid start read level"); switch_console_set_complete("add uuid_audio ::console::list_uuid start write mute");