Skip to content

Instantly share code, notes, and snippets.

@siddontang
Created February 8, 2014 02:30
Show Gist options
  • Save siddontang/8875771 to your computer and use it in GitHub Desktop.
Save siddontang/8875771 to your computer and use it in GitHub Desktop.
func Escape(sql string) string {
dest := make([]byte, 0, 2*len(sql))
var escape byte
for i := 0; i < len(sql); i++ {
c := sql[i]
escape = 0
switch c {
case 0: /* Must be escaped for 'mysql' */
escape = '0'
break
case '\n': /* Must be escaped for logs */
escape = 'n'
break
case '\r':
escape = 'r'
break
case '\\':
escape = '\\'
break
case '\'':
escape = '\''
break
case '"': /* Better safe than sorry */
escape = '"'
break
case '\032': /* This gives problems on Win32 */
escape = 'Z'
}
if escape != 0 {
dest = append(dest, '\\', escape)
} else {
dest = append(dest, c)
}
}
return string(dest)
}
@xiezhenye
Copy link

有漏洞

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment