- if(req.query.q[i] == '?')
- {
- /* We found a place to substitute..what fun.
- * Use the PgSQL calls to escape and write the
- * escaped string onto the end of our query buffer,
- * then we "just" need to make sure queryend is
- * pointing at the right place.
- */
-
- if(req.query.p.size())
- {
- int error = 0;
- size_t len = 0;
-
-#ifdef PGSQL_HAS_ESCAPECONN
- len = PQescapeStringConn(sql, queryend, req.query.p.front().c_str(), req.query.p.front().length(), &error);
-#else
- len = PQescapeString (queryend, req.query.p.front().c_str(), req.query.p.front().length());
-#endif
- if(error)
- {
- ServerInstance->Logs->Log("m_pgsql",DEBUG, "BUG: Apparently PQescapeStringConn() failed somehow...don't know how or what to do...");
- }
-
- /* Incremenet queryend to the end of the newly escaped parameter */
- queryend += len;
-
- /* Remove the parameter we just substituted in */
- req.query.p.pop_front();
- }
- else
- {
- ServerInstance->Logs->Log("m_pgsql",DEBUG, "BUG: Found a substitution location but no parameter to substitute :|");
- break;
- }
- }
- else
- {
- *queryend = req.query.q[i];
- queryend++;
- }
+ std::string parm = p[param++];
+ std::vector<char> buffer(parm.length() * 2 + 1);
+ int error;
+ size_t escapedsize = PQescapeStringConn(sql, &buffer[0], parm.data(), parm.length(), &error);
+ if (error)
+ ServerInstance->Logs->Log(MODNAME, LOG_DEBUG, "BUG: Apparently PQescapeStringConn() failed");
+ res.append(&buffer[0], escapedsize);