[Pdns-users] PDNS + MySQL results not un-escaped?
pdns at nettrust.co.nz
Wed Jan 6 09:03:27 UTC 2010
On Wed, 06 Jan 2010 21:56:08 you wrote:
> Hi Michael
> > When I enter a DKIM or Domain Keys record, which requires use of ';', the
> > records on the secondary name server have this character escaped with
> > '\', as to be expected.
> > As this character has a special meaning in MySQL I would think the simple
> > answer would be to unescape it prior to returning the RR.
> This is a common misunderstanding of web developers that escaping in MySQL
> is done by adding backslashes. Instead, escaping is done by calling
> mysql_real_escape(), which prepares the string to be save when storing it
> to the database but when fetching the string again, it will be the same as
> before calling mysql_real_escape(). Therefore, if a web application adds
> backslashes it corrupts the record and this has to be considered as bug of
> the web application.
Ok, so is there any downside to adding an unescape to the code and could this
be done by the programmers?
I didn't write the web based SQL admin... I use the proper MySQL function in
my own code, but I am not rewriting the web based admin...
More information about the Pdns-users