comparison: src/server/plugins/postgresql/service.c
src/server/plugins/postgresql/service.c
- branch
- webdav
- changeset 274
- 607712fb3c66
- parent 272
- f210681d9dd0
- child 278
- 38bf7b42b58c
equal
deleted
inserted
replaced
| 273:f4eb5d125e58 | 274:607712fb3c66 |
|---|---|
| 74 | 74 |
| 75 int nfields = PQnfields(result); | 75 int nfields = PQnfields(result); |
| 76 if(nfields > 0) { | 76 if(nfields > 0) { |
| 77 net_printf(sn->csd, "<table>\n<tr>\n"); | 77 net_printf(sn->csd, "<table>\n<tr>\n"); |
| 78 for(int i=0;i<nfields;i++) { | 78 for(int i=0;i<nfields;i++) { |
| 79 net_printf(sn->csd, "<th>%s</th>\n", PQfname(result, i)); | 79 char *fieldName = PQfname(result, i); |
| 80 char *fieldNameEscaped = util_html_escape(fieldName); | |
| 81 if(fieldNameEscaped) { | |
| 82 net_printf(sn->csd, "<th>%s</th>\n", fieldNameEscaped); | |
| 83 FREE(fieldNameEscaped); | |
| 84 } | |
| 80 } | 85 } |
| 81 net_printf(sn->csd, "</tr>\n"); | 86 net_printf(sn->csd, "</tr>\n"); |
| 82 | 87 |
| 83 int nrows = PQntuples(result); | 88 int nrows = PQntuples(result); |
| 84 for(int r=0;r<nrows;r++) { | 89 for(int r=0;r<nrows;r++) { |
| 85 net_printf(sn->csd, "<tr>\n"); | 90 net_printf(sn->csd, "<tr>\n"); |
| 86 for(int c=0;c<nfields;c++) { | 91 for(int c=0;c<nfields;c++) { |
| 87 net_printf(sn->csd, "<td>%s</td>\n", PQgetvalue(result, r, c)); | 92 char *fieldValue = PQgetvalue(result, r, c); |
| 93 char *fieldValueEscaped = util_html_escape(fieldValue); | |
| 94 if(fieldValueEscaped) { | |
| 95 net_printf(sn->csd, "<td>%s</td>\n", fieldValueEscaped); | |
| 96 FREE(fieldValueEscaped); | |
| 97 } | |
| 88 } | 98 } |
| 89 net_printf(sn->csd, "</tr>\n"); | 99 net_printf(sn->csd, "</tr>\n"); |
| 90 } | 100 } |
| 91 | 101 |
| 92 | 102 |
