From 32206ab9049028cfe936b3a55eb14f0536bbc615 Mon Sep 17 00:00:00 2001
From: Eugeniy Mikhailov <evgmik@gmail.com>
Date: Fri, 21 Jan 2011 11:55:18 -0500
Subject: added ColName2SqlSafeForm for sql column name validation

Ignore-this: 2fd2f0de3dc7d6193d0b4a40b6235520

darcs-hash:20110121165518-067c0-c892175b0ddf8db5aa9136aee992243e3c1ff459.gz
---
 GradeBook.tcl | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/GradeBook.tcl b/GradeBook.tcl
index c987032..fed35a8 100755
--- a/GradeBook.tcl
+++ b/GradeBook.tcl
@@ -44,6 +44,14 @@ set dbfile "./testdb"
 
 sqlite3 db $dbfile
 
+proc ColName2SqlSafeForm {colname} {
+	set bad_symbols [list {\}} {\{} {\\} {\'} {\"} {\]} {\[} ]
+	foreach bs $bad_symbols {
+		regsub -all $bs $colname "" colname 
+	}
+	return $colname
+}
+
 proc AddUserNonWeb { first_name last_name user_name password_hash {group_name {guest}} } {
 	set eval_str [concat INSERT INTO GradesTable (FirstName, LastName, UserName, PasswordHash, GroupName) VALUES('$first_name', '$last_name', '$user_name', '$password_hash', '$group_name')]
 	set err [catch {db eval $eval_str  } errStat]
-- 
cgit v1.2.3