From 37254ae8fce798b811a12a4d841bbe165651e4b3 Mon Sep 17 00:00:00 2001
From: Shawn <wangxiaofan0529@gmail.com>
Date: Fri, 2 Sep 2016 23:07:59 +0800
Subject: [PATCH 1/2] fix bug and add test

fix bug and add test
---
 .gitignore           |   1 +
 README.md            |   8 ++++--
 mysql_escape.go      |  49 ++++++++++----------------------
 mysql_escape_test.go |  65 +++++++++++++++++++++++++++++++++++++++++++
 test.dat             | Bin 0 -> 421 bytes
 5 files changed, 86 insertions(+), 37 deletions(-)
 create mode 100644 .gitignore
 create mode 100644 mysql_escape_test.go
 create mode 100644 test.dat

diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..723ef36
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+.idea
\ No newline at end of file
diff --git a/README.md b/README.md
index 2dca3df..b537fb1 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,7 @@
-golang版本的mysql_escape_string()
+golang version of mysql_escape_string()
 
-参考了mysql的C版本api
\ No newline at end of file
+refer to mysql C api's escape_string_for_mysql function : https://github.com/twitter/mysql/blob/865aae5f23e2091e1316ca0e6c6651d57f786c76/mysys/charset.c
+
+forked from https://github.com/liule/golang_escape and add some test.
+
+tested with some simple manual written data and compare with php5's mysql_escape_string.
\ No newline at end of file
diff --git a/mysql_escape.go b/mysql_escape.go
index defbc4b..784e142 100644
--- a/mysql_escape.go
+++ b/mysql_escape.go
@@ -1,61 +1,40 @@
-package main
+package mysql_escape
 
-import (
-	"errors"
-	"fmt"
-)
-
-func mysql_escape(source string) (string, error) {
-	var j int = 0
+func MysqlEscapeString(source string) string {
 	if len(source) == 0 {
-		return "", errors.New("source is null")
+		return ""
 	}
 	tempStr := source[:]
+
+	var j int = 0
 	desc := make([]byte, len(tempStr)*2)
 	for i := 0; i < len(tempStr); i++ {
-		flag := false
 		var escape byte
+		escape = 0
 		switch tempStr[i] {
+		case 0:
+			escape = '0'
 		case '\r':
-			flag = true
-			escape = '\r'
-			break
+			escape = 'r'
 		case '\n':
-			flag = true
-			escape = '\n'
-			break
+			escape = 'n'
 		case '\\':
-			flag = true
 			escape = '\\'
-			break
 		case '\'':
-			flag = true
 			escape = '\''
-			break
 		case '"':
-			flag = true
 			escape = '"'
-			break
 		case '\032':
-			flag = true
 			escape = 'Z'
-			break
-		default:
 		}
-		if flag {
+		if escape != 0 {
 			desc[j] = '\\'
 			desc[j+1] = escape
-			j = j + 2
+			j += 2
 		} else {
 			desc[j] = tempStr[i]
-			j = j + 1
+			j += 1
 		}
 	}
-	return string(desc[0:j]), nil
-}
-
-func main() {
-	if str, err := mysql_escape(`SELECT * FROM users WHERE user=20 AND password='%s'`); err == nil {
-		fmt.Println(str)
-	}
+	return string(desc[0:j])
 }
diff --git a/mysql_escape_test.go b/mysql_escape_test.go
new file mode 100644
index 0000000..a4baf81
--- /dev/null
+++ b/mysql_escape_test.go
@@ -0,0 +1,65 @@
+package mysql_escape
+
+import (
+	"bytes"
+	. "github.com/smartystreets/goconvey/convey"
+	"io/ioutil"
+	"testing"
+)
+
+var phpCode string = `// use z to seperate, so no z in data
+$src = array(
+    "normal",
+    "aaa\ro", // \r
+    "iam\0ooo", // \0
+    "\"shou\x08ldbe", // " and \b
+    "+123",
+    "'youyou'", // '
+    "\n gogogo",
+    "\026haha",
+    "tab \t iam tab",
+    "yoyo\\ yoyo",
+    "heros never die",
+    "heros%",
+    "heros_",
+    "heros$(&&^*&$##%^(*(*&$##&^^&(*)",
+    "??>><<>><?<:||)(&___*((*&%@%@$@#GJGJGFDOIUO*&*JKJKL137813"
+);
+$dest ="";
+
+foreach ($src as $s){
+    $dest = $dest."z".$s."z".mysql_escape_string($s);
+}
+file_put_contents("sql_util_test.dat", $dest);
+`
+
+// the test data is generated by php, using mysql_escape_string. // data are sperated by 'z'
+// phpCode are pasted above.
+
+func TestMysqlEscapeString(t *testing.T) {
+	Convey("testMysqlEscape", t, func() {
+		data, err := ioutil.ReadFile("test.dat")
+		So(err, ShouldBeNil)
+		pairs := bytes.Split(data, []byte("z"))
+		pairs = pairs[1:]
+		for i := 0; i < len(pairs); i += 2 {
+			originalData := pairs[i]
+			destData := pairs[i+1]
+			escaped := MysqlEscapeString(string(originalData))
+			byteEqual(t, []byte(escaped), destData)
+		}
+	})
+}
+
+func byteEqual(t *testing.T, src, dest []byte) {
+	t.Log(src)
+	t.Log(dest)
+	if len(src) != len(dest) {
+		t.Error("len check fail")
+	}
+	for i, v := range src {
+		if dest[i] != v {
+			t.Error("fail in index %v", i)
+		}
+	}
+}
diff --git a/test.dat b/test.dat
new file mode 100644
index 0000000000000000000000000000000000000000..75b3e921f2fc36ee3a9b768be5cd88de1a548621
GIT binary patch
literal 421
zcmbV_!E1vs6vlg82fOwhs>U?E%z5Y-q8>&|ZK0>#f)X**LhA!t2R{18FKPxGlpe}^
z`M%#5US6<*`XrBNOiK9zs8!T}2YDI+^e$dIn4U{$o{mMXQ2gP!_vT|SZVQcW7lk3=
z;xpMpS177qnv}AXIOs*@WK8r|L=*l`Ewms=r`V(6Qq^!KmHJjSDGmy6W@orImJP|6
z%_vPdwJpm@8D~AwG^LEshPitKQ51$jpidNhT(2`mvn=CGFL7cgwqt9R=vsd6)?YhL
Rd9q11ThCv-dp<t=@&^o^g>V1>

literal 0
HcmV?d00001


From aa8fddc728c470125f63d9a02201fb4c51bacb1c Mon Sep 17 00:00:00 2001
From: Shawn <wangxiaofan0529@gmail.com>
Date: Fri, 2 Sep 2016 23:12:48 +0800
Subject: [PATCH 2/2] remove fork from readme

---
 README.md | 2 --
 1 file changed, 2 deletions(-)

diff --git a/README.md b/README.md
index b537fb1..a7546ad 100644
--- a/README.md
+++ b/README.md
@@ -2,6 +2,4 @@ golang version of mysql_escape_string()
 
 refer to mysql C api's escape_string_for_mysql function : https://github.com/twitter/mysql/blob/865aae5f23e2091e1316ca0e6c6651d57f786c76/mysys/charset.c
 
-forked from https://github.com/liule/golang_escape and add some test.
-
 tested with some simple manual written data and compare with php5's mysql_escape_string.
\ No newline at end of file