| Summary: | ASTERISK-01961: [PATCH] cdr_sqlite | ||
| Reporter: | schurig (schurig) | Labels: | |
| Date Opened: | 2004-07-07 02:47:36 | Date Closed: | 2008-01-15 15:01:50.000-0600 |
| Priority: | Major | Regression? | No |
| Status: | Closed/Complete | Components: | CDR/General |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ( 0) cdr_sqlite.c ( 1) cdr_sqlite.c.txt ( 2) patch.diff ( 3) sqlite.patch | |
| Description: | Attached is an cdr_sqlite.c file that works great so far at my site. It is self-contained, e.g. you just need to load it, it will automatically create the cdr.db database with the right table for you. ****** ADDITIONAL INFORMATION ****** --- Makefile 31 May 2004 19:40:22 -0000 1.22 +++ Makefile 7 Jul 2004 07:32:58 -0000 @@ -43,10 +43,15 @@ MLFLAGS+=$(shell if [ -d /usr/lib/pgsql MLFLAGS+=$(shell if [ -d /usr/local/pgsql/lib ]; then echo "-L/usr/local/pgsql/lib"; fi) MLFLAGS+=$(shell if [ -d /usr/local/lib/pgsql ]; then echo "-L/usr/local/lib/pgsql"; fi) MLFLAGS+=$(shell if [ -d /opt/pgsql/lib ]; then echo "-L/opt/pgsql/lib"; fi) MLFLAGS+=$(shell if [ -f /usr/lib/libpq.so ]; then echo "-L/usr/lib"; fi) +# +# SQLIte stuff... +# +MODS+=$(shell if [ -f "/usr/include/sqlite.h" ]; then echo "cdr_sqlite.so"; fi) + all: depend $(MODS) install: all for x in $(MODS); do $(INSTALL) -m 755 $$x $(DESTDIR)$(MODULES_DIR) ; done @@ -64,9 +69,12 @@ cdr_odbc.so: cdr_odbc.o $(CC) $(SOLINK) -o $@ $< -lodbc $(MLFLAGS) cdr_pgsql.so: cdr_pgsql.o $(CC) $(SOLINK) -o $@ $< -lpq -lz $(MLFLAGS) +cdr_sqlite.so: cdr_sqlite.o + $(CC) $(SOLINK) -o $@ $< -lsqlite $(MLFLAGS) + depend: .depend .depend: ../mkdep $(CFLAGS) `ls *.c` | ||
| Comments: | By: schurig (schurig) 2004-07-07 06:04:03 just faxed disclaimer.txt :-) By: Mark Spencer (markster) 2004-07-07 08:58:46 Can you please attach the patch portion as an attachment and not in the body of the message? Other than that looks great. I'm assuming '%q' means quoting/escaping of the value? By: zoa (zoa) 2004-07-07 09:14:20 i just uploaded it as an attachment... enjoy ! By: schurig (schurig) 2004-07-07 09:19:44 patch as attachment ------------------- Attached. About '%q' ---------- From http://www.sqlite.org/c_interface.html: "The second advantage the SQLite printf routines have over sprintf are two new formatting options specifically designed to support string literals in SQL. Within the format string, the %q formatting option works very much like %s in that it reads a null-terminated string from the argument list and inserts it into the result. But %q translates the inserted string by making two copies of every single-quote (') character in the substituted string. This has the effect of escaping the end-of-string meaning of single-quote within a string literal." By: Brian West (bkw918) 2004-07-07 09:20:53 cdr_odbc.c does sqllite http://www.unixodbc.com/drivers.html Also I see nothing in here that can stop an sql injection attack. That must be taken into account. If someone decides to put a ' in their callerid the record will never post and they get free calls since no records will post. Example: callerid = "Brian's Phone" <9185551212> You must take these into account. http://xforce.iss.net/xforce/xfdb/13172 cdr_odbc.c takes care of this during the prepare. bkw By: schurig (schurig) 2004-07-07 09:23:21 bkw: should source code files attached as *.c.txt resp *.h.txt ? By: schurig (schurig) 2004-07-07 09:27:11 bkw: cdr_sqlite is way simpler than a whole ODBC setup. And, besides, you don't need to install unixODBC. Also it's faster to go Asterisk -> SQLite as compared to Asterisk -> UnixODBC -> SQLite One big advantage of cdr_sqlite.c above other sql solutions for Asterisk is that it works without any setup. It creates the table by itself. Granted, you can check for the existence of a table also in PostgreSQL or other database ... but as soon as ODBC comes into play, you HAVE to manually modify an ODBC configuration file to define your odbc data source. The '%q' prevents ' inclusion attachs. By: Brian West (bkw918) 2004-07-07 09:33:24 Yes but its simple to modify the file to setup an ODBC data source... but thats fine.. I may modify cdr_odbc.c to create the table if it doesn't exist. bkw By: Mark Spencer (markster) 2004-07-08 04:44:08 Added to CVS By: Digium Subversion (svnbot) 2008-01-15 15:01:50.000-0600 Repository: asterisk Revision: 3390 U trunk/cdr/Makefile A trunk/cdr/cdr_sqlite.c ------------------------------------------------------------------------ r3390 | markster | 2008-01-15 15:01:49 -0600 (Tue, 15 Jan 2008) | 2 lines Add SQLite CDR support (bug ASTERISK-1961) ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=3390 | ||