Esempio n. 1
0
        private string SanitizeString(DbTypes dbType, string s)
        {
            if (String.IsNullOrEmpty(s))
            {
                return(String.Empty);
            }
            string ret = "";

            switch (dbType)
            {
            case DbTypes.MsSql:
                ret = MssqlHelper.SanitizeString(s);
                break;

            case DbTypes.MySql:
                ret = MySqlHelper.SanitizeString(s);
                break;

            case DbTypes.PgSql:
                ret = PgsqlHelper.SanitizeString(s);
                break;
            }

            return(ret);
        }
Esempio n. 2
0
        private string PreparedStringValue(DbTypes dbType, string s)
        {
            switch (dbType)
            {
            case DbTypes.MsSql:
                return("'" + MssqlHelper.SanitizeString(s) + "'");

            case DbTypes.MySql:
                return("'" + MySqlHelper.SanitizeString(s) + "'");

            case DbTypes.PgSql:
                // uses $xx$ escaping
                return(PgsqlHelper.SanitizeString(s));
            }

            return(null);
        }