AppleScriptを使用してMac Mailで電子メールメッセージからデータを収集し、このデータを「do shell script」を使用してsqlite3データベースに書きたいとします。問題は、私が書きたいものの1つは、メッセージ本文からのデータであり、sqlite3にデータを渡すプロセスを邪魔する可能性があるあらゆる種類の特殊文字を含むことができるということです。AppleScriptからsqlite3用の文字列をエスケープする
このデータをエスケープするにはどうすればよいですか?あるいは、AppleScriptの中で「シェルスクリプトを実行する」よりも良い方法がありますか?
問題のあるデータがない例私は、完全なバイナリの安全性がより多くのコードを必要とする唯一の問題であると仮定しています。
on sqlite_quote(subject)
set OLD_TID to AppleScript's text item delimiters
try
set AppleScript's text item delimiters to "\\'"
set subject to subject's quoted form's text items
set AppleScript's text item delimiters to ""
set subject to subject as string
set AppleScript's text item delimiters to OLD_TID
on error error_message number error_number from error_source partial result error_result to error_class
set AppleScript's text item delimiters to OLD_TID
error error_message number error_number from error_source partial result error_result to error_class
end try
subject
end sqlite_quote
on sqlite_quotes(subjects)
set subjects to {} & subjects
repeat with subject in subjects
set subject's contents to sqlite_quote(subject)
end repeat
subjects
end sqlite_quotes
on sqlite_fields_quote(sources)
my list2string(",", sqlite_quotes(sources))
end sqlite_fields_quote
on sqlite_stmnt_create_table_ifnexists(table, columns)
"create table if not exists " & sqlite_quote(table) & "(" & sqlite_fields_quote(columns) & ")"
end sqlite_stmnt_create_table_ifnexists
on sqlite_stmnt_drop_table_ifexists(table)
"drop table if exists " & sqlite_quote(table)
end sqlite_stmnt_drop_table_ifexists
on sqlite_stmnt_insert_into(table, values)
"insert into " & sqlite_quote(table) & " values(" & sqlite_fields_quote(values) & ")"
end sqlite_stmnt_insert_into
on list2string(delimiter, source) -- general utility
try
set {|applescript's text item delimiters|, AppleScript's text item delimiters} to {AppleScript's text item delimiters, delimiter}
set |result| to source as string
set AppleScript's text item delimiters to |applescript's text item delimiters|
on error error_message number error_number from error_source partial result error_result to error_class
set AppleScript's text item delimiters to |applescript's text item delimiters|
error error_message number error_number from error_source partial result error_result to error_class
end try
|result|
end list2string
property executable : "sqlite3"
property db_path : "/tmp/test.sqlite"
on run argv
set {table, values} to {"table", {"example with CRLF: " & («data TEXT0D0A» as text) & " using applescript's TIDs on this string's quoted form"}} -- example
set {stmnts, test_ins, test_drp, debug} to {{}, true, false, false}
if test_drp then set stmnts's end to sqlite_stmnt_drop_table_ifexists(table)
if test_ins then set stmnts's end to sqlite_stmnt_create_table_ifnexists(table, "text")
set stmnts's end to sqlite_stmnt_insert_into(table, values)
if test_ins then set stmnts's end to "select * from " & sqlite_quote(table)
set |script| to executable & space & db_path's quoted form & space & my list2string(";", stmnts)'s quoted form
if debug then set |script| to "echo >&2 " & |script|'s quoted form & ";" & |script| & "|xxd"
do shell script |script|
end run