server_db_escape_string()

int server_db_escape_string(server_db_t *db, char *dest, char *src, int src_len)

Returns the number of bytes written to dest not including the terminating null byte.

This is a helper function for escaping strings you wish to put in your SQL query so they don't get parsed into strange things when they contain special characters like quotes. There is a requirement on the size of the destination buffer, and a helper macro is provided for allocating one of appropriate size in server_db.h:

#define SERVER_DB_ESCAPED_STRING_LEN(len) ((len*2)+1)

If more database support is added what this macro actually does may change, but the name and usage should be constant.

This means when you allocate a buffer for storing the escaped version of a string, perhaps a email address you have stored in the char * addr, you would do it something like this:

esc_addr = (char *)malloc(SERVER_DB_ESCAPED_STRING_LEN(strlen(addr)));

or, preferably, if you have the length of the string on hand you can drop the strlen.

Also, if you are dealing with something standardized, like a protocol, and the protocol defines maximum lengths for things like this, you could probably just allocate the escaped buffer once early in execution and continue reusing it, by simply using the maximum length as an arg to the macro.