Editing an unsigned INT column value that ends in --

[vrdist-sina]

When editing an unsigned INT column value that ends in --, TablePlus sends the raw literal unquoted, causing the -- to be interpreted as the start of a SQL comment. As a result, the WHERE clause is commented out and the update silently applies to all rows.

To Reproduce

• Open TablePlus and connect to a MySQL database.
• Browse to table mytable.
• In the data grid, edit the row where id = 1, setting the unsigned INT column column_x to: 888--
• Press Ctrl+S to save.
• Observe in the SQL log that TablePlus emits: UPDATE mytable SET column_x = 888-- where id=1
• Notice that everything after -- is treated as a comment, so the WHERE id=1 is never executed.

Expected behavior TablePlus should either:

• Properly escape or quote the literal (e.g. '888--') or use a parameterized statement, so that -- is preserved in the value and the WHERE clause remains intact, Or
• Reject the invalid numeric literal and report a “Data truncated” or “Invalid data” error as other clients will do .

Actual behavior The -- is interpreted as a comment delimiter, stripping the WHERE clause and leading to unintended mass updates (or silent failures).

you can see in the attached picture the behaviour of other clients in this instance :

[sonswift]

Hi @vrdist-sina, thank you for sending us your feedback. I have identified the issue you encountered, and I am currently working on fixing it. The patch will be delivered to you soon.