drogon icon indicating copy to clipboard operation
drogon copied to clipboard
verified publisher icon drogonframework

Postgres ORM doesn't properly escape keywords

Open S-Ptr opened this issue 2 years ago • 0 comments

Describe the bug If a table has a reserved keyword as a column name, the SQL query doesn't properly escape it, leading to an exception in PgBatchConnection.cc

To Reproduce Steps to reproduce the behavior (in my case):

  1. Make a table in Postgres with a reserved keyword as a column (eg. order, when,...)
  2. Generate the ORM using drogon_ctl create model "./path/to/model"
  3. Create any controller that calls to it
  4. Using a Mapper for the table class, call a blocking insert in the controller method. If called in a lambda (eg. a callback for another insert), it merely hangs there, giving no output.

image

Expected behavior While having a reserved keyword as a column name is bad practice, the schema might be out of the developer's control. A proper query surrounds the column name with double quotation marks.

Desktop (please complete the following information):

  • OS: Windows 10 Enterprise LTSC (build 19044)
  • Browser: Mozilla Firefox

S-Ptr avatar Oct 23 '23 14:10 S-Ptr