orientjs icon indicating copy to clipboard operation
orientjs copied to clipboard
verified publisher icon orientechnologies

Enable field name escaping

Open Enteee opened this issue 9 years ago • 7 comments

software version
orientjs 2.2.2
orientdb 2.2.10

To be honest, I don't understand how the orientdb "SQL" parser works. But I keep getting weird errors which are a pain in the ass. Why? Every so often I accidentally use reserved keywords as column names.

Example:

UPDATE V SET match = "89" UPSERT RETURN AFTER WHERE ( match = "89" )

yields:

Error parsing query: UPDATE V SET match = "89" UPSERT RETURN AFTER WHERE ( match = "89" ) ^ Encountered " <UPDATE> "UPDATE "" at line 1, column 1. Was expecting one of: <SELECT> ... <TRAVERSE> ... <MATCH> ... <INSERT> ... <RETURN> ... <PROFILE> ... <FIND> ... <REBUILD> ... <OPTIMIZE> ... <GRANT> ... <REVOKE> ... <BEGIN> ... <COMMIT> ... <ROLLBACK> ... <IF> ... <SLEEP> ... <CONSOLE> ...

escaping match, works:

UPDATE V SET `match` = "89" UPSERT RETURN AFTER WHERE ( `match` = "89" )

I might be just blind but the sql syntax does not indicate that MATCH is a reserved keyword (I can only find MATCHES). I got suspicious because the error mentions ... <MATCH> ..., but in a completely different context.

Question: Why are field names not escaped by default when using the query builder's .set()? According to a stack overflow post this should be possible out of the box with every database >= 2.1.9:

@MichelaBonizzi - In 2.1.9 and 2.1.10, the setting of strictSql seems to be irrelevant. Could you please modify your answer accordingly?

Alternative: If it's not possible to escape field names: Is there a list of reserved keywords, and couldn't orientjs just check agains such a list?

Enteee avatar Oct 11 '16 15:10 Enteee

hi @Enteee

Match is a reserved keyword since 2.2.

orientdb.com/docs/2.2/SQL-Match.html

I think this syntax is missing that statement.

wolf4ood avatar Oct 11 '16 15:10 wolf4ood

hi @maggiolo00,

thank you for the answer. My text probably didn't make this clear enough: I sort of figured this out already. Which is why I asked:

Question: Why are field names not escaped by default when using the query builder's .set()? According to a stack overflow post this should be possible out of the box with every database >= 2.1.9:

@MichelaBonizzi - In 2.1.9 and 2.1.10, the setting of strictSql seems to be irrelevant. Could you please modify your answer accordingly?

Alternative: If it's not possible to escape field names: Is there a list of reserved keywords, and couldn't orientjs just check agains such a list?

Enteee avatar Oct 11 '16 15:10 Enteee

@Enteee

i guess no reason. Strict sql with backtick was introduced in 2.1, and the sql builder of orientjs is older than that. I will mark this as enhancement

wolf4ood avatar Oct 11 '16 16:10 wolf4ood

@maggiolo00 thank you.

Enteee avatar Oct 11 '16 19:10 Enteee

@maggiolo00 is this already supported, right?

lvca avatar Aug 05 '17 04:08 lvca

@lvca

it's not supported yet.

https://github.com/orientechnologies/orientjs/issues/250

wolf4ood avatar Aug 05 '17 07:08 wolf4ood

@wolf4ood Re-up on this. This has been a huge headache for me, as I am using OrientDB to store JSON documents from Office 365 Graph APIs, and some of their fields are reserved keywords.

alancnet avatar Nov 20 '19 15:11 alancnet