latitude icon indicating copy to clipboard operation
latitude copied to clipboard
verified publisher icon shadowhand

Improve identifier escaping

Open donatj opened this issue 1 year ago • 2 comments

~The diff on this is larger than in actuality because phpcbf needs to be ran.~

Merging #162 will clear that up.

I have a field with a backtick in a mysql database (absolutely insane, I know, not my choice) - and found that I was breaking out of the identifier name.

This improves the quoting of of identifiers across the board.

  • Common SQL specifies a quote is quoted by doubling the quote, so a"b is quoted as "a""b"
  • MySQL specifies that a single backtick becomes a double backtick, so a`b is quoted as `a``b`
  • MS-SQL when using brackets only wants you to quote the closing brackets, so a[b] is quoted as a[b]]]

I changed Sqlite to target CommonSQL as it matches the behaviour - see: https://www.sqlite.org/lang_keywords.html

More than happy to make any requested changes. Let me know

donatj avatar Mar 14 '24 18:03 donatj

It strikes me this might cause issues with things like table.column… Hmm. I'm pondering on this after all.

donatj avatar Mar 19 '24 19:03 donatj

I removed the phpcbf run b/c it was noise

donatj avatar Sep 09 '24 17:09 donatj