Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: brianc/node-postgres
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: master
Choose a base ref
...
head repository: andythiv/node-postgres
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: master
Choose a head ref
  • 12 commits
  • 3 files changed
  • 2 contributors

Commits on Oct 14, 2015

  1. escapeLiteral handles more types of input

    andythiv committed Oct 14, 2015
    Copy the full SHA
    c3f7976 View commit details

  2. Merge pull request #1 from andythiv/escapeMoreStuff 

    escapeLiteral handles more types of input
    @andythiv
    andythiv committed Oct 14, 2015
    Copy the full SHA
    603c545 View commit details

  3. Add jshint ignore and explanation

    andythiv committed Oct 14, 2015
    Copy the full SHA
    aafda5e View commit details

  4. Merge pull request #2 from andythiv/escapeMoreStuff 

    Add jshint ignore and explanation
    @andythiv
    andythiv committed Oct 14, 2015
    Copy the full SHA
    a2b074a View commit details

  5. Fix timezone issue affecting unit test

    andythiv committed Oct 14, 2015
    Copy the full SHA
    df6244c View commit details

  6. Merge pull request #3 from andythiv/escapeMoreStuff 

    Fix timezone issue affecting unit test
    @andythiv
    andythiv committed Oct 14, 2015
    Copy the full SHA
    82498ba View commit details

Commits on Oct 17, 2015

  1. Merge with upstream brianc/node-postgres

    andythiv committed Oct 17, 2015
    Copy the full SHA
    fc8ef9d View commit details

  2. Merge pull request #4 from andythiv/escapeMoreStuff 

    Merge with upstream brianc/node-postgres
    @andythiv
    andythiv committed Oct 17, 2015
    Copy the full SHA
    6cd774a View commit details

  3. Minor: fixed inconsistent brace spacing style

    andythiv committed Oct 17, 2015
    Copy the full SHA
    10d2cb2 View commit details

  4. Merge pull request #5 from andythiv/escapeMoreStuff 

    Minor: fixed inconsistent brace spacing style
    @andythiv
    andythiv committed Oct 17, 2015
    Copy the full SHA
    86448e5 View commit details

Commits on May 12, 2016

  1. merge with upstream

    andythiv committed May 12, 2016
    Copy the full SHA
    1ddbe52 View commit details

  2. Merge pull request #6 from andythiv/mergeWithUpstream 

    Merge with upstream
    @andythiv
    andythiv committed May 12, 2016
    Copy the full SHA
    b1e0330 View commit details
Showing with 93 additions and 21 deletions.
  1. +41 −20 lib/client.js
  2. +3 −1 lib/utils.js
  3. +49 −0 test/unit/client/escape-tests.js
61 changes: 41 additions & 20 deletions lib/client.js
View file
Original file line number Diff line number Diff line change
@@ -8,6 +8,7 @@ var ConnectionParameters = require('./connection-parameters');
var Query = require('./query');
var defaults = require('./defaults');
var Connection = require('./connection');
var utils = require('./utils');

var Client = function(config) {
EventEmitter.call(this);
@@ -262,31 +263,51 @@ Client.prototype.escapeIdentifier = function(str) {
return escaped;
};

// Ported from PostgreSQL 9.2.4 source code in src/interfaces/libpq/fe-exec.c
Client.prototype.escapeLiteral = function(str) {
Client.prototype.escapeLiteral = function(value) {

if(value === null || value === undefined) {
return 'NULL';
} else if (typeof value === 'number' || value instanceof Number) {
return value.toString();
} else if (typeof value === 'boolean' || value instanceof Boolean) {
/*
Reason for jshint ignore:
jshint normally enforces that an equality check with a boolean literal uses === (triple equals sign).
However, for this instance, we intentionally use == because === will fail when used with a Boolean object type.
The unit tests cover this behavior.
*/
return value == true ? 'TRUE' : 'FALSE'; // jshint ignore:line
} else if (value instanceof Date) {
return utils.dateToString(value);
} else if (value.constructor === Array) {
return utils.arrayString(value);
} else if(typeof value === 'string' || value instanceof String) {
// Ported from PostgreSQL 9.2.4 source code in src/interfaces/libpq/fe-exec.c
var hasBackslash = false;
var escaped = '\'';

for(var i = 0; i < value.length; i++) {
var c = value[i];
if(c === '\'') {
escaped += c + c;
} else if (c === '\\') {
escaped += c + c;
hasBackslash = true;
} else {
escaped += c;
}
}

var hasBackslash = false;
var escaped = '\'';
escaped += '\'';

for(var i = 0; i < str.length; i++) {
var c = str[i];
if(c === '\'') {
escaped += c + c;
} else if (c === '\\') {
escaped += c + c;
hasBackslash = true;
} else {
escaped += c;
if(hasBackslash === true) {
escaped = ' E' + escaped;
}
}

escaped += '\'';

if(hasBackslash === true) {
escaped = ' E' + escaped;
return escaped;
} else {
return value;
}

return escaped;
};

Client.prototype._pulseQueryQueue = function() {
4 changes: 3 additions & 1 deletion lib/utils.js
View file
Original file line number Diff line number Diff line change
@@ -127,5 +127,7 @@ module.exports = {
//by accident, eg: from calling values.map(utils.prepareValue)
return prepareValue(value);
},
normalizeQueryConfig: normalizeQueryConfig
normalizeQueryConfig: normalizeQueryConfig,
arrayString: arrayString,
dateToString: dateToString
};
49 changes: 49 additions & 0 deletions test/unit/client/escape-tests.js
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
var helper = require(__dirname + '/test-helper');
var testDateHelper = require('../test-helper');

function createClient(callback) {
var client = new Client(helper.config);
@@ -47,6 +48,54 @@ testLit('escapeLiteral: contains single quotes and backslashes',
testLit('escapeLiteral: contains single quotes, double quotes, and backslashes',
'hello \\ \' " world', " E'hello \\\\ '' \" world'");

testLit('escapeLiteral: empty string',
'', "''");

testLit('escapeLiteral: null',
null, "NULL");

testLit('escapeLiteral: undefined',
undefined, "NULL");

testLit('escapeLiteral: zero as a string',
'0', "'0'");

testLit('escapeLiteral: zero as a number',
0, "0");

testLit('escapeLiteral: number',
42, "42");

testLit('escapeLiteral: Number object',
new Number(88), "88");

testLit('escapeLiteral: true',
true, "TRUE");

testLit('escapeLiteral: false',
false, "FALSE");

testLit('escapeLiteral: true Boolean object',
new Boolean(true), "TRUE");

testLit('escapeLiteral: false Boolean object',
new Boolean(false), "FALSE");

test('escapeLiteral: Date', function() {
testDateHelper.setTimezoneOffset(420);

var d = new Date(2015, 9, 27); // note: Javascript month range is 0 - 11

var client = new Client(helper.config);
var actual = client.escapeLiteral(d);
assert.equal('2015-10-27T00:00:00.000-07:00', actual);

testDateHelper.resetTimezoneOffset();
});

testLit('escapeLiteral: array',
['Nintendo', 64], '{"Nintendo","64"}');

testIdent('escapeIdentifier: no special characters',
'hello world', '"hello world"');