Variable can't contain backslash #57
Labels
help wanted
Extra attention is needed
Comments
|
@chitly Thanks chitly, it's a really good issue. |
|
I think it needs to be handled in sql_builder, and if the value ends with "", it can be very violent to directly add a "" at the end |
ccouzens
added a commit
to ccouzens/sql-builder
that referenced
this issue
Sep 23, 2020
When using replaceParams to insert a string into a SQL string, it should escape backslashes as a pair of backslashes. replaceParams escapes " characters as \". Before this change, if the input string was \" then the output string would be \\" which would mean the " character was no longer escaped. https://dev.mysql.com/doc/refman/8.0/en/string-literals.html#character-escape-sequences This commit includes a few small other changes to replaceParams. Where `indexOf` was used to determine if a string contained a pattern I've replaced it with `includes`. This is better for people like me who aren't primarily Javascript/Typescript programmers. - (val.toLowerCase().indexOf(" as ") > -1 || - val.toLowerCase().indexOf(" AS ") > -1) The 2nd condition was never true because if the string is forced lower case it will never contain some uppper case characters. denodrivers/mysql#57
|
I've raised a pull request to fix this in sql-builder |
ccouzens
added a commit
to ccouzens/deno_mysql
that referenced
this issue
Sep 30, 2020
This should fix the backslash problem in parameters: denodrivers#57
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is an example code.
This is a result of the query string.
So, it will throw an error.
The text was updated successfully, but these errors were encountered: