-
-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[issue-2176] Added escape
/unescape
functions
#2180
Conversation
6fbf4d6
to
e2619e1
Compare
This commit adds two new functions: * `escape(string): string` * `unescape(string): string` Once the value has been processed by the `escape` function, then the values wrapped in `{{}}` like `{{foo}}` will not be parsed by the `parse` function. The `escape` function works by replacing the `{{` with `\\{\\}` and `}}` with `\\}\\}`. The `unescape` function reverses the process. The `parse` function has been updated to run the `unescape` after parsing has been completed, to ensure that the commands are being executed normally. Fixes deployphp#2176
e2619e1
to
d2e46b5
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
this looks really good, thx
So Now there is one special placeholder secret (which will not be printed to stdout nor logs): run("fjoy -p '%secret%' -fk", ['secret' => getenv('CI_SECRET')]); What about adding something similar? run('mysql --silent --raw --skip-column-names --execute %query%', ['vars' => [
'query' => $query,
]]); Also, I'm concerned with the name escape. It may confuse people what this is for escaping CLI arguments (deals with quotas, but it does not). |
This might be even more complicated than I've previously thought. The Maybe the best approach would be simply to do nothing in And yes, unfortunately, in my approach, the |
So what do you think about placeholders? |
Placeholder will work if the value is being set explicitly, like: $query = 'select * from {{foo}}';
run('mysql --silent --raw --skip-column-names --execute %query%', ['vars' => [
'query' => $query,
]]); if however the code is like: set('foo', 'select * from {{foo}}');
run('mysql --silent --raw --skip-column-names --execute %query%', ['vars' => [
'query' => get('foo'),
]]); then the code will try to parse that If we assume that all we want to handle here is |
set('foo', 'select * from {{foo}}'); What is the point if this?) From my understanding case is next: a user has some $variable with |
There is no point ;) The problem is that we do not know where the value that will be used with I'll get to the new MR then ;) |
{{}}
This commit adds two new functions:
escape(string): string
unescape(string): string
Once the value has been processed by the
escape
function, then the values wrapped in{{}}
like{{foo}}
will not be parsed by theparse
function.The
escape
function works by replacing the{{
with\\{\\{
and}}
with\\}\\}
.The
unescape
function reverses the process.The
parse
function has been updated to run theunescape
afterparsing has been completed, to ensure that the commands are being executed normally.Fixes #2176