Permalink
Browse files

escape mysql field name for update/insert

  • Loading branch information...
1 parent 4197d97 commit c55a7039593099d3c0e445dd06e5d2758ad326a5 @ginesr committed Jun 29, 2012
Showing with 24 additions and 10 deletions.
  1. +14 −0 lib/Gideon/Filters/DBI.pm
  2. +1 −1 t/02dirty.t
  3. +2 −2 t/02saving.t
  4. +2 −2 t/02update.t
  5. +4 −4 t/03delete.t
  6. +1 −1 t/04serial.t
View
@@ -6,6 +6,8 @@ use warnings;
use Data::Dumper qw(Dumper);
use SQL::Abstract;
+use constant MYSQL_ESCAPE => '`';
+
sub format {
my $class = shift;
@@ -34,6 +36,7 @@ sub build_statment {
$sql->select( $table, $fields, $where, $order );
}
else {
+ $fields = $class->escape_field_names($fields);
return my ( $stmt, @bind ) = $sql->$action( $table, $fields, $where );
}
@@ -51,4 +54,15 @@ sub add_limit_in_sql {
return $stmt;
}
+sub escape_field_names {
+ my $class = shift;
+ my $fields = shift;
+ foreach (keys %{$fields}) {
+ my $mylsq_escaped = join '.', map { MYSQL_ESCAPE . $_ . MYSQL_ESCAPE } split /\./, $_;
+ $fields->{$mylsq_escaped} = $fields->{$_};
+ delete $fields->{$_};
+ }
+ return $fields;
+}
+
1;
View
@@ -12,7 +12,7 @@ use Test::Exception;
my $dbh = DBI->connect( 'DBI:Mock:', '', '' ) or die 'Cannot create handle';
my $mock_session = DBD::Mock::Session->new(
{
- statement => 'INSERT INTO country ( country_iso, country_name) VALUES ( ?, ? )',
+ statement => 'INSERT INTO country ( `country_iso`, `country_name`) VALUES ( ?, ? )',
bound_params => [ undef, 'Argentina' ],
results => []
}
View
@@ -12,12 +12,12 @@ use Test::Exception;
my $dbh = DBI->connect( 'DBI:Mock:', '', '' ) or die 'Cannot create handle';
my $mock_session = DBD::Mock::Session->new(
{
- statement => 'INSERT INTO country ( country_iso, country_name) VALUES ( ?, ? )',
+ statement => 'INSERT INTO country ( `country_iso`, `country_name`) VALUES ( ?, ? )',
bound_params => [ 'AR', 'Wohoo' ],
results => []
},
{
- statement => 'UPDATE country SET country_iso = ?, country_name = ? WHERE ( country_name = ? )',
+ statement => 'UPDATE country SET `country_iso` = ?, `country_name` = ? WHERE ( country_name = ? )',
bound_params => [ 'AR', 'Argentina', 'Argentina'],
results => []
}
View
@@ -12,7 +12,7 @@ use Test::Exception;
my $dbh = DBI->connect( 'DBI:Mock:', '', '' ) or die 'Cannot create handle';
my $mock_session = DBD::Mock::Session->new(
{
- statement => 'UPDATE country SET country.country_iso = ?',
+ statement => 'UPDATE country SET `country`.`country_iso` = ?',
bound_params => ['AR'],
results => [ [], [] ]
},
@@ -29,7 +29,7 @@ my $mock_session = DBD::Mock::Session->new(
results => [ [ 'country.country_iso', 'country.country_name' ], [ 'AR', 'Argentina' ], [ 'AR', 'Argentine' ], ]
},
{
- statement => 'UPDATE country SET iso = ? WHERE ( country.country_iso = ? )',
+ statement => 'UPDATE country SET `iso` = ? WHERE ( country.country_iso = ? )',
bound_params => ['UY','AR'],
results => [[],[]]
},
View
@@ -28,7 +28,7 @@ my $mock_session = DBD::Mock::Session->new(
]
},
{
- statement => 'DELETE FROM person WHERE ( person_id = ? )',
+ statement => 'DELETE FROM person WHERE ( `person_id` = ? )',
bound_params => [123],
results => []
},
@@ -43,7 +43,7 @@ my $mock_session = DBD::Mock::Session->new(
},
{
statement =>
- 'DELETE FROM person WHERE ( person.person_country = ? ) limit 10',
+ 'DELETE FROM person WHERE ( `person`.`person_country` = ? ) limit 10',
bound_params => ['AR'],
results => [ [], [], [] ],
},
@@ -58,7 +58,7 @@ my $mock_session = DBD::Mock::Session->new(
]
},
{
- statement => 'DELETE FROM person WHERE ( person.person_country = ? )',
+ statement => 'DELETE FROM person WHERE ( `person`.`person_country` = ? )',
bound_params => ['AR'],
results => [[],[],[]],
},
@@ -71,7 +71,7 @@ my $mock_session = DBD::Mock::Session->new(
]
},
{
- statement => 'DELETE FROM person WHERE ( ( person.person_country = ? AND person.person_type > ? ) )',
+ statement => 'DELETE FROM person WHERE ( ( `person`.`person_country` = ? AND `person`.`person_type` > ? ) )',
bound_params => ['AR',30],
results => [ [],[],[],[] ],
},
View
@@ -12,7 +12,7 @@ use Test::Exception;
my $dbh = DBI->connect( 'DBI:Mock:', '', '' ) or die 'Cannot create handle';
my $mock_session = DBD::Mock::Session->new(
{
- statement => 'INSERT INTO person ( person_city, person_country, person_name, person_type) VALUES ( ?, ?, ?, ? )',
+ statement => 'INSERT INTO person ( `person_city`, `person_country`, `person_name`, `person_type`) VALUES ( ?, ?, ?, ? )',
bound_params => [ 'Dallas', 'US', 'John Doe', 100 ],
results => []
},

0 comments on commit c55a703

Please sign in to comment.