Escape ] characters in identifiers on Microsoft SQL Server

This also adds a spec for identifier escaping.
jeremyevans · Mar 22, 2013 · 725a241 · 725a241
1 parent e7ddfc4
commit 725a241
Show file tree

Hide file tree

Showing 3 changed files with 10 additions and 3 deletions.
diff --git a/CHANGELOG b/CHANGELOG
@@ -1,5 +1,7 @@
 === HEAD
 
+* Escape ] characters in identifiers on Microsoft SQL Server (jeremyevans)
+
 * Add security guide (jeremyevans)
 
 * Make validates_type handle false values correctly (jeremyevans) (#636)

diff --git a/lib/sequel/adapters/shared/mssql.rb b/lib/sequel/adapters/shared/mssql.rb
@@ -414,6 +414,7 @@ module DatasetMethods
       APOS_RE = Dataset::APOS_RE
       DOUBLE_APOS = Dataset::DOUBLE_APOS
       INTO = Dataset::INTO
+      DOUBLE_BRACKET_CLOSE = ']]'.freeze
       DATEPART_SECOND_OPEN = "CAST((datepart(".freeze
       DATEPART_SECOND_MIDDLE = ') + datepart(ns, '.freeze
       DATEPART_SECOND_CLOSE = ")/1000000000.0) AS double precision)".freeze
@@ -570,10 +571,9 @@ def output(into, values)
         clone({:output => output})
       end
 
-      # MSSQL uses [] to quote identifiers.  MSSQL does not support
-      # escaping of ], so you cannot use that character in an identifier.
+      # MSSQL uses [] to quote identifiers.
       def quoted_identifier_append(sql, name)
-        sql << BRACKET_OPEN << name.to_s << BRACKET_CLOSE
+        sql << BRACKET_OPEN << name.to_s.gsub(/\]/, DOUBLE_BRACKET_CLOSE) << BRACKET_CLOSE
       end
 
       # The version of the database server.

diff --git a/spec/integration/dataset_test.rb b/spec/integration/dataset_test.rb
@@ -361,6 +361,11 @@
     INTEGRATION_DB.get(Sequel.cast(Sequel.blob("\1\2\3"), File).as(:a)).should == "\1\2\3"
   end
 
+  cspecify "should properly escape identifiers", :db2 do
+    INTEGRATION_DB.create_table(:"\\'\"[]"){Integer :id}
+    INTEGRATION_DB.drop_table(:"\\'\"[]")
+  end
+
   specify "should have a working table_exists?" do
     t = :basdfdsafsaddsaf
     INTEGRATION_DB.drop_table?(t)