Skip to content

Commit

Permalink
More tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@luan-cestari
luan-cestari committed Feb 4, 2015
1 parent cf37e42 commit 78c93a2
Show file tree
Hide file tree
Showing 2 changed files with 92 additions and 10 deletions.
45 changes: 37 additions & 8 deletions .../src/main/java/com/redhat/lightblue/metadata/rdbms/converter/NamedParameterStatement.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -33,6 +33,7 @@
*/
public class NamedParameterStatement {
private static final Logger LOGGER = LoggerFactory.getLogger(NamedParameterStatement.class);
public static final char EMPTY = ' ';

private final PreparedStatement statement;
private Map<String, int[]> variablesMap;
Expand All @@ -44,25 +45,53 @@ public NamedParameterStatement(Connection connection, String query) throws SQLEx
}

private int findColon(int start, StringBuffer query) {
boolean inQuotes = false;
char quotationStart = EMPTY;
boolean inSingleQuotes = false;
boolean inDoubleQuotes = false;
for (int i = start; i < query.length(); i++) {
char c = query.charAt(i);
/*

//for escaped (checking if it necessary)
char before = ' ';
char before = EMPTY;
if(i != 0){
before = query.charAt(i-1);
}
// quote or double quote should be ignored
if ((c == '"' || c == '\'') && before != '\\') {
*/
if(c=='\''){
if(inSingleQuotes){
inSingleQuotes = false;
if(quotationStart == '\''){
quotationStart = EMPTY;
inDoubleQuotes = false;//
}
}else{
inSingleQuotes = true;
if(quotationStart == EMPTY){
quotationStart = c;
}
}

} else if(c == '"'){
if(inDoubleQuotes){
inDoubleQuotes = false;
if(quotationStart == '"'){
quotationStart = EMPTY;
inSingleQuotes = false;
}
}else{
inDoubleQuotes = true;
if(quotationStart == EMPTY){
quotationStart = c;
}
}
}

// quote or double quote should be ignored
if (c == '"' || c == '\'') {
inQuotes = !inQuotes;
}
if (inQuotes) {
if ((quotationStart == '\'' && inSingleQuotes) || (quotationStart == '"' && inDoubleQuotes)) {
continue;
}

// get parameter
if (c == ':' && (query.charAt(i + 1) != '=')) {
return i;
Expand Down
57 changes: 55 additions & 2 deletions ...com/redhat/lightblue/metadata/rdbms/converter/NamedParameterStatementRegressionTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,10 +30,63 @@ public void testSQLGeneration() throws Exception {
connection = new MyConnection();
connection.myPreparedStatement = new MyPreparedStatement();
nps = new SQLConverter(connection,"select * from my_table where name = function(x, \"'S\", \"S\") and y = :parameter;");
assertEquals(" ",nps.processedQuery);
assertFalse(nps.processedQuery.contains(":parameter"));
}
//
{
connection = new MyConnection();
connection.myPreparedStatement = new MyPreparedStatement();
nps = new SQLConverter(connection,"select * from my_table where name = function(x, \"'S\", \"S\") and surname = function(y, '\"X\"', \"X\") and y = :parameter;");
assertEquals("select * from my_table where name = function(x, \"'S\", \"S\") and surname = function(y, '\"X\"', \"X\") and y = ?;",nps.processedQuery);
assertFalse(nps.processedQuery.contains(":parameter"));
}
{
connection = new MyConnection();
connection.myPreparedStatement = new MyPreparedStatement();
nps = new SQLConverter(connection,"insert into my_table values (\"the test's working.\", :parameter);");
assertEquals("insert into my_table values (\"the test's working.\", ?);",nps.processedQuery);
assertFalse(nps.processedQuery.contains(":parameter"));
}
{
connection = new MyConnection();
connection.myPreparedStatement = new MyPreparedStatement();
nps = new SQLConverter(connection,"insert into my_table values ('hi, my name'+chr(39)+'s tim.', :parameter);");
assertEquals("insert into my_table values ('hi, my name'+chr(39)+'s tim.', ?);",nps.processedQuery);
assertFalse(nps.processedQuery.contains(":parameter"));
}
{
connection = new MyConnection();
connection.myPreparedStatement = new MyPreparedStatement();
nps = new SQLConverter(connection,"SELECT * FROM TableName WHERE x = :parameter and FieldName = replace(\"ProNumber\", \"'\", \"''\") and y = :parameter ");
assertEquals("SELECT * FROM TableName WHERE x = ? and FieldName = replace(\"ProNumber\", \"'\", \"''\") and y = ? ", nps.processedQuery);
assertFalse(nps.processedQuery.contains(":parameter"));
}

// : or ' is used as an escape in LIKE
{
connection = new MyConnection();
connection.myPreparedStatement = new MyPreparedStatement();
nps = new SQLConverter(connection,"select * from my_table where field like '%''something''%' and other = :parameter");
assertEquals("select * from my_table where field like '%''something''%' and other = ?", nps.processedQuery);
assertFalse(nps.processedQuery.contains(":parameter"));
}
{
connection = new MyConnection();
connection.myPreparedStatement = new MyPreparedStatement();
nps = new SQLConverter(connection,"select * from my_table where field like '%:otherthing%' and other = :parameter");
assertEquals("select * from my_table where field like '%:otherthing%' and other = ?", nps.processedQuery);
assertFalse(nps.processedQuery.contains(":parameter"));
}

//check if parser assumes anything that starts with : is a variable
{
connection = new MyConnection();
connection.myPreparedStatement = new MyPreparedStatement();
nps = new SQLConverter(connection,"select \"address:city\" from \"places\"");
assertEquals("select \"address:city\" from \"places\"", nps.processedQuery);
assertFalse(nps.processedQuery.contains(":parameter"));
}


}

static class SQLConverter extends NamedParameterStatement{
Expand Down

0 comments on commit 78c93a2

Please sign in to comment.