Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NpgSqlCommand does not substitute parameters when there is a string with escaped apostrophe #240

Closed
alenkacz opened this issue May 12, 2014 · 4 comments
Closed

NpgSqlCommand does not substitute parameters when there is a string with escaped apostrophe #240

alenkacz opened this issue May 12, 2014 · 4 comments
Assignees
@glenebob
Labels
bug
Milestone
2.2.0

Comments

@alenkacz
Copy link

When NpgSqlCommand is created with a string that contains escaped apostrophe, the parameters in the query after this string are not substitued even though the valid values are provided. Such parameters placed before the string with apostrophe are substitued correctly.

Following example creates a SQL "INSERT INTO TestTable (StringColumn, ByteaColumn) VALUES ('b''la', @someValue)" - the SomeValue is not substitued for the provided parameter value. If the @someValue would be placed before the 'b''la' string, everything would work.

using (var cmd = DbConnection.CreateCommand())
            {
                cmd.CommandText = "INSERT INTO TestTable (StringColumn, ByteaColumn) VALUES ('b''la', @SomeValue)";
                cmd.Parameters.AddWithValue("SomeValue", new byte[] { 1, });
                cmd.ExecuteNonQuery();
            }
@augi
Copy link

augi commented May 12, 2014

I think it could be problem in NpgsqlCommand.AppendCommandReplacingParameterValues method.

@franciscojunior franciscojunior mentioned this issue Aug 1, 2014
Closed
@glenebob glenebob mentioned this issue Aug 2, 2014
Merged
@glenebob
Copy link
Contributor

glenebob commented Aug 2, 2014

Check out PR #307 ;)

@glenebob glenebob added this to the 2.2 milestone Aug 3, 2014
@glenebob glenebob added the bug label Aug 3, 2014
@glenebob glenebob self-assigned this Aug 3, 2014
glenebob added a commit that referenced this issue Aug 4, 2014
@glenebob
Merge pull request #307 from glenebob/bug_296
4463125 
Fix bugs #240 and  #296, parameter substituion troubles
@glenebob
Copy link
Contributor

glenebob commented Aug 4, 2014

PR #307 merged. Please have a look.

glenebob added a commit that referenced this issue Aug 4, 2014
@glenebob @franciscojunior
Simplfied repro unit test bugs #240 and #296
2459774 
This is about as simple as I can make it.

(cherry picked from commit 0d13218)

Backport #307 from master
glenebob added a commit that referenced this issue Aug 4, 2014
@glenebob @franciscojunior
Fix for bugs #240 and #296
caa9d3e 
Properly handle escaped single quote character ('') in a quoted section during query parameter substitution.

(cherry picked from commit 253b6f9)

Backport #307 from master
@franciscojunior
Copy link
Member

This is fixed in Npgsql 2.2.0-rc1. Please, give it a try and let us know if you find any other problem.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@glenebob glenebob

Labels
bug
Projects
None yet
Milestone
2.2.0
Development

No branches or pull requests
4 participants
@alenkacz @augi @franciscojunior @glenebob