From de837a10b5d2c7c213cd089b95cec519f0359c5e Mon Sep 17 00:00:00 2001 From: SeregPie Date: Thu, 31 Aug 2017 20:40:52 +0200 Subject: [PATCH 1/3] introducing a possibility to ignore values in escape and escapeId --- lib/SqlString.js | 18 +++++++++++++++++- test/unit/test-SqlString.js | 8 ++++++++ 2 files changed, 25 insertions(+), 1 deletion(-) diff --git a/lib/SqlString.js b/lib/SqlString.js index 53e08b3..3fe477f 100644 --- a/lib/SqlString.js +++ b/lib/SqlString.js @@ -23,6 +23,10 @@ SqlString.escapeId = function escapeId(val, forbidQualified) { return sql; } + if (val instanceof Escaped) { + return String(val); + } + if (forbidQualified) { return '`' + String(val).replace(/`/g, '``') + '`'; } @@ -39,7 +43,9 @@ SqlString.escape = function escape(val, stringifyObjects, timeZone) { case 'boolean': return (val) ? 'true' : 'false'; case 'number': return val + ''; case 'object': - if (val instanceof Date) { + if (val instanceof Escaped) { + return String(val); + } else if (val instanceof Date) { return SqlString.dateToString(val, timeZone || 'local'); } else if (Array.isArray(val)) { return SqlString.arrayToList(val, timeZone); @@ -54,6 +60,10 @@ SqlString.escape = function escape(val, stringifyObjects, timeZone) { } }; +SqlString.escaped = function escaped(val) { + return new Escaped(val); +}; + SqlString.arrayToList = function arrayToList(array, timeZone) { var sql = ''; @@ -216,3 +226,9 @@ function convertTimezone(tz) { } return false; } + +function Escaped(val) { + this.toString = function toString() { + return String(val); + }; +} diff --git a/test/unit/test-SqlString.js b/test/unit/test-SqlString.js index fe41b9b..3370fae 100644 --- a/test/unit/test-SqlString.js +++ b/test/unit/test-SqlString.js @@ -33,6 +33,10 @@ test('SqlString.escapeId', { 'nested arrays are flattened': function() { assert.equal(SqlString.escapeId(['a', ['b', ['t.c']]]), "`a`, `b`, `t`.`c`"); + }, + + 'instances of Escaped are not quoted': function() { + assert.equal(SqlString.escapeId(SqlString.escaped('@a := 42')), "@a := 42"); } }); @@ -82,6 +86,10 @@ test('SqlString.escape', { assert.equal(SqlString.escape('Super'), "'Super'"); }, + 'instances of Escaped get not escaped': function() { + assert.equal(SqlString.escape({a: SqlString.escaped('@a')}), "`a` = @a"); + }, + '\0 gets escaped': function() { assert.equal(SqlString.escape('Sup\0er'), "'Sup\\0er'"); assert.equal(SqlString.escape('Super\0'), "'Super\\0'"); From d01c3236ecdebaaaa372db0e9f864655158e4483 Mon Sep 17 00:00:00 2001 From: SeregPie Date: Fri, 8 Sep 2017 19:37:59 +0200 Subject: [PATCH 2/3] newline --- test/unit/test-SqlString.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/unit/test-SqlString.js b/test/unit/test-SqlString.js index bb7c2a4..1d4bd67 100644 --- a/test/unit/test-SqlString.js +++ b/test/unit/test-SqlString.js @@ -306,4 +306,4 @@ test('SqlString.format', { var sql = SqlString.format('SELECT COUNT(*) FROM table', ['a', 'b']); assert.equal(sql, 'SELECT COUNT(*) FROM table'); } -}); \ No newline at end of file +}); From 213cd6b37acc3e5245f4a948e4abe1ecf9042acf Mon Sep 17 00:00:00 2001 From: Sergej Sintschilin Date: Fri, 8 Sep 2017 20:40:22 +0200 Subject: [PATCH 3/3] Update test-SqlString.js --- test/unit/test-SqlString.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/unit/test-SqlString.js b/test/unit/test-SqlString.js index 1d4bd67..746921b 100644 --- a/test/unit/test-SqlString.js +++ b/test/unit/test-SqlString.js @@ -48,7 +48,7 @@ test('SqlString.escapeId', { }, 'instances of Escaped are not quoted': function() { - assert.equal(SqlString.escapeId(SqlString.escaped('@a := 42')), "@a := 42"); + assert.equal(SqlString.escapeId(SqlString.escaped('@a := 42')), '@a := 42'); } }); @@ -123,7 +123,7 @@ test('SqlString.escape', { }, 'instances of Escaped get not escaped': function() { - assert.equal(SqlString.escape({a: SqlString.escaped('@a')}), "`a` = @a"); + assert.equal(SqlString.escape({a: SqlString.escaped('@a')}), '`a` = @a'); }, '\0 gets escaped': function() {