Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Weird escaping of WHERE clause values #3

Open
displaced opened this issue Feb 20, 2014 · 4 comments
Open

Weird escaping of WHERE clause values #3

displaced opened this issue Feb 20, 2014 · 4 comments
Assignees
@displaced

Comments

@displaced
Copy link
Owner

Fetching model instances with a where parameter escapes values strangely.

For example, if you have '... where: { username: 'foo.bar'}' generates SQL of WHERE "username" = 'foo'.'bar'

Looks like the logic to escape schema.tablename is erroneously being applied to values.
@displaced displaced self-assigned this Feb 20, 2014
@displaced
Copy link
Owner Author

mssql's selectQuery function is calling:

var sql = AbstractQueryGenerator.selectQuery.call(
        this, tableName, Utils._.omit(options, 'limit', 'offset'), factory
      )

have verified that the SQL returned from there is bad, so the problem's in AbstractQueryGenerator!

@displaced
Copy link
Owner Author

Problem is in AbstractQueryGenerator's hashToWhereConditions

@displaced
Copy link
Owner Author

nope - mssql's query-generator overrides AbstractQueryGenerator's hashToWhereConditions.

so that's better - the problem's in the mssql implementation still

@displaced
Copy link
Owner Author

Edited processAndEscapeValue in mssql's query-generator - now uses only SqlString.escape to escape values, rather than using both that and QueryGenerator.addQuotes

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@displaced displaced

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@displaced