[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[nongnu] elpa/emacsql bd6e02db55 104/427: Be much more strict with ident
From: |
ELPA Syncer |
Subject: |
[nongnu] elpa/emacsql bd6e02db55 104/427: Be much more strict with identifiers. |
Date: |
Tue, 13 Dec 2022 02:59:32 -0500 (EST) |
branch: elpa/emacsql
commit bd6e02db55a9b2ca8c4065437df137964ebdd5df
Author: Christopher Wellons <wellons@nullprogram.com>
Commit: Christopher Wellons <wellons@nullprogram.com>
Be much more strict with identifiers.
The form table:column now convers to table.column.
---
emacsql-tests.el | 11 ++++++-----
emacsql.el | 28 ++++++++++++++++------------
2 files changed, 22 insertions(+), 17 deletions(-)
diff --git a/emacsql-tests.el b/emacsql-tests.el
index cec191f6a9..19299426a7 100644
--- a/emacsql-tests.el
+++ b/emacsql-tests.el
@@ -8,11 +8,12 @@
(ert-deftest emacsql-escape-identifier ()
(should (string= (emacsql-escape-identifier "foo") "foo"))
(should (string= (emacsql-escape-identifier 'foo) "foo"))
- (should (string= (emacsql-escape-identifier :foo) "':foo'"))
- (should (string= (emacsql-escape-identifier "a b") "'a b'"))
- (should (string= (emacsql-escape-identifier '$foo) "'$foo'"))
- (should (string= (emacsql-escape-identifier "foo$") "foo$"))
- (should (string= (emacsql-escape-identifier "they're") "'they''re'")))
+ (should (string= (emacsql-escape-identifier :foo) "foo"))
+ (should-error (emacsql-escape-identifier "a b"))
+ (should-error (emacsql-escape-identifier '$foo))
+ (should-error (emacsql-escape-identifier 10))
+ (should (string= (emacsql-escape-identifier 'foo$) "foo$"))
+ (should (string= (emacsql-escape-identifier "foo:bar") "foo.bar")))
(ert-deftest emacsql-escape-value ()
(should (string= (emacsql-escape-value 'foo) "'foo'"))
diff --git a/emacsql.el b/emacsql.el
index 6f7596648b..43fb473aba 100644
--- a/emacsql.el
+++ b/emacsql.el
@@ -211,18 +211,22 @@ CONN-SPEC is a connection specification like the call to
collect row into rows and do (setf row ())
finally (cl-return rows)))))
-(defun emacsql-escape-identifier (identifier &optional force)
+(defun emacsql-quote (string)
+ "Quote STRING for use in a SQL expression."
+ (format "'%s'" (replace-regexp-in-string "'" "''" string)))
+
+(defun emacsql-escape-identifier (identifier)
"Escape an identifier, always with quotes when FORCE is non-nil."
- (let ((string (if (stringp identifier)
- identifier
- (format "%S" identifier)))
- (forbidden "[]-\000-\040!\"#%&'()*+,./:;<=>?@[\\^`{|}~\177]"))
- (when (string-match-p "\n" string)
- (error "Newlines not permitted in identifiers by emacsql."))
- (if (or force
- (string-match-p forbidden string)
- (string-match-p "^[0-9$]" string))
- (format "'%s'" (replace-regexp-in-string "'" "''" string))
+ (let ((string (cl-typecase identifier
+ (string identifier)
+ (keyword (substring (symbol-name identifier) 1))
+ (otherwise (format "%S" identifier))))
+ (forbidden "[]-\000-\040!\"#%&'()*+,./;<=>?@[\\^`{|}~\177]"))
+ (when (or (string-match-p forbidden string)
+ (string-match-p "^[0-9$]" string))
+ (error "Invalid Emacsql identifier."))
+ (if (string-match-p ":" string)
+ (replace-regexp-in-string ":" "." string)
string)))
(defun emacsql--check-error (conn)
@@ -278,7 +282,7 @@ CONN-SPEC is a connection specification like the call to
(let ((print-escape-newlines t))
(cond ((null value) "NULL")
((numberp value) (prin1-to-string value))
- ((emacsql-escape-identifier (prin1-to-string value) t)))))
+ ((emacsql-quote (prin1-to-string value))))))
(defun emacsql-escape-vector (vector)
"Encode VECTOR into a SQL vector scalar."
- [nongnu] elpa/emacsql 847f3bd87f 078/427: Add new keywords to listing., (continued)
- [nongnu] elpa/emacsql 847f3bd87f 078/427: Add new keywords to listing., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql a9b9d6bfc8 083/427: Fix typo in README., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql 29f65b3b8e 093/427: Update Windows statement in the README., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql b447994514 033/427: Change table type recommendation., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql 4fa57ba758 051/427: Fully drop named parsing., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql 7c572d688d 052/427: Fix % operator situation., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql 84499878d0 081/427: Add :union, :union-all, :difference, and :except., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql a1ce9f16f2 097/427: Add emacsql-with-connection back in., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql 7cfed08ab8 099/427: Add docstring to emacsql--log., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql da9797e948 098/427: Add a system-level test., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql bd6e02db55 104/427: Be much more strict with identifiers.,
ELPA Syncer <=
- [nongnu] elpa/emacsql 682c1816fb 111/427: Add optional font-locking., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql 3eb06cdd73 114/427: Add GROUP BY expander., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql e08094c78f 058/427: More precise parsing., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql b9599f1f41 066/427: Spelling error., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql f410b5d663 068/427: Fix spelling error., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql b3110c9fa9 018/427: Rename .sqlite to .db., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql 031ec59f18 048/427: Add combine function to with-vars macro., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql f9820deed7 056/427: Add unary operators., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql f9c562b0a4 069/427: Add SQLite link., ELPA Syncer, 2022/12/13
- [nongnu] elpa/emacsql 43ecb5a252 071/427: Tweak README names., ELPA Syncer, 2022/12/13