-
Notifications
You must be signed in to change notification settings - Fork 268
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
createTableSql() not quoting reserved keyword fieldnames #685
Comments
I think PR #209 handles it, so needs review @mnewnham Only datadict/datadict-firebird.inc.php overwrites nameQuote() to always always quoting of table names, field names, indexnames. So after adding always quote this overwrite in datadict/datadict-firebird.inc.php can be removed to reduce duplicate code. |
I'm guessing that when you say everywhere, that is in the context of data dictionary. My opinion on this is:
$this->nameQuoteCharacters = array("`","`") or $this->nameQuoteCharcters = array("[","]"); |
Yes, and do not mix meaning of ( ) (for partial indexes) and [ ] (mssql/t-sql) There exist some settings yet:
|
Another thing is that replace() with ADOdb 5.21.0 adds quoting of table names. Our thin db wrapper around ADOdb made this before so without change replace() quotes the tablename a second time. My workaround is to send unquoted tablename now: I saw that nameQuote() has some detection if a tablename string parameter has '`' quoting yet. Maybe replace() should take care of yet quoted tablenames for backward compatibility? |
Any news? Quick fix for datadicts function nameQuote() commenting out the the // we must always quote as there could be reserved words used too as field name
#if (!preg_match('/^[' . $regex . ']+$/', $name)) {
return $quote . $name . $quote;
#} |
And please label the issue as bug. |
The function accepts parameter $flds as string or array (contrary to what is written on https://adodb.org/dokuwiki/doku.php?id=v5:dictionary:createtablesql)
adodb-xmlschema03.inc.php calls it:
$sql[] = $xmls->dict->createTableSQL( $this->name, $fldarray, $this->opts );
passing the array of fields.
Maybe need to be solved by function nameQuote().
It only quotes the names if there are special chars or brackets are used. But probably should quote also reserved keywords.
The default could use standard sql
( https://www.postgresql.org/docs/current/sql-keywords-appendix.html ) and adjust
the list by overwriting by drivers datadict/datadict-$driver.php
Or we just quote every fieldname except the fieldnames that have yet some kind of quoting ( ` , brackets)
Example with postgresql
The text was updated successfully, but these errors were encountered: