mysql queries: wrap field names in "`" to avoid conflict with reserved words

also do not add table name to field in select if it is already present
This commit is contained in:
Alice Gaudon 2020-09-04 15:07:31 +02:00
parent 4a9352e235
commit 19aafc76bf
2 changed files with 8 additions and 4 deletions

View File

@ -164,7 +164,8 @@ export default abstract class Model {
needs_full_update = true; needs_full_update = true;
} }
} }
const result = await query(`INSERT INTO ${this.table} (${properties.join(', ')}) VALUES(${props_holders.join(', ')})`, values, connection); const fieldNames = properties.map(f => `\`${f}\``).join(', ');
const result = await query(`INSERT INTO ${this.table} (${fieldNames}) VALUES(${props_holders.join(', ')})`, values, connection);
if (this.hasOwnProperty('id')) this.id = result.other.insertId; if (this.hasOwnProperty('id')) this.id = result.other.insertId;
this._cached_exists = true; this._cached_exists = true;

View File

@ -91,7 +91,9 @@ export default class ModelQuery<M extends Model> {
let query = ''; let query = '';
// Prevent wildcard and fields from conflicting // Prevent wildcard and fields from conflicting
if (this._leftJoin) this.fields = this.fields.map(f => this.table + '.' + f); if (this._leftJoin) {
this.fields = this.fields.map(f => f.toString().split('.').length === 1 ? `\`${this.table}\`.${f}` : f);
}
if (this._pivot) this.fields.push(...this._pivot); if (this._pivot) this.fields.push(...this._pivot);
@ -275,7 +277,8 @@ class FieldValue {
public toString(first: boolean = true): string { public toString(first: boolean = true): string {
const valueStr = this.raw || this.value === null || this.value instanceof ModelQuery ? this.value : const valueStr = this.raw || this.value === null || this.value instanceof ModelQuery ? this.value :
(Array.isArray(this.value) ? `(${'?'.repeat(this.value.length).split('').join(',')})` : '?'); (Array.isArray(this.value) ? `(${'?'.repeat(this.value.length).split('').join(',')})` : '?');
return `${!first ? ',' : ''}${this.field}${this.test}${valueStr}`; let field = this.field.split('.').map(p => `\`${p}\``).join('.');
return `${first ? '' : ','}${field}${this.test}${valueStr}`;
} }
protected get test(): string { protected get test(): string {
@ -292,7 +295,7 @@ class FieldValue {
class SelectFieldValue extends FieldValue { class SelectFieldValue extends FieldValue {
public toString(first: boolean = true): string { public toString(first: boolean = true): string {
return `(${this.value instanceof ModelQuery ? this.value : '?'}) AS ${this.field}`; return `(${this.value instanceof ModelQuery ? this.value : '?'}) AS \`${this.field}\``;
} }
} }