Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed incorrect handling of single quotes in SQL-Strings #842

Merged
merged 2 commits into from
Jan 10, 2016
Merged

Fixed incorrect handling of single quotes in SQL-Strings #842

merged 2 commits into from
Jan 10, 2016

Conversation

ancpru
Copy link

@ancpru ancpru commented Apr 26, 2015

escaped by repeated single-quote (DBAL-1205)

@doctrinebot
Copy link

Hello,

thank you for creating this pull request. I have automatically opened an issue
on our Jira Bug Tracker for you. See the issue link:

http://www.doctrine-project.org/jira/browse/DBAL-1210

We use Jira to track the state of pull requests and the versions they got
included in.

deeky666
deeky666 reviewed Apr 30, 2015
View reviewed changes
tests/Doctrine/Tests/DBAL/SQLParserUtilsTest.php
OR bar=:a_param2||':not_a_param3'
OR bar=':not_a_param4 '':not_a_param5'' :not_a_param6'
OR bar=''
OR bar=':a_param3
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks wrong. OR bar='' is correct and comparing to an empty string so the subsequent OR bar=':a_param3 is invalid SQL

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yep, you are right. In fact it should not have found this parameter, but I guess the regex considered it as outside quotes because it did not end with a quote. But I am happy enough if it does not find parameters in a "correct" string.

@doctrinebot doctrinebot mentioned this pull request Dec 6, 2015
Closed
@deeky666
Copy link
Member

The original issue is #1151

@deeky666 deeky666 added this to the 2.5.5 milestone Jan 10, 2016
@deeky666 deeky666 self-assigned this Jan 10, 2016
deeky666 added a commit that referenced this pull request Jan 10, 2016
@deeky666
Merge pull request #842 from helicon-os/DBAL-1205
a2701b5 
Fixed incorrect handling of single quotes in SQL-Strings
@deeky666 deeky666 merged commit a2701b5 into doctrine:master Jan 10, 2016
@deeky666
Copy link
Member

@ancpru thanks!

@deeky666
Copy link
Member

Backported to 2.5 branch via 8330aa4, 1a25112

@deeky666 deeky666 mentioned this pull request Jan 10, 2016
Closed
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 21, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees

@deeky666 deeky666

Labels
Bug Prepared Statements SQL Parser
Projects
None yet
Milestone
2.5.5
Development

Successfully merging this pull request may close these issues.
3 participants
@ancpru @doctrinebot @deeky666