PandacubeFr/PandaLib
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

escaping column names in ORM

Browse Source
This commit is contained in:
Marc Baloup 2019-07-18 17:37:27 +02:00
parent e9188b8c1a
commit 4773999dd6
5 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/fr/pandacube/java/util/orm/SQLOrderBy.java
View File

@ -41,7 +41,7 @@ public class SQLOrderBy {
for (OBField f : orderByFields) { for (OBField f : orderByFields) {
if (!first) ret += ", "; if (!first) ret += ", ";
first = false; first = false;
ret += f.field.getName() + " " + f.direction.name(); ret += "`" + f.field.getName() + "` " + f.direction.name();
} }
return ret; return ret;
} }

3
src/main/java/fr/pandacube/java/util/orm/SQLWhereChain.java
View File

@ -41,7 +41,8 @@ public class SQLWhereChain extends SQLWhere {
public enum SQLBoolOp { public enum SQLBoolOp {
/** Equivalent to SQL "<code>AND</code>" */ /** Equivalent to SQL "<code>AND</code>" */
AND("AND"), /** Equivalent to SQL "<code>OR</code>" */ AND("AND"),
/** Equivalent to SQL "<code>OR</code>" */
OR("OR"); OR("OR");
public final String sql; public final String sql;

2
src/main/java/fr/pandacube/java/util/orm/SQLWhereComp.java
View File

@ -30,7 +30,7 @@ public class SQLWhereComp extends SQLWhere {
public Pair<String, List<Object>> toSQL() throws ORMException { public Pair<String, List<Object>> toSQL() throws ORMException {
List<Object> params = new ArrayList<>(); List<Object> params = new ArrayList<>();
SQLElement.addValueToSQLObjectList(params, left, right); SQLElement.addValueToSQLObjectList(params, left, right);
return new Pair<>(left.getName() + " " + comp.sql + " ? ", params); return new Pair<>("`" + left.getName() + "` " + comp.sql + " ? ", params);
} }
public enum SQLComparator { public enum SQLComparator {

2
src/main/java/fr/pandacube/java/util/orm/SQLWhereLike.java
View File

@ -27,7 +27,7 @@ public class SQLWhereLike extends SQLWhere {
public Pair<String, List<Object>> toSQL() { public Pair<String, List<Object>> toSQL() {
ArrayList<Object> params = new ArrayList<>(); ArrayList<Object> params = new ArrayList<>();
params.add(likeExpr); params.add(likeExpr);
return new Pair<>(field.getName() + " LIKE ? ", params); return new Pair<>("`" + field.getName() + "` LIKE ? ", params);
} }
} }

2
src/main/java/fr/pandacube/java/util/orm/SQLWhereNull.java
View File

@ -30,7 +30,7 @@ public class SQLWhereNull extends SQLWhere {
@Override @Override
public Pair<String, List<Object>> toSQL() { public Pair<String, List<Object>> toSQL() {
return new Pair<>(fild.getName() + ((nulll) ? " IS NULL" : " IS NOT NULL"), new ArrayList<>()); return new Pair<>("`" + fild.getName() + "` IS " + ((nulll) ? "NULL" : "NOT NULL"), new ArrayList<>());
} }
} }