| Subject: | Broken support for placeholders in double quotes |
q[SELECT "foo?bar", ?] goes wrong. If you hand it "QUUX", the query used
is q[SELECT "foo'QUUX'bar", ], which results in a syntax error.
This is because double quote support in CountParam (added in 1999), but not
in ParseParam, where the actual expansion takes place.
Double quotes as string delimiters is mysql-spcific, and not part of the
SQL standard.
Here's the patch to fix it:
--- dbdimp.c.orig 2002-09-18 19:22:23.000000000 +0200
+++ dbdimp.c 2002-09-18 19:41:56.000000000 +0200
@@ -177,25 +177,29 @@
j = 0;
while (j < slen) {
switch(statement[j]) {
+ case '"':
case '\'':
/*
* Skip string
*/
- *ptr++ = statement[j++];
- while (j < slen && statement[j] != '\'') {
- if (statement[j] == '\\') {
- *ptr++ = statement[j++];
- if (j < slen) {
- *ptr++ = statement[j++];
- }
- } else {
- *ptr++ = statement[j++];
- }
- }
- if (j < slen) {
- *ptr++ = statement[j++];
+ {
+ char end_token = statement[j];
+ *ptr++ = statement[j++];
+ while (j < slen && statement[j] != end_token) {
+ if (statement[j] == '\\') {
+ *ptr++ = statement[j++];
+ if (j < slen) {
+ *ptr++ = statement[j++];
+ }
+ } else {
+ *ptr++ = statement[j++];
+ }
+ }
+ if (j < slen) {
+ *ptr++ = statement[j++];
+ }
+ break;
}
- break;
case '?':
/*
* Insert parameter
//////////////////////////////////////////////////////
First reported in September 2002, by e-mail. JWIED confirmed receiving my message. I wonder if this patch will ever be applied...