Subject: | Possible bug in Dancer::Plugin::Database::Handler _quick_query |
Date: | Fri, 11 Feb 2011 20:17:43 +0100 |
To: | bug-Dancer-Plugin-Database [...] rt.cpan.org |
From: | Michael Stiller <ms [...] 2scale.net> |
Hi there,
i guess i may have found a bug in Dancer::Plugin::Database, or rather in
Dancer::Plugin::Database::Handle.
I run Dancer::Plugin::Database::Handle VERSION 0.02 on OS X 10.6.6 utilizing
mysql 5.1.54 using the following config:
plugins:
Database:
driver: 'mysql'
database: 'tcsuite'
host: 'localhost'
username: 'tcuser'
password: ********
connection_check_threshold: 10
dbi_params:
RaiseError: 1
AutoCommit: 1
on_connect_do: ["SET NAMES 'utf8'", "SET CHARACTER SET 'utf8'" ]
The error in question is:
DBD::mysql::db do failed: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''email','password','first','last','username') VALUES ('ms@2scale.net','whatever'' at line 1 at /Users/ms/perl5/lib/perl5/Dancer/Plugin/Database/Handle.pm line 150.
/Users/ms/perl5/lib/perl5/Dancer/Plugin/Database/Handle.pm around line 150
147 Dancer::Logger::debug(
148 "Executing query $sql with params " . join ',', @bind_params
149 );
150 return $self->do($sql, undef, @bind_params);
151 }
152
153
The problem may be fixed by the following patch:
--- Handle.pm 2011-02-11 20:13:48.000000000 +0100
+++ Handle.pm.patched 2011-02-11 20:13:32.000000000 +0100
@@ -128,7 +128,7 @@
}->{$type};
if ($type eq 'INSERT') {
$sql .= "("
- . join(',', map { $self->quote($_) } keys %$data)
+ . join(',', map { $self->quote_identifier($_) } keys %$data)
. ") VALUES ("
. join(',', map { "?" } values %$data)
. ")";
Cheers,
Michael
--
2scale GmbH, Karlstr. 88, 40210 Düsseldorf
Amtsgericht: Düsseldorf HRB 50718
Geschäftsführer: Georg von Zezschwitz, Dirk Vleugels
USt-IdNr.: DE 210936505