Skip Menu |

This queue is for tickets about the DBD-Pg CPAN distribution.

Report information
The Basics
Id: 93636
Status: rejected
Priority: 0/
Queue: DBD-Pg

People
Owner: greg [...] turnstep.com
Requestors: dbdpg [...] galatali.com
Cc:
AdminCc:

Bug Information
Severity: (no value)
Broken in:
  • 2.99.9_2
  • 3.0.0
Fixed in: (no value)



Subject: Dollar Quoting is being triggered in the middle of a identifier
An identifier containing a pair of dollar signs triggers the dollar quote handling in pg_st_split_statement, which can consume the rest of the SQL statement and trigger a secondary error of no placeholders being found. Example: $dbh->do('SELECT tablename AS alt$identifier$test FROM pg_tables WHERE tablename = ?', { }, ''); Error: DBD::Pg::db do failed: called with 1 bind variables when 0 are needed at dbq.pl line 5. Tugrul Galatali
Ugh, why would you ever want to create a name like that? :) We will look into this.
Off the top of my head, I can't see us adding a whole lot more parsing brains into DBD::Pg when there is an easy workaround - putting the name in double quotes: $dbh->do(q{SELECT tablename AS "alt$identifier$test" FROM pg_tables WHERE tablename = ?}, { }, 'foobar');
Fair enough. However it would be nice if there was a more appropriate error. I didn't even know about dollar quoting until I went digging into the DBD::Pg code. Maybe a warning if the closing dollar quote isn't found? Also a note in the documentation.
Show quoted text
> Maybe a warning if the closing dollar quote isn't found? Also a note > in the documentation.
No, because it could still be a valid query if the closing dollar isn't found. The idea is to pass things off to the Postgres parser and let them throw the error. It's unfortunate that happens on first execute and not prepare, but I don't see a clean way around that.
Stalling for now
Statements that might contain unusual identifiers should be constructed using the quote_identifier method. I think this issue could be closed now.
Closing this.