From a4e473eb65b6a60d5b37792d0b9260ff10a469df Mon Sep 17 00:00:00 2001 From: 1ilit <1ilit@proton.me> Date: Sun, 18 May 2025 18:13:45 +0400 Subject: [PATCH] Escape quotes --- src/utils/exportSQL/generic.js | 16 ++++++++-------- src/utils/exportSQL/mariadb.js | 6 +++--- src/utils/exportSQL/mysql.js | 6 +++--- src/utils/exportSQL/postgres.js | 8 ++++---- src/utils/exportSQL/shared.js | 9 ++++++--- 5 files changed, 24 insertions(+), 21 deletions(-) diff --git a/src/utils/exportSQL/generic.js b/src/utils/exportSQL/generic.js index 102c11a..b86d99f 100644 --- a/src/utils/exportSQL/generic.js +++ b/src/utils/exportSQL/generic.js @@ -1,6 +1,6 @@ import { DB } from "../../data/constants"; import { dbToTypes, defaultTypes } from "../../data/datatypes"; -import { getInlineFK, parseDefault } from "./shared"; +import { escapeQuotes, getInlineFK, parseDefault } from "./shared"; export function getJsonType(f) { if (!Object.keys(defaultTypes).includes(f.type)) { @@ -205,7 +205,7 @@ export function jsonToMySQL(obj) { )}", \`${field.name}\`))` : "" : ` CHECK(${field.check})` - }${field.comment ? ` COMMENT '${field.comment}'` : ""}`, + }${field.comment ? ` COMMENT '${escapeQuotes(field.comment)}'` : ""}`, ) .join(",\n")}${ table.fields.filter((f) => f.primary).length > 0 @@ -214,7 +214,7 @@ export function jsonToMySQL(obj) { .map((f) => `\`${f.name}\``) .join(", ")})` : "" - }\n)${table.comment ? ` COMMENT='${table.comment}'` : ""};\n${`\n${table.indices + }\n)${table.comment ? ` COMMENT='${escapeQuotes(table.comment)}'` : ""};\n${`\n${table.indices .map( (i) => `CREATE ${i.unique ? "UNIQUE " : ""}INDEX \`${i.name}\`\nON \`${table.name}\` (${i.fields @@ -270,7 +270,7 @@ export function jsonToPostgreSQL(obj) { ) .join(",\n")}\n);\n${ type.comment && type.comment.trim() != "" - ? `\nCOMMENT ON TYPE ${type.name} IS '${type.comment}';\n` + ? `\nCOMMENT ON TYPE ${type.name} IS '${escapeQuotes(type.comment)}';\n` : "" }`; } @@ -313,10 +313,10 @@ export function jsonToPostgreSQL(obj) { .map((f) => `"${f.name}"`) .join(", ")})` : "" - }\n);\n${table.comment != "" ? `\nCOMMENT ON TABLE ${table.name} IS '${table.comment}';\n` : ""}${table.fields + }\n);\n${table.comment != "" ? `\nCOMMENT ON TABLE ${table.name} IS '${escapeQuotes(table.comment)}';\n` : ""}${table.fields .map((field) => field.comment.trim() !== "" - ? `COMMENT ON COLUMN ${table.name}.${field.name} IS '${field.comment}';\n` + ? `COMMENT ON COLUMN ${table.name}.${field.name} IS '${escapeQuotes(field.comment)}';\n` : "", ) .join("")}\n${table.indices @@ -448,7 +448,7 @@ export function jsonToMariaDB(obj) { )}', \`${field.name}\`))` : "" : ` CHECK(${field.check})` - }${field.comment ? ` COMMENT '${field.comment}'` : ""}`, + }${field.comment ? ` COMMENT '${escapeQuotes(field.comment)}'` : ""}`, ) .join(",\n")}${ table.fields.filter((f) => f.primary).length > 0 @@ -457,7 +457,7 @@ export function jsonToMariaDB(obj) { .map((f) => `\`${f.name}\``) .join(", ")})` : "" - }\n)${table.comment ? ` COMMENT='${table.comment}'` : ""};${`\n${table.indices + }\n)${table.comment ? ` COMMENT='${escapeQuotes(table.comment)}'` : ""};${`\n${table.indices .map( (i) => `CREATE ${i.unique ? "UNIQUE " : ""}INDEX \`${ diff --git a/src/utils/exportSQL/mariadb.js b/src/utils/exportSQL/mariadb.js index d8e0cc4..8bab3bc 100644 --- a/src/utils/exportSQL/mariadb.js +++ b/src/utils/exportSQL/mariadb.js @@ -1,4 +1,4 @@ -import { parseDefault } from "./shared"; +import { escapeQuotes, parseDefault } from "./shared"; import { dbToTypes } from "../../data/datatypes"; import { DB } from "../../data/constants"; @@ -35,7 +35,7 @@ export function toMariaDB(diagram) { !dbToTypes[diagram.database][field.type].hasCheck ? "" : ` CHECK(${field.check})` - }${field.comment ? ` COMMENT '${field.comment}'` : ""}`, + }${field.comment ? ` COMMENT '${escapeQuotes(field.comment)}'` : ""}`, ) .join(",\n")}${ table.fields.filter((f) => f.primary).length > 0 @@ -44,7 +44,7 @@ export function toMariaDB(diagram) { .map((f) => `\`${f.name}\``) .join(", ")})` : "" - }\n)${table.comment ? ` COMMENT='${table.comment}'` : ""};${`\n${table.indices + }\n)${table.comment ? ` COMMENT='${escapeQuotes(table.comment)}'` : ""};${`\n${table.indices .map( (i) => `\nCREATE ${i.unique ? "UNIQUE " : ""}INDEX \`${ diff --git a/src/utils/exportSQL/mysql.js b/src/utils/exportSQL/mysql.js index 15edf20..06b4378 100644 --- a/src/utils/exportSQL/mysql.js +++ b/src/utils/exportSQL/mysql.js @@ -1,4 +1,4 @@ -import { parseDefault } from "./shared"; +import { escapeQuotes, parseDefault } from "./shared"; import { dbToTypes } from "../../data/datatypes"; import { DB } from "../../data/constants"; @@ -37,7 +37,7 @@ export function toMySQL(diagram) { !dbToTypes[diagram.database][field.type].hasCheck ? "" : ` CHECK(${field.check})` - }${field.comment ? ` COMMENT '${field.comment}'` : ""}`, + }${field.comment ? ` COMMENT '${escapeQuotes(field.comment)}'` : ""}`, ) .join(",\n")}${ table.fields.filter((f) => f.primary).length > 0 @@ -46,7 +46,7 @@ export function toMySQL(diagram) { .map((f) => `\`${f.name}\``) .join(", ")})` : "" - }\n)${table.comment ? ` COMMENT='${table.comment}'` : ""};\n${`\n${table.indices + }\n)${table.comment ? ` COMMENT='${escapeQuotes(table.comment)}'` : ""};\n${`\n${table.indices .map( (i) => `\nCREATE ${i.unique ? "UNIQUE " : ""}INDEX \`${ diff --git a/src/utils/exportSQL/postgres.js b/src/utils/exportSQL/postgres.js index e8e11a8..c4b7b12 100644 --- a/src/utils/exportSQL/postgres.js +++ b/src/utils/exportSQL/postgres.js @@ -1,4 +1,4 @@ -import { exportFieldComment, parseDefault } from "./shared"; +import { escapeQuotes, exportFieldComment, parseDefault } from "./shared"; import { dbToTypes } from "../../data/datatypes"; @@ -17,7 +17,7 @@ export function toPostgres(diagram) { .map((f) => `\t${f.name} ${f.type}`) .join(",\n")}\n);\n\n${ type.comment && type.comment.trim() !== "" - ? `\nCOMMENT ON TYPE "${type.name}" IS '${type.comment}';\n\n` + ? `\nCOMMENT ON TYPE "${type.name}" IS '${escapeQuotes(type.comment)}';\n\n` : "" }`, ) @@ -57,12 +57,12 @@ export function toPostgres(diagram) { : "" }\n);${ table.comment.trim() !== "" - ? `\nCOMMENT ON TABLE "${table.name}" IS '${table.comment}';\n` + ? `\nCOMMENT ON TABLE "${table.name}" IS '${escapeQuotes(table.comment)}';\n` : "" }${table.fields .map((field) => field.comment.trim() !== "" - ? `COMMENT ON COLUMN ${table.name}.${field.name} IS '${field.comment}';\n` + ? `COMMENT ON COLUMN ${table.name}.${field.name} IS '${escapeQuotes(field.comment)}';\n` : "", ) .join("")}${table.indices diff --git a/src/utils/exportSQL/shared.js b/src/utils/exportSQL/shared.js index fdb4b9f..64100bc 100644 --- a/src/utils/exportSQL/shared.js +++ b/src/utils/exportSQL/shared.js @@ -1,11 +1,10 @@ -import { isFunction, isKeyword, strHasQuotes } from "../utils"; +import { isFunction, isKeyword } from "../utils"; import { DB } from "../../data/constants"; import { dbToTypes } from "../../data/datatypes"; export function parseDefault(field, database = DB.GENERIC) { if ( - strHasQuotes(field.default) || isFunction(field.default) || isKeyword(field.default) || !dbToTypes[database][field.type].hasQuotes @@ -13,7 +12,11 @@ export function parseDefault(field, database = DB.GENERIC) { return field.default; } - return `'${field.default}'`; + return `'${escapeQuotes(field.default)}'`; +} + +export function escapeQuotes(str) { + return str.replace(/[']/g, "'$&"); } export function exportFieldComment(comment) {