+ name escape

Gioee · Gioee · commit 3d7b497b3bf1 · 2024-02-05T19:13:33.000+01:00
diff --git a/src/manager.ts b/src/manager.ts
@@ -7,7 +7,8 @@ import {
   SQLiteManagerDefault,
   SQLiteManagerCollate,
   SQLiteManagerForeignKeyOptions,
-  SQLiteManagerForeignKeyOn
+  SQLiteManagerForeignKeyOn,
+  keywords
 } from './types'
 
 enum AT {
@@ -40,9 +41,14 @@ export class SQLiteManager {
         this.create = true
         if (table.columns) {
           this.create = false
+          this.table = table
+        } else {
+          this.table = { name: this.escape(table.name) } as SQLiteManagerTable
         }
+      } else {
+        this.create = true
+        this.table = {} as SQLiteManagerTable
       }
-      this.table = table
     }
   }
 
@@ -60,10 +66,10 @@ export class SQLiteManager {
   /** If changing name in altertable you need to manually call the queryBuilder() */
   set name(name: string) {
     if (this.create) {
-      this.table.name = name
+      this.table.name = this.escape(name)
     } else {
-      this.table.name = name
-      this.queryBuilder(AT.RENAME_TABLE, { name: name } as SQLiteManagerColumn)
+      this.table.name = this.escape(name)
+      this.queryBuilder(AT.RENAME_TABLE, { name: this.table.name } as SQLiteManagerColumn)
     }
   }
 
@@ -241,6 +247,7 @@ export class SQLiteManager {
    * sql[]: SELECT sql FROM sqlite_schema WHERE tbl_name='X'; where X is the name of the table you're using
    */
   addColumn(column: SQLiteManagerColumn, sql?: string[]): string {
+    column.name = this.escape(column.name)
     if (this.table.columns) {
       if (typeof this.findColumn(column.name) == 'undefined') {
         this.table.columns.push(column)
@@ -279,16 +286,19 @@ export class SQLiteManager {
 
   renameColumn(oldColumnName: string, newColumnName: string): string {
     const i = this.findColumn(oldColumnName)
+    newColumnName = this.escape(newColumnName)
+    let query = ''
 
     if (typeof i != 'undefined' && this.table.columns) {
       if (typeof this.findColumn(newColumnName) == 'undefined') {
         this.table.columns[i].name = newColumnName
       } else {
         throw new Error('Column already exists')
       }
+      query = this.queryBuilder(AT.RENAME_COLUMN, { name: oldColumnName } as SQLiteManagerColumn, newColumnName)
     }
 
-    return this.queryBuilder(AT.RENAME_COLUMN, { name: oldColumnName } as SQLiteManagerColumn, newColumnName)
+    return query
   }
 
   /**
@@ -350,4 +360,17 @@ export class SQLiteManager {
     }
     return false
   }
+
+  private escape(name: string): string {
+    keywords.forEach(keyword => {
+      if (name.toUpperCase() == keyword) {
+        throw new Error("You can't use a SQLite keyword as a name")
+      }
+    })
+
+    name = name.replace(/'/g, "''")
+    name = name.replace(/"/g, '""')
+
+    return name
+  }
 }
diff --git a/src/types.ts b/src/types.ts
@@ -279,3 +279,153 @@ export interface SQLiteManagerTable {
   /** Columns */
   columns?: SQLiteManagerColumn[]
 }
+
+export const keywords = [
+  'ABORT',
+  'ACTION',
+  'ADD',
+  'AFTER',
+  'ALL',
+  'ALTER',
+  'ALWAYS',
+  'ANALYZE',
+  'AND',
+  'AS',
+  'ASC',
+  'ATTACH',
+  'AUTOINCREMENT',
+  'BEFORE',
+  'BEGIN',
+  'BETWEEN',
+  'BY',
+  'CASCADE',
+  'CASE',
+  'CAST',
+  'CHECK',
+  'COLLATE',
+  'COLUMN',
+  'COMMIT',
+  'CONFLICT',
+  'CONSTRAINT',
+  'CREATE',
+  'CROSS',
+  'CURRENT',
+  'CURRENT_DATE',
+  'CURRENT_TIME',
+  'CURRENT_TIMESTAMP',
+  'DATABASE',
+  'DEFAULT',
+  'DEFERRABLE',
+  'DEFERRED',
+  'DELETE',
+  'DESC',
+  'DETACH',
+  'DISTINCT',
+  'DO',
+  'DROP',
+  'EACH',
+  'ELSE',
+  'END',
+  'ESCAPE',
+  'EXCEPT',
+  'EXCLUDE',
+  'EXCLUSIVE',
+  'EXISTS',
+  'EXPLAIN',
+  'FAIL',
+  'FILTER',
+  'FIRST',
+  'FOLLOWING',
+  'FOR',
+  'FOREIGN',
+  'FROM',
+  'FULL',
+  'GENERATED',
+  'GLOB',
+  'GROUP',
+  'GROUPS',
+  'HAVING',
+  'IF',
+  'IGNORE',
+  'IMMEDIATE',
+  'IN',
+  'INDEX',
+  'INDEXED',
+  'INITIALLY',
+  'INNER',
+  'INSERT',
+  'INSTEAD',
+  'INTERSECT',
+  'INTO',
+  'IS',
+  'ISNULL',
+  'JOIN',
+  'KEY',
+  'LAST',
+  'LEFT',
+  'LIKE',
+  'LIMIT',
+  'MATCH',
+  'MATERIALIZED',
+  'NATURAL',
+  'NO',
+  'NOT',
+  'NOTHING',
+  'NOTNULL',
+  'NULL',
+  'NULLS',
+  'OF',
+  'OFFSET',
+  'ON',
+  'OR',
+  'ORDER',
+  'OTHERS',
+  'OUTER',
+  'OVER',
+  'PARTITION',
+  'PLAN',
+  'PRAGMA',
+  'PRECEDING',
+  'PRIMARY',
+  'QUERY',
+  'RAISE',
+  'RANGE',
+  'RECURSIVE',
+  'REFERENCES',
+  'REGEXP',
+  'REINDEX',
+  'RELEASE',
+  'RENAME',
+  'REPLACE',
+  'RESTRICT',
+  'RETURNING',
+  'RIGHT',
+  'ROLLBACK',
+  'ROW',
+  'ROWS',
+  'SAVEPOINT',
+  'SELECT',
+  'SET',
+  'TABLE',
+  'TEMP',
+  'TEMPORARY',
+  'THEN',
+  'TIES',
+  'TO',
+  'TRANSACTION',
+  'TRIGGER',
+  'UNBOUNDED',
+  'UNION',
+  'UNIQUE',
+  'UPDATE',
+  'USING',
+  'VACUUM',
+  'VALUES',
+  'VIEW',
+  'VIRTUAL',
+  'WHEN',
+  'WHERE',
+  'WINDOW',
+  'WITH',
+  'WITHOUT'
+]
diff --git a/test/manager.test.ts b/test/manager.test.ts
@@ -17,6 +17,7 @@ describe('Create a table', () => {
     expect(manager.deleteColumn(testTable.columns[0].name)).not.toContain(testTable.columns[0].name)
 
     const risRen: string = manager.renameColumn(testTable.columns[1].name, testTable.columns[2].name)
+    console.log(risRen)
 
     expect(risRen).not.toContain(testTable.columns[1].name)
     expect(risRen).toContain(testTable.columns[2].name)
@@ -29,6 +30,7 @@ describe('Create a table', () => {
     const risCnstr: string = manager.changeColumnConstraints(testTable.columns[2].name, testTable.columns[2].constraints)
 
     expect(risCnstr).toContain('NOT NULL UNIQUE')
+    console.log(risCnstr)
   })
 
   it('tests alter table', () => {
@@ -70,7 +72,5 @@ describe('Create a table', () => {
 
     const risCnstr: string = manager.changeColumnConstraints(testTable.columns[2].name, testTable2.columns[2].constraints, sqlite_schema)
     expect(risCnstr).toContain('"' + testTable.columns[2].name + '" TEXT UNIQUE')
-
-    console.log(risCnstr)
   })
 })
