Opened 12 years ago
Closed 8 years ago
#4280 closed enhancement (fixed)
[PATCH] SQL parser : differentiate quoting of string literals from identifiers
Reported by: | Even Rouault | Owned by: | warmerdam |
---|---|---|---|
Priority: | normal | Milestone: | 2.0.0 |
Component: | OGR_SF | Version: | unspecified |
Severity: | normal | Keywords: | sql |
Cc: | rhaubourg |
Description
To avoid any ambiguities and more conformant to SQL, string literals should be single-quoted, and identifiers (column/table names) unquoted or surrounded by double-quote charachter if conflicting with reserved keywords.
The attached patch implements this, as well as the necesserary fixes in the test suite. This obviously shows the impact of the patch to user practices...
Attachments (1)
Change History (6)
by , 12 years ago
Attachment: | ticket_4280.patch added |
---|
comment:1 by , 10 years ago
Cc: | added |
---|---|
Milestone: | → 2.0 |
comment:2 by , 10 years ago
thanks! Sorry if I didn't find previous issue in the tracker.
Just some precisions please. I understand that " and ' are currently confusing delimiters for text or identifier. So that explains why "myfield" = 'myfield' returns always true. But why "myfield" = 'another_value' is working correctly then? Cheers, Régis
comment:3 by , 10 years ago
'another_value' matching no field name it is treated as a litteral value (as it should in SQL). But if 'another_value' is in fact 'a_valid_field_name' the SQL engine wrongly assumes that it was the quoting of a_valid_field_name. The quoting of identifiers should be double quotes, and not single quotes, but the SQL engine does not make that difference right now.
comment:5 by , 8 years ago
Milestone: | → 2.0.0 |
---|---|
Resolution: | → fixed |
Status: | new → closed |
Was implemented in GDAL 2.0 per https://trac.osgeo.org/gdal/wiki/rfc52_strict_sql_quoting
Also reported as #5428