#68 Escape ?? in CustomWithValues

SeaQL · Jul 12, 2021 · 52f3306 · 52f3306
1 parent bb891d8
commit 52f3306
Show file tree

Hide file tree

Showing 3 changed files with 50 additions and 4 deletions.
diff --git a/src/backend/query_builder.rs b/src/backend/query_builder.rs
@@ -284,12 +284,25 @@ pub trait QueryBuilder: QuotedBuilder {
                 write!(sql, "{}", s).unwrap();
             }
             SimpleExpr::CustomWithValues(expr, values) => {
-                let tokenizer = Tokenizer::new(expr);
+                let mut tokenizer = Tokenizer::new(expr).iter().peekable();
                 let mut count = 0;
-                for tok in tokenizer.iter() {
+                while let Some(tok) = tokenizer.next() {
                     match tok {
                         Token::Punctuation(mark) => {
                             if mark == "?" {
+                                if let Some(nxt) = tokenizer.peek() {
+                                    match nxt {
+                                        Token::Punctuation(mark) => {
+                                            // escape '??'
+                                            if mark == "?" {
+                                                write!(sql, "{}", mark).unwrap();
+                                                tokenizer.next();
+                                                continue;
+                                            }
+                                        }
+                                        _ => {}
+                                    }
+                                }
                                 self.prepare_value(&values[count], sql, collector);
                                 count += 1;
                             } else {

diff --git a/src/expr.rs b/src/expr.rs
@@ -298,6 +298,39 @@ impl Expr {
     ///     r#"SELECT `character`, `size_w`, `size_h` FROM `character` WHERE `id` = 1 AND 6 = 2 * 3"#
     /// );
     /// ```
+    /// ```
+    /// use sea_query::{*, tests_cfg::*};
+    ///
+    /// let query = Query::select()
+    ///     .expr(Expr::cust_with_values("6 = ? * ?", vec![2, 3]))
+    ///     .to_owned();
+    ///
+    /// assert_eq!(
+    ///     query.to_string(MysqlQueryBuilder),
+    ///     r#"SELECT 6 = 2 * 3"#
+    /// );
+    /// assert_eq!(
+    ///     query.to_string(PostgresQueryBuilder),
+    ///     r#"SELECT 6 = 2 * 3"#
+    /// );
+    /// assert_eq!(
+    ///     query.to_string(SqliteQueryBuilder),
+    ///     r#"SELECT 6 = 2 * 3"#
+    /// );
+    /// ```
+    /// Postgres only: use `??` to escape `?`
+    /// ```
+    /// use sea_query::{*, tests_cfg::*};
+    ///
+    /// let query = Query::select()
+    ///     .expr(Expr::cust_with_values("? ?? ?", vec!["a", "b"]))
+    ///     .to_owned();
+    ///
+    /// assert_eq!(
+    ///     query.to_string(PostgresQueryBuilder),
+    ///     r#"SELECT 'a' ? 'b'"#
+    /// );
+    /// ```
     pub fn cust_with_values<V, I>(s: &str, v: I) -> SimpleExpr
     where
         V: Into<Value>,

diff --git a/src/prepare.rs b/src/prepare.rs
@@ -23,12 +23,12 @@ where
         let token = &tokens[i];
         match token {
             Token::Punctuation(mark) => {
-                if mark == "?" {
+                if (mark.as_ref(), false) == query_builder.placeholder() {
                     output.push(query_builder.value_to_string(&params[counter]));
                     counter += 1;
                     i += 1;
                     continue;
-                } else if mark == "$" && i + 1 < tokens.len() {
+                } else if (mark.as_ref(), true) == query_builder.placeholder() && i + 1 < tokens.len() {
                     if let Token::Unquoted(next) = &tokens[i + 1] {
                         if let Ok(num) = next.parse::<usize>() {
                             output.push(query_builder.value_to_string(&params[num - 1]));