Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Escape sql special like characters #1066

Merged
merged 1 commit into from
Nov 6, 2017
Merged

Escape sql special like characters #1066

merged 1 commit into from
Nov 6, 2017

Conversation

csordasmarton
Copy link
Contributor

Closes #902

@csordasmarton csordasmarton added this to the release 6.2 milestone Oct 26, 2017
@whisperity whisperity added the database 🗄️ Issues related to the database schema. label Oct 26, 2017
whisperity
whisperity reviewed Oct 26, 2017
View reviewed changes
libcodechecker/util.py

def escape_like(string, escape_char='*'):
"""Escape the string parameter used in SQL LIKE expressions."""
return string.replace(escape_char, escape_char * 2) \
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So a * becomes **? How does this affect the query?

If I have csordas*marton as filter and I have csordas*marton and csordasFOOBARmarton as run names in the database I get only the first as result?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you have two run names (csordas*marton and csordasFOOBARmarton) you get only the first as result for csordas*marton filter.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This escaping applies to the run and product names when the user starts typing an infix of these for filtering. I think it is not necessary to accept joker characters in this situation, so it wouldn't be a problem if asterisk is interpreted as an exact character.

Xazax-hun
Xazax-hun reviewed Oct 27, 2017
View reviewed changes
tests/functional/report_viewer_api/test_run_filter.py
"There should be one run for this test.")

# Filter runs which name contains `test_files*`.
test_runs = self.__get_runs('test_files*')
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think there could be more tests, e.g. for **, %.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Okay, I've created a few more test cases.

@gyorb gyorb removed this from the release 6.2 milestone Oct 31, 2017
Xazax-hun
Xazax-hun approved these changes Nov 6, 2017
View reviewed changes
Copy link
Contributor

@Xazax-hun Xazax-hun left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LG!

@Xazax-hun Xazax-hun merged commit 102d949 into Ericsson:master Nov 6, 2017
@csordasmarton csordasmarton deleted the sql_escape branch November 6, 2017 09:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@whisperity whisperity whisperity left review comments

@bruntib bruntib bruntib approved these changes

@Xazax-hun Xazax-hun Xazax-hun approved these changes

@gyorb gyorb Awaiting requested review from gyorb

Assignees
No one assigned
Labels
database 🗄️ Issues related to the database schema. enhancement 🌟
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@csordasmarton @Xazax-hun @whisperity @bruntib @gyorb