Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SQLite join or subquery parameters don't become exposed #2657

Closed
dufflix opened this issue Aug 24, 2023 · 2 comments · Fixed by #2674
Closed

SQLite join or subquery parameters don't become exposed #2657

dufflix opened this issue Aug 24, 2023 · 2 comments · Fixed by #2674
Labels
bug Something isn't working triage New issues that hasn't been reviewed

Comments

@dufflix
Copy link

dufflix commented Aug 24, 2023
edited
Loading

Version

1.20.0

What happened?

When doing a LEFT JOIN that contains a parameter ? , it will not become exposed in golang, and thus is unusable.
Same bug occurs when doing a WHERE NOT EXIST () subquery, sub parameters will not become exposed.

See playground for demonstration:
https://play.sqlc.dev/p/1b212317a1c11271a95746dbfd15710e0c7a1d408cd0440093dd7ba2b05c0a03

Relevant log output

No response

Database schema

CREATE TABLE npcs (
  id   INT PRIMARY KEY
);

CREATE TABLE messages (
  id   INT PRIMARY KEY,
  npc_id INT NOT NULL,
  message  text
);

SQL queries

-- name: GetNpcsThatDontHaveMessage :many
SELECT a.* FROM npcs a LEFT JOIN messages b ON a.id = b.npc_id and b.message=? WHERE b.id IS NULL;

Configuration

{
  "version": "1",
  "packages": [
    {
      "path": "db",
      "engine": "sqlite",
      "schema": "query.sql",
      "queries": "query.sql"
    }
  ]
}

Playground URL

https://play.sqlc.dev/p/1b212317a1c11271a95746dbfd15710e0c7a1d408cd0440093dd7ba2b05c0a03

What operating system are you using?

Windows

What database engines are you using?

SQLite

What type of code are you generating?

Go
@dufflix dufflix added bug Something isn't working triage New issues that hasn't been reviewed labels Aug 24, 2023
@orisano
Copy link
Contributor

orisano commented Aug 24, 2023

@andrewmbenton Should I work on this issue?

@dhadley33
Copy link

First time commenting on a forum like this so if this is out of place please let me know.

Version

1.20.0

What happened?

I am facing what I believe to be a similar issue as stated above. I have used the same database schema as the original post. When trying to create a dynamic way of sorting using the query below, the ? does not get exposed.

-- name: GetNpcsOrderedByNpcID :many
SELECT * FROM messages
ORDER BY
	CASE WHEN ? = 'npc_id' THEN npc_id END ASC;

Playground URL

Here are the playground URLs. The first one uses the SQLite engine. The second one utilizes the Postgresql engine. I used this as a basis for comparison.
SQLite: https://play.sqlc.dev/p/3fa414774f59dd6efe7dd8d7d1bdb3074e25cfb53847666f834f83ff80aebc92
Postgresql: https://play.sqlc.dev/p/c2621057d709355dd2894a3b9388d02140dd19cc8bfb8bb28b63a4f945aa4eb9

What operating system?

Ubuntu via WSL on Windows

What database engine are you using?

SQLite

What type of code are you generating

Go

orisano added a commit to orisano/sqlc that referenced this issue Aug 30, 2023
@orisano
fix(engine/sqlite): Fix to handle join clauses correctly
f0826e4 
close sqlc-dev#2657
@orisano orisano mentioned this issue Aug 30, 2023
Merged
kyleconroy pushed a commit that referenced this issue Aug 30, 2023
@orisano
fix(engine/sqlite): Fix to handle join clauses correctly (#2674)
e0353d3 
* fix(engine/sqlite): Fix to handle join clauses correctly

close #2657

* test: update endtoend

* test: update example
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working triage New issues that hasn't been reviewed
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(engine/sqlite): Fix to handle join clauses correctly orisano/sqlc
3 participants
@orisano @dhadley33 @dufflix