From: Rafael Kitover Date: Sun, 22 Nov 2009 12:03:31 +0000 (+0000) Subject: $dbh->quote some things X-Git-Tag: 0.04999_11~8 X-Git-Url: http://git.shadowcat.co.uk/gitweb/gitweb.cgi?a=commitdiff_plain;h=772367d333d11cb07aee1f1faf5d471fcdec00d4;p=dbsrgits%2FDBIx-Class-Schema-Loader.git $dbh->quote some things --- diff --git a/lib/DBIx/Class/Schema/Loader/DBI/MSSQL.pm b/lib/DBIx/Class/Schema/Loader/DBI/MSSQL.pm index cf8fc0a..8e4cc1e 100644 --- a/lib/DBIx/Class/Schema/Loader/DBI/MSSQL.pm +++ b/lib/DBIx/Class/Schema/Loader/DBI/MSSQL.pm @@ -98,7 +98,7 @@ sub _table_uniq_info { my $sth = $dbh->prepare(qq{SELECT CCU.CONSTRAINT_NAME, CCU.COLUMN_NAME FROM INFORMATION_SCHEMA.CONSTRAINT_COLUMN_USAGE CCU JOIN INFORMATION_SCHEMA.TABLE_CONSTRAINTS TC ON (CCU.CONSTRAINT_NAME = TC.CONSTRAINT_NAME) JOIN INFORMATION_SCHEMA.KEY_COLUMN_USAGE KCU ON (CCU.CONSTRAINT_NAME = KCU.CONSTRAINT_NAME AND CCU.COLUMN_NAME = KCU.COLUMN_NAME) - WHERE CCU.TABLE_NAME = '$table' AND CONSTRAINT_TYPE = 'UNIQUE' ORDER BY KCU.ORDINAL_POSITION}); + WHERE CCU.TABLE_NAME = @{[ $dbh->quote($table) ]} AND CONSTRAINT_TYPE = 'UNIQUE' ORDER BY KCU.ORDINAL_POSITION}); $sth->execute; my $constraints; while (my $row = $sth->fetchrow_hashref) { @@ -118,10 +118,12 @@ sub _extra_column_info { my ($table, $column) = @$info{qw/TABLE_NAME COLUMN_NAME/}; my $dbh = $self->schema->storage->dbh; - my $sth = $dbh->prepare(qq{SELECT COLUMN_NAME - FROM INFORMATION_SCHEMA.COLUMNS - WHERE COLUMNPROPERTY(object_id('$table', 'U'), '$column', 'IsIdentity') = 1 AND TABLE_NAME = '$table' AND COLUMN_NAME = '$column' - }); + my $sth = $dbh->prepare(qq{ + SELECT COLUMN_NAME + FROM INFORMATION_SCHEMA.COLUMNS + WHERE COLUMNPROPERTY(object_id(@{[ $dbh->quote($table) ]}, 'U'), '$column', 'IsIdentity') = 1 + AND TABLE_NAME = @{[ $dbh->quote($table) ]} AND COLUMN_NAME = @{[ $dbh->quote($column) ]} + }); $sth->execute(); if ($sth->fetchrow_array) { @@ -132,7 +134,7 @@ sub _extra_column_info { $sth = $dbh->prepare(qq{ SELECT COLUMN_DEFAULT FROM INFORMATION_SCHEMA.COLUMNS - WHERE TABLE_NAME = '$table' AND COLUMN_NAME = '$column' + WHERE TABLE_NAME = @{[ $dbh->quote($table) ]} AND COLUMN_NAME = @{[ $dbh->quote($column) ]} }); $sth->execute; my ($default) = $sth->fetchrow_array; diff --git a/lib/DBIx/Class/Schema/Loader/DBI/Sybase.pm b/lib/DBIx/Class/Schema/Loader/DBI/Sybase.pm index e3d2ed2..f607af3 100644 --- a/lib/DBIx/Class/Schema/Loader/DBI/Sybase.pm +++ b/lib/DBIx/Class/Schema/Loader/DBI/Sybase.pm @@ -59,7 +59,7 @@ sub _table_columns { my ($self, $table) = @_; my $dbh = $self->schema->storage->dbh; - my $columns = $dbh->selectcol_arrayref(qq{SELECT name FROM syscolumns WHERE id = (SELECT id FROM sysobjects WHERE name = '$table' AND type = 'U')}); + my $columns = $dbh->selectcol_arrayref(qq{SELECT name FROM syscolumns WHERE id = (SELECT id FROM sysobjects WHERE name = @{[ $dbh->quote($table) ]} AND type = 'U')}); return $columns; } @@ -68,7 +68,7 @@ sub _table_pk_info { my ($self, $table) = @_; my $dbh = $self->schema->storage->dbh; - my $sth = $dbh->prepare(qq{sp_pkeys '$table'}); + my $sth = $dbh->prepare(qq{sp_pkeys @{[ $dbh->quote($table) ]}}); $sth->execute; my @keydata; @@ -89,7 +89,7 @@ sub _table_fk_info { local $dbh->{FetchHashKeyName} = 'NAME_lc'; # hide "Object does not exist in this database." when trying to fetch fkeys local $dbh->{syb_err_handler} = sub { return $_[0] == 17461 ? 0 : 1 }; - my $sth = $dbh->prepare(qq{sp_fkeys \@fktable_name = '$table'}); + my $sth = $dbh->prepare(qq{sp_fkeys \@fktable_name = @{[ $dbh->quote($table) ]}}); $sth->execute; my $row = $sth->fetchrow_hashref; @@ -112,7 +112,7 @@ sub _table_fk_info_by_name { local $dbh->{FetchHashKeyName} = 'NAME_lc'; # hide "Object does not exist in this database." when trying to fetch fkeys local $dbh->{syb_err_handler} = sub { return $_[0] == 17461 ? 0 : 1 }; - my $sth = $dbh->prepare(qq{sp_fkeys \@fktable_name = '$table'}); + my $sth = $dbh->prepare(qq{sp_fkeys \@fktable_name = @{[ $dbh->quote($table) ]}}); $sth->execute; while (my $row = $sth->fetchrow_hashref) { @@ -142,7 +142,7 @@ sub _table_fk_info_builder { local $dbh->{FetchHashKeyName} = 'NAME_lc'; # hide "Object does not exist in this database." when trying to fetch fkeys local $dbh->{syb_err_handler} = sub { return 0 if $_[0] == 17461; }; - my $sth = $dbh->prepare(qq{sp_fkeys \@fktable_name = '$table'}); + my $sth = $dbh->prepare(qq{sp_fkeys \@fktable_name = @{[ $dbh->quote($table) ]}}); $sth->execute; my @fk_info; @@ -199,7 +199,7 @@ sub _table_uniq_info { my $dbh = $self->schema->storage->dbh; local $dbh->{FetchHashKeyName} = 'NAME_lc'; - my $sth = $dbh->prepare(qq{sp_helpconstraint \@objname='$table', \@nomsg='nomsg'}); + my $sth = $dbh->prepare(qq{sp_helpconstraint \@objname=@{[ $dbh->quote($table) ]}, \@nomsg='nomsg'}); eval { $sth->execute }; return if $@; @@ -234,7 +234,7 @@ sub _extra_column_info { my ($table, $column) = @$info{qw/TABLE_NAME COLUMN_NAME/}; my $dbh = $self->schema->storage->dbh; - my $sth = $dbh->prepare(qq{SELECT name FROM syscolumns WHERE id = (SELECT id FROM sysobjects WHERE name = '$table') AND (status & 0x80) = 0x80 AND name = '$column'}); + my $sth = $dbh->prepare(qq{SELECT name FROM syscolumns WHERE id = (SELECT id FROM sysobjects WHERE name = @{[ $dbh->quote($table) ]}) AND (status & 0x80) = 0x80 AND name = @{[ $dbh->quote($column) ]}}); $sth->execute(); if ($sth->fetchrow_array) {