diff options
| -rw-r--r-- | lib/impure/db_mysql.nim | 3 | ||||
| -rw-r--r-- | tests/stdlib/tdb_mysql.nim | 4 |
2 files changed, 5 insertions, 2 deletions
diff --git a/lib/impure/db_mysql.nim b/lib/impure/db_mysql.nim index df878e25a..562847e6b 100644 --- a/lib/impure/db_mysql.nim +++ b/lib/impure/db_mysql.nim @@ -117,7 +117,7 @@ when false: discard mysql_stmt_close(stmt) proc dbQuote*(s: string): string = - ## DB quotes the string. + ## DB quotes the string. Note that this doesn't escape `%` and `_`. result = newStringOfCap(s.len + 2) result.add "'" for c in items(s): @@ -132,7 +132,6 @@ proc dbQuote*(s: string): string = of '"': result.add "\\\"" of '\'': result.add "\\'" of '\\': result.add "\\\\" - of '_': result.add "\\_" else: result.add c add(result, '\'') diff --git a/tests/stdlib/tdb_mysql.nim b/tests/stdlib/tdb_mysql.nim new file mode 100644 index 000000000..21a7afd4f --- /dev/null +++ b/tests/stdlib/tdb_mysql.nim @@ -0,0 +1,4 @@ +import std/db_mysql + +doAssert dbQuote("SELECT * FROM foo WHERE col1 = 'bar_baz'") == "'SELECT * FROM foo WHERE col1 = \\'bar_baz\\''" +doAssert dbQuote("SELECT * FROM foo WHERE col1 LIKE '%bar_baz%'") == "'SELECT * FROM foo WHERE col1 LIKE \\'%bar_baz%\\''" |