[TYPO3-core] RFC #11108: DBAL wildly quotes fields and table names
Xavier Perseguers
typo3 at perseguers.ch
Fri May 22 14:48:16 CEST 2009
Hi Oliver,
Oliver Hader wrote:
> Hi Xavier,
>
> Xavier Perseguers schrieb:
>> Hi,
>>
>> This is a SVN patch request.
>>
>> Type: Bugfix
>>
>> Branches: trunk
>>
>> BT reference:
>> http://bugs.typo3.org/view.php?id=11108
>>
>> Problem:
>> When issuing a query using $GLOBALS['TYPO3_DB']->exec_SELECTgetRows()
>> method for instance, the actual query being generated has all fields
>> quotes with the proper quote for the selected DBMS.
>>
>> This is however done in a fully uncontrolled manner as all stuff get
>> quoted resulting in invalid SQL query being issued to the actual DBMS.
>> E.g., using a MSSQL backend, a query is like this:
>>
>> SELECT "Field1", "Field2" FROM "MyTable" WHERE "Uid" = 1234
>>
>> and that does not work, MSSQL complains that it cannot parse the query
>> (at least with ADOdb because using Query Analyzer, the query is
>> performed successfuly).
>>
>> Solution:
>> Use ADOdb built-in function to quote fields and table names and... as it
>> performs a few tests to decide whether quoting is needed or not.
>
> Is this behaviour related to the recent updates of AdoDB in the Trunk?
> Or is it possible to reproduce with TYPO3 4.2 as well?
No, it already exists in 4.2
--
Xavier Perseguers
http://xavier.perseguers.ch/en
One contribution a day keeps the fork away
More information about the TYPO3-team-core
mailing list