A little more cleanup, and redo-docs

This commit is contained in:
Timothy Warren 2015-01-23 16:02:38 -05:00
parent 26e3e97475
commit 6d1e21b0a5
9 changed files with 9 additions and 130 deletions

View File

@ -45,6 +45,10 @@ A node query builder for various SQL databases, based on CodeIgniter's query bui
// Database module result handling
});
### Security notes
As of version 2, `where` and `having` type methods parse the values passed to look for function calls. While values passed are still passed as query parameters, take care to avoid passing these kinds of methods unfiltered input. SQL function arguments are not currently parsed, so they need to be properly escaped for the current database.
### Additional help
* Generated documentation is in the docs/ folder

View File

@ -92,15 +92,6 @@ module.exports = {
*/
execute: function(sql, params, callback) {
throw new Error("Correct adapter not defined for query execution");
},
/**
* Close the connection that is open on the current adapter
*
* @return void
*/
close: function() {
throw new Error("Close method not defined for the current adapter");
}
};</pre>
</article>

View File

@ -99,8 +99,6 @@ var d = {
* @private
*/
_quote: function(str) {
//if (/[0-9]+|\'(.*?)\'/ig.test(str)) return str;
return (helpers.isString(str) &amp;&amp; ! (str.startsWith(d.identifierChar) || str.endsWith(d.identifierChar)))
? d.identifierChar + str + d.identifierChar
: str;
@ -152,12 +150,6 @@ var d = {
return str.map(d.quoteIdentifiers);
}
if ( ! helpers.isString(str))
{
console.error(str);
return str;
}
// Handle commas
if (str.contains(','))
{

View File

@ -130,7 +130,8 @@ query.select('foo')
.limit(2, 3)
.get(function(/* Adapter dependent arguments */) {
// Database module result handling
});</code></pre><h3>Additional help</h3><ul>
});</code></pre><h3>Security notes</h3><p>As of version 2, <code>where</code> and <code>having</code> type methods parse the values passed to look for function calls. While values passed are still passed as query parameters, take care to avoid passing these kinds of methods unfiltered input. SQL function arguments are not currently parsed, so they need to be properly escaped for the current database. </p>
<h3>Additional help</h3><ul>
<li>Generated documentation is in the docs/ folder </li>
<li><code>tests/query-builder-base.js</code> contains a lot of usage examples</li>
<li>The <code>tests/adapters</code> folder contains examples of how to set up a connection for the appropriate database library</li>

View File

@ -152,93 +152,6 @@
<dl>
<dt>
<h4 class="name" id="close"><span class="type-signature">&lt;static> </span>close<span class="signature">()</span><span class="type-signature"></span></h4>
</dt>
<dd>
<div class="description">
<p>Close the connection that is open on the current adapter</p>
</div>
<dl class="details">
<dt class="tag-source">Source:</dt>
<dd class="tag-source">
<ul class="dummy">
<li>
<a href="adapter.js.html">adapter.js</a>,
<a href="adapter.js.html#sunlight-1-line-23">line 23</a>
</li>
</ul>
</dd>
</dl>
<h5>Returns:</h5>
<div class="param-desc">
<p>void</p>
</div>
</dd>
<dt>
<h4 class="name" id="execute"><span class="type-signature">&lt;static> </span>execute<span class="signature">(sql, params, callback)</span><span class="type-signature"></span></h4>

View File

@ -13,14 +13,5 @@ module.exports = {
*/
execute: function(sql, params, callback) {
throw new Error("Correct adapter not defined for query execution");
},
/**
* Close the connection that is open on the current adapter
*
* @return void
*/
close: function() {
throw new Error("Close method not defined for the current adapter");
}
};

View File

@ -20,8 +20,6 @@ var d = {
* @private
*/
_quote: function(str) {
//if (/[0-9]+|\'(.*?)\'/ig.test(str)) return str;
return (helpers.isString(str) && ! (str.startsWith(d.identifierChar) || str.endsWith(d.identifierChar)))
? d.identifierChar + str + d.identifierChar
: str;
@ -73,12 +71,6 @@ var d = {
return str.map(d.quoteIdentifiers);
}
if ( ! helpers.isString(str))
{
console.error(str);
return str;
}
// Handle commas
if (str.contains(','))
{

View File

@ -70,12 +70,14 @@ var helperTests = {
'regexInArray': function(test) {
var orig = ['apple', ' string ', 6, 4, 7];
test.expect(4);
test.expect(6);
test.equal(false, helpers.regexInArray(orig, /\$/), 'Dollar sign is not in any of the array items');
test.equal(true, helpers.regexInArray(orig, /^ ?string/), "' string ' matches /^ ?string/");
test.equal(true, helpers.regexInArray(orig, /APPLE/i), "'apple' matches /APPLE/i");
test.equal(false, helpers.regexInArray(orig, /5/), 'None of the numbers in the array match /5/');
test.equal(false, helpers.regexInArray(5, /5/), 'First argument is not an array');
test.equal(false, helpers.regexInArray([], /.*/), 'Array is empty');
test.done();
}

View File

@ -152,13 +152,6 @@ module.exports = (function QueryBuilderTestBase() {
.where('id > 3')
.get(base.testCallback.bind(this, test));
},
/*'Select with function in WHERE clause': function(test) {
test.expect(1);
base.qb.select('id', 'key as k', 'val')
.from('create_test')
.where('val !=', 'CURRENT_TIMESTAMP()')
.get(base.testCallback.bind(this, test));
},*/
'Select with function and argument in WHERE clause': function(test) {
test.expect(1);
base.qb.select('id')