A little more cleanup, and redo-docs
This commit is contained in:
parent
26e3e97475
commit
6d1e21b0a5
@ -45,6 +45,10 @@ A node query builder for various SQL databases, based on CodeIgniter's query bui
|
|||||||
// Database module result handling
|
// Database module result handling
|
||||||
});
|
});
|
||||||
|
|
||||||
|
### Security notes
|
||||||
|
As of version 2, `where` and `having` type methods parse the values passed to look for function calls. While values passed are still passed as query parameters, take care to avoid passing these kinds of methods unfiltered input. SQL function arguments are not currently parsed, so they need to be properly escaped for the current database.
|
||||||
|
|
||||||
|
|
||||||
### Additional help
|
### Additional help
|
||||||
|
|
||||||
* Generated documentation is in the docs/ folder
|
* Generated documentation is in the docs/ folder
|
||||||
|
@ -92,15 +92,6 @@ module.exports = {
|
|||||||
*/
|
*/
|
||||||
execute: function(sql, params, callback) {
|
execute: function(sql, params, callback) {
|
||||||
throw new Error("Correct adapter not defined for query execution");
|
throw new Error("Correct adapter not defined for query execution");
|
||||||
},
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Close the connection that is open on the current adapter
|
|
||||||
*
|
|
||||||
* @return void
|
|
||||||
*/
|
|
||||||
close: function() {
|
|
||||||
throw new Error("Close method not defined for the current adapter");
|
|
||||||
}
|
}
|
||||||
};</pre>
|
};</pre>
|
||||||
</article>
|
</article>
|
||||||
|
@ -99,8 +99,6 @@ var d = {
|
|||||||
* @private
|
* @private
|
||||||
*/
|
*/
|
||||||
_quote: function(str) {
|
_quote: function(str) {
|
||||||
//if (/[0-9]+|\'(.*?)\'/ig.test(str)) return str;
|
|
||||||
|
|
||||||
return (helpers.isString(str) && ! (str.startsWith(d.identifierChar) || str.endsWith(d.identifierChar)))
|
return (helpers.isString(str) && ! (str.startsWith(d.identifierChar) || str.endsWith(d.identifierChar)))
|
||||||
? d.identifierChar + str + d.identifierChar
|
? d.identifierChar + str + d.identifierChar
|
||||||
: str;
|
: str;
|
||||||
@ -152,12 +150,6 @@ var d = {
|
|||||||
return str.map(d.quoteIdentifiers);
|
return str.map(d.quoteIdentifiers);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( ! helpers.isString(str))
|
|
||||||
{
|
|
||||||
console.error(str);
|
|
||||||
return str;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Handle commas
|
// Handle commas
|
||||||
if (str.contains(','))
|
if (str.contains(','))
|
||||||
{
|
{
|
||||||
|
@ -130,7 +130,8 @@ query.select('foo')
|
|||||||
.limit(2, 3)
|
.limit(2, 3)
|
||||||
.get(function(/* Adapter dependent arguments */) {
|
.get(function(/* Adapter dependent arguments */) {
|
||||||
// Database module result handling
|
// Database module result handling
|
||||||
});</code></pre><h3>Additional help</h3><ul>
|
});</code></pre><h3>Security notes</h3><p>As of version 2, <code>where</code> and <code>having</code> type methods parse the values passed to look for function calls. While values passed are still passed as query parameters, take care to avoid passing these kinds of methods unfiltered input. SQL function arguments are not currently parsed, so they need to be properly escaped for the current database. </p>
|
||||||
|
<h3>Additional help</h3><ul>
|
||||||
<li>Generated documentation is in the docs/ folder </li>
|
<li>Generated documentation is in the docs/ folder </li>
|
||||||
<li><code>tests/query-builder-base.js</code> contains a lot of usage examples</li>
|
<li><code>tests/query-builder-base.js</code> contains a lot of usage examples</li>
|
||||||
<li>The <code>tests/adapters</code> folder contains examples of how to set up a connection for the appropriate database library</li>
|
<li>The <code>tests/adapters</code> folder contains examples of how to set up a connection for the appropriate database library</li>
|
||||||
|
@ -152,93 +152,6 @@
|
|||||||
|
|
||||||
<dl>
|
<dl>
|
||||||
|
|
||||||
<dt>
|
|
||||||
<h4 class="name" id="close"><span class="type-signature"><static> </span>close<span class="signature">()</span><span class="type-signature"></span></h4>
|
|
||||||
|
|
||||||
|
|
||||||
</dt>
|
|
||||||
<dd>
|
|
||||||
|
|
||||||
|
|
||||||
<div class="description">
|
|
||||||
<p>Close the connection that is open on the current adapter</p>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<dl class="details">
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<dt class="tag-source">Source:</dt>
|
|
||||||
<dd class="tag-source">
|
|
||||||
<ul class="dummy">
|
|
||||||
<li>
|
|
||||||
<a href="adapter.js.html">adapter.js</a>,
|
|
||||||
<a href="adapter.js.html#sunlight-1-line-23">line 23</a>
|
|
||||||
</li>
|
|
||||||
</ul>
|
|
||||||
</dd>
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
</dl>
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<h5>Returns:</h5>
|
|
||||||
|
|
||||||
|
|
||||||
<div class="param-desc">
|
|
||||||
<p>void</p>
|
|
||||||
</div>
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
</dd>
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
<dt>
|
<dt>
|
||||||
<h4 class="name" id="execute"><span class="type-signature"><static> </span>execute<span class="signature">(sql, params, callback)</span><span class="type-signature"></span></h4>
|
<h4 class="name" id="execute"><span class="type-signature"><static> </span>execute<span class="signature">(sql, params, callback)</span><span class="type-signature"></span></h4>
|
||||||
|
|
||||||
|
@ -13,14 +13,5 @@ module.exports = {
|
|||||||
*/
|
*/
|
||||||
execute: function(sql, params, callback) {
|
execute: function(sql, params, callback) {
|
||||||
throw new Error("Correct adapter not defined for query execution");
|
throw new Error("Correct adapter not defined for query execution");
|
||||||
},
|
|
||||||
|
|
||||||
/**
|
|
||||||
* Close the connection that is open on the current adapter
|
|
||||||
*
|
|
||||||
* @return void
|
|
||||||
*/
|
|
||||||
close: function() {
|
|
||||||
throw new Error("Close method not defined for the current adapter");
|
|
||||||
}
|
}
|
||||||
};
|
};
|
@ -20,8 +20,6 @@ var d = {
|
|||||||
* @private
|
* @private
|
||||||
*/
|
*/
|
||||||
_quote: function(str) {
|
_quote: function(str) {
|
||||||
//if (/[0-9]+|\'(.*?)\'/ig.test(str)) return str;
|
|
||||||
|
|
||||||
return (helpers.isString(str) && ! (str.startsWith(d.identifierChar) || str.endsWith(d.identifierChar)))
|
return (helpers.isString(str) && ! (str.startsWith(d.identifierChar) || str.endsWith(d.identifierChar)))
|
||||||
? d.identifierChar + str + d.identifierChar
|
? d.identifierChar + str + d.identifierChar
|
||||||
: str;
|
: str;
|
||||||
@ -73,12 +71,6 @@ var d = {
|
|||||||
return str.map(d.quoteIdentifiers);
|
return str.map(d.quoteIdentifiers);
|
||||||
}
|
}
|
||||||
|
|
||||||
if ( ! helpers.isString(str))
|
|
||||||
{
|
|
||||||
console.error(str);
|
|
||||||
return str;
|
|
||||||
}
|
|
||||||
|
|
||||||
// Handle commas
|
// Handle commas
|
||||||
if (str.contains(','))
|
if (str.contains(','))
|
||||||
{
|
{
|
||||||
|
@ -70,12 +70,14 @@ var helperTests = {
|
|||||||
'regexInArray': function(test) {
|
'regexInArray': function(test) {
|
||||||
var orig = ['apple', ' string ', 6, 4, 7];
|
var orig = ['apple', ' string ', 6, 4, 7];
|
||||||
|
|
||||||
test.expect(4);
|
test.expect(6);
|
||||||
|
|
||||||
test.equal(false, helpers.regexInArray(orig, /\$/), 'Dollar sign is not in any of the array items');
|
test.equal(false, helpers.regexInArray(orig, /\$/), 'Dollar sign is not in any of the array items');
|
||||||
test.equal(true, helpers.regexInArray(orig, /^ ?string/), "' string ' matches /^ ?string/");
|
test.equal(true, helpers.regexInArray(orig, /^ ?string/), "' string ' matches /^ ?string/");
|
||||||
test.equal(true, helpers.regexInArray(orig, /APPLE/i), "'apple' matches /APPLE/i");
|
test.equal(true, helpers.regexInArray(orig, /APPLE/i), "'apple' matches /APPLE/i");
|
||||||
test.equal(false, helpers.regexInArray(orig, /5/), 'None of the numbers in the array match /5/');
|
test.equal(false, helpers.regexInArray(orig, /5/), 'None of the numbers in the array match /5/');
|
||||||
|
test.equal(false, helpers.regexInArray(5, /5/), 'First argument is not an array');
|
||||||
|
test.equal(false, helpers.regexInArray([], /.*/), 'Array is empty');
|
||||||
|
|
||||||
test.done();
|
test.done();
|
||||||
}
|
}
|
||||||
|
@ -152,13 +152,6 @@ module.exports = (function QueryBuilderTestBase() {
|
|||||||
.where('id > 3')
|
.where('id > 3')
|
||||||
.get(base.testCallback.bind(this, test));
|
.get(base.testCallback.bind(this, test));
|
||||||
},
|
},
|
||||||
/*'Select with function in WHERE clause': function(test) {
|
|
||||||
test.expect(1);
|
|
||||||
base.qb.select('id', 'key as k', 'val')
|
|
||||||
.from('create_test')
|
|
||||||
.where('val !=', 'CURRENT_TIMESTAMP()')
|
|
||||||
.get(base.testCallback.bind(this, test));
|
|
||||||
},*/
|
|
||||||
'Select with function and argument in WHERE clause': function(test) {
|
'Select with function and argument in WHERE clause': function(test) {
|
||||||
test.expect(1);
|
test.expect(1);
|
||||||
base.qb.select('id')
|
base.qb.select('id')
|
||||||
|
Loading…
Reference in New Issue
Block a user