bug about regex - Githubissues

didi / gendry

a golang library for sql builder

Apache License 2.0

1.62k stars 195 forks source link

bug about regex #46

Closed jingyugao closed 5 years ago

jingyugao commented 5 years ago

https://github.com/didi/gendry/blob/master/builder/builder.go#L394 this regex is greedy. It should be non-greedy. for example， "select {{name}},{{comment}},value from table" In mysql, this is ok. but gendry will parser it as "name}},{{comment". I must insert an space between }} and {{ .

caibirdme commented 5 years ago

It is a problem. The current workaround is adding a white space like you said. I'll fix it later. And contribution is welcome😆

caibirdme commented 5 years ago

@jingyugao In your case:

select {{name}},{{comment}},value from table

I want to know why your select fields are dynamic. Is there any use case that people can't set their select fields?

caibirdme commented 5 years ago

@jingyugao I found that

The markers in prepared statements are not allowed for identifiers (such as table or column names)

So can you execute select ? from table_a?

caibirdme commented 5 years ago

In mysql documentation

The markers are legal only in certain places in SQL statements. For example, they are permitted in the VALUES() list of an INSERT statement (to specify column values for a row), or in a comparison with a column in a WHERE clause to specify a comparison value. However, they are not permitted for identifiers (such as table or column names), or to specify both operands of a binary operator such as the = equal sign. The latter restriction is necessary because it would be impossible to determine the parameter type. In general, parameters are legal only in Data Manipulation Language (DML) statements, and not in Data Definition Language (DDL) statements.

jingyugao commented 5 years ago

The marker is not identifiers. It is variable such as 1,"mysql" and so on.

`package main

import ( "fmt"

_ "github.com/go-sql-driver/mysql"
"github.com/jmoiron/sqlx"

)

func main() { db, err := sqlx.Connect("mysql", "root:@tcp(127.0.0.1:3306)/db0") if err != nil { panic(err) } id := []int64{} db.Select(&id, "select ? from table0", 2) fmt.Println(id) }`

jingyugao commented 5 years ago

190701 8:30:32 4 Connect root@172.20.0.1 on db0 4 Prepare select ? from table 4 Execute select 2 from table 4 Close stmt

jingyugao commented 5 years ago

this is the mysql log

caibirdme commented 5 years ago

Ok，明天上午之前修复这个问题

caibirdme commented 5 years ago

@jingyugao fixed, see the latest release