X-Git-Url: http://git.kpe.io/?a=blobdiff_plain;f=sql%2Fexpressions.lisp;h=d7a95ef74f83a11cd85ab96e69ed87af14cfe9ad;hb=539444af449f3769b75f71b32f10204c40d011f4;hp=9157da04606a87929cd40057a2422e010ad060b2;hpb=6d643c3749b77b6e6207871f0cf40f135094f457;p=clsql.git

diff --git a/sql/expressions.lisp b/sql/expressions.lisp
index 9157da0..d7a95ef 100644
--- a/sql/expressions.lisp
+++ b/sql/expressions.lisp
@@ -151,15 +151,29 @@
 ;;; KMR: The TYPE field is used by CommonSQL for type conversion -- it
 ;;; should not be output in SQL statements
   (let ((*print-pretty* nil))
-    (with-slots (qualifier name type) expr
-      (format *sql-stream* "~@[~a.~]~a"
-	      (typecase qualifier
-		(string (format nil "~s" qualifier))
-		(symbol (safety-first (sql-escape qualifier))))
-	      (typecase name
-		(string (format nil "~s" name))
-		(symbol (safety-first (sql-escape name)))))
-      t)))
+    (labels ((quoted-string-p (inp)
+	       (and (char-equal #\" (elt inp 0))
+		    (char-equal #\" (elt inp (1- (length inp))))))
+	     (safety-first (inp)
+	       "do our best not to output sql that we can guarantee is invalid. 
+              if the ident has a space or quote in it, instead output a quoted
+	      identifier containing those chars"
+	       (when (and (not (quoted-string-p inp))
+			  (find-if
+			   (lambda (x) (member x '(#\space #\' #\")
+					       :test #'char-equal)) inp))
+		 (setf inp (format nil "~s" (substitute "\\\"" "\"" inp :test #'string-equal))))
+	       inp))
+      (with-slots (qualifier name type) expr
+	(format *sql-stream* "~@[~a.~]~a"
+		(typecase qualifier
+		  (null nil)		; nil is a symbol
+		  (string (format nil "~s" qualifier))
+		  (symbol (safety-first (sql-escape qualifier))))
+		(typecase name ;; could never get this to be nil without getting another error first
+		  (string (format nil "~s" name))
+		  (symbol (safety-first (sql-escape name)))))
+	t))))
 
 (defmethod output-sql-hash-key ((expr sql-ident-attribute) database)
   (with-slots (qualifier name type)
@@ -229,18 +243,20 @@
 
 (defmethod output-sql ((expr sql-relational-exp) database)
   (with-slots (operator sub-expressions)
-    expr
-    (let ((subs (if (consp (car sub-expressions))
-                    (car sub-expressions)
-                    sub-expressions)))
-      (write-char #\( *sql-stream*)
-      (do ((sub subs (cdr sub)))
-          ((null (cdr sub)) (output-sql (car sub) database))
-        (output-sql (car sub) database)
-        (write-char #\Space *sql-stream*)
-        (output-sql operator database)
-        (write-char #\Space *sql-stream*))
-      (write-char #\) *sql-stream*)))
+      expr
+    (when sub-expressions
+      (let ((subs (if (consp (car sub-expressions))
+		      (car sub-expressions)
+		      sub-expressions)))
+	(write-char #\( *sql-stream*)
+	(do ((sub subs (cdr sub)))
+	    ((null (cdr sub))
+	       (output-sql (car sub) database))
+	  (output-sql (car sub) database)
+	  (write-char #\Space *sql-stream*)
+	  (output-sql operator database)
+	  (write-char #\Space *sql-stream*))
+	(write-char #\) *sql-stream*))))
   t)
 
 (defclass sql-array-exp (sql-relational-exp)