Strange escaping in SELECT when using SQL functions

Question

Strange escaping in SELECT when using SQL functions

woytam opened this issue 6 years ago · 1 comments

Version: Nette/Database 2.4.6

Bug Description

Strange escaping when using SQL functions in select function. When using in function select SQL functions, some of its parameters gets strange escaping and break whole SQL query.

Steps To Reproduce

Using this command

$table->select('DATE_FORMAT("%Y-%m-%d", `time`) AS entry_date')->fetch();

generates this SQL query

SELECT DATE_FORMAT("%Y-%`m`-%d", `time`) AS `entry_date` 
FROM `table`

with escaped letter m in DATE_FORMAT function parameters.

Expected Behavior

Is it expected to generate this SQL query

SELECT DATE_FORMAT("%Y-%m-%d", `time`) AS `entry_date` 
FROM `table`

without escaped letter m.

Possible Solution

Possible related to #202 ?

Answer 1 · 2018-11-16T14:07:48.000Z

My mistake, according to documentation
https://doc.nette.org/en/2.4/database-explorer#toc-escaping-quoting
it is neccessary to set values also in select via parameters

->select('DATE_FORMAT(created, "%d.%m.%Y")'); // WRONG! set values via parameters
->select('DATE_FORMAT(created, ?)', '%d.%m.%Y'); // CORRECT