Menu
▾
▴
#6 Escaping broken for SQLite3
Hello,
I noticed that HSQL was causing backslashes to be
duplicated on data I'm inserting into a SQLite3 DB.
Say I have a string that contains this literal:
Test\One
This would be represented as a Haskell literal as:
"Test\\One"
And as a SQL92 string as:
'Test\One'
However, HSQL, with toSqlValue, is converting it to:
'Test\\One'
Now, this is correct for PostgreSQL and MySQL, at
least, from my reading of the docs. However, it is
*not* correct for SQLite3, and results in this being
added to the SQLite db:
Test\\One
The correct approach would be to make string escaping
handled on a case-by-case basis. (Note that in this
case, SQLite3 is compliant with SQL92, but PostgreSQL
and MySQL are not.)
Even better would be to call the C API functions for
each individual DB to escape the string. (This could
be especially important for ODBC.) For instance,
PostgreSQL has this:
http://www.postgresql.org/docs/8.0/interactive/libpq-exec.html#LIBPQ-EXEC-ESCAPE-STRING
As it is, I cannot rely on HSQL to reliably handle strings.
I'm not sure what the best fix for this would be -- it
seems that having a generic SqlBind may be an issue here.
