Skip to content

db hint #5

Open
Open
@vitaly-t

Description

@vitaly-t

about this code:

/**
 * Wrap name with double-quotes to work with keyword properly
 * see
 * http://www.postgresql.org/docs/9.5/static/sql-syntax-lexical.html
 * @param {String} name the name to escape
 * @param {bool} remove the flag to remove double-quotes
 * @returns {String} the escaped name
 * @private
 */
function _escapeName(name, remove) {
  if (/".*"/.test(name)) {
    return remove ? name.substring(1, name.length - 1) : name;
  }
  return remove ? name : `"${name}"`;
}

You should instead use the proper query formatting provided by pg-promise.

In this particular case - method as.name.

See also SQL Names.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions