On Mon, Oct 7, 2013 at 12:05 PM, Chris Steipp <[email protected]> wrote: > If you are writing an enhancement to this, you should wrap them in ` and > escape ` characters in the name. DatabaseBase::addIdentifierQuotes wraps, > but doesn't escape.
Backquotes are a MySQLism. The SQL standard uses double-quotes, which MySQL uses for strings along with single-quotes (unless you put ANSI_QUOTES in sql_mode). It looks like DatabaseBase::addIdentifierQuotes actually does escape, although whether its escaping is sufficient I don't know. It changes 'foo " bar' into '"foo "" bar"'. DatabaseMysqlBase::addIdentifierQuotes, on the other hand, doesn't escape correctly; it uses the same function for quoting strings and identifiers, despite the different quote marks. So it will change 'foo " bar' into '`foo \" bar`', but 'foo ` bar' comes out wrong as '`foo ` bar`'. -- Brad Jorsch (Anomie) Software Engineer Wikimedia Foundation _______________________________________________ Wikitech-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikitech-l
