Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion packages/cubejs-prestodb-driver/src/PrestoDriver.ts
Original file line number Diff line number Diff line change
Expand Up @@ -218,7 +218,7 @@ export class PrestoDriver extends BaseDriver implements DriverInterface {

public prepareQueryWithParams(query: string, values: unknown[]) {
return SqlString.format(query, (values || []).map(value => (typeof value === 'string' ? {
toSqlString: () => SqlString.escape(value).replace(/\\\\([_%])/g, '\\$1'),
toSqlString: () => `'${value.replace(/'/g, '\'\'')}'`,
} : value)));
}

Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
import { PrestoDriver } from '../../src/PrestoDriver';

describe('PrestoDriver prepareQueryWithParams', () => {
let driver: PrestoDriver;

beforeEach(() => {
driver = new PrestoDriver({
host: 'localhost',
port: '8080',
catalog: 'test',
schema: 'default',
});
});

it('formats simple queries without parameters', () => {
const formatted = driver.prepareQueryWithParams('SELECT * FROM users', []);
expect(formatted).toBe('SELECT * FROM users');
});

it('formats parameters with standard SQL escaping for single quotes', () => {
const formatted = driver.prepareQueryWithParams(
'SELECT * FROM users WHERE name = ? AND city = ?',
["maya'k", "O'Reilly"]
);
expect(formatted).toBe("SELECT * FROM users WHERE name = 'maya''k' AND city = 'O''Reilly'");
});

it('does not escape backslashes like MySQL', () => {
const formatted = driver.prepareQueryWithParams(
'SELECT * FROM users WHERE path = ?',
['C:\\Program Files\\App']
);
expect(formatted).toBe("SELECT * FROM users WHERE path = 'C:\\Program Files\\App'");
});

it('keeps wildcards and their escapes in LIKE queries', () => {
const formatted = driver.prepareQueryWithParams(
'SELECT * FROM users WHERE name LIKE ? ESCAPE ?',
['%foo\\_bar%', '\\']
);
expect(formatted).toBe("SELECT * FROM users WHERE name LIKE '%foo\\_bar%' ESCAPE '\\'");
});
});
Loading