mirror of
https://github.com/RGBCube/serenity
synced 2025-05-31 10:38:11 +00:00
LibSQL: Parse and execute sequential placeholder values
This partially implements SQLite's bind-parameter expression to support
indicating placeholder values in a SQL statement. For example:
INSERT INTO table VALUES (42, ?);
In the above statement, the '?' identifier is a placeholder. This will
allow clients to compile statements a single time while running those
statements any number of times with different placeholder values.
Further, this will help mitigate SQL injection attacks.
This commit is contained in:
Timothy Flynn
Andreas Kling
parent
53f8d62ea4
commit
b2b9ae27fd
10 changed files with 154 additions and 30 deletions
|
|
@ -41,27 +41,28 @@ constexpr char const* command_tag(SQLCommand command)
|
|||
}
|
||||
}
|
||||
|
||||
#define ENUMERATE_SQL_ERRORS(S) \
|
||||
S(NoError, "No error") \
|
||||
S(InternalError, "{}") \
|
||||
S(NotYetImplemented, "{}") \
|
||||
S(DatabaseUnavailable, "Database Unavailable") \
|
||||
S(StatementUnavailable, "Statement with id '{}' Unavailable") \
|
||||
S(SyntaxError, "Syntax Error") \
|
||||
S(DatabaseDoesNotExist, "Database '{}' does not exist") \
|
||||
S(SchemaDoesNotExist, "Schema '{}' does not exist") \
|
||||
S(SchemaExists, "Schema '{}' already exist") \
|
||||
S(TableDoesNotExist, "Table '{}' does not exist") \
|
||||
S(ColumnDoesNotExist, "Column '{}' does not exist") \
|
||||
S(AmbiguousColumnName, "Column name '{}' is ambiguous") \
|
||||
S(TableExists, "Table '{}' already exist") \
|
||||
S(InvalidType, "Invalid type '{}'") \
|
||||
S(InvalidDatabaseName, "Invalid database name '{}'") \
|
||||
S(InvalidValueType, "Invalid type for attribute '{}'") \
|
||||
S(InvalidNumberOfValues, "Number of values does not match number of columns") \
|
||||
S(BooleanOperatorTypeMismatch, "Cannot apply '{}' operator to non-boolean operands") \
|
||||
S(NumericOperatorTypeMismatch, "Cannot apply '{}' operator to non-numeric operands") \
|
||||
S(IntegerOperatorTypeMismatch, "Cannot apply '{}' operator to non-numeric operands") \
|
||||
#define ENUMERATE_SQL_ERRORS(S) \
|
||||
S(NoError, "No error") \
|
||||
S(InternalError, "{}") \
|
||||
S(NotYetImplemented, "{}") \
|
||||
S(DatabaseUnavailable, "Database Unavailable") \
|
||||
S(StatementUnavailable, "Statement with id '{}' Unavailable") \
|
||||
S(SyntaxError, "Syntax Error") \
|
||||
S(DatabaseDoesNotExist, "Database '{}' does not exist") \
|
||||
S(SchemaDoesNotExist, "Schema '{}' does not exist") \
|
||||
S(SchemaExists, "Schema '{}' already exist") \
|
||||
S(TableDoesNotExist, "Table '{}' does not exist") \
|
||||
S(ColumnDoesNotExist, "Column '{}' does not exist") \
|
||||
S(AmbiguousColumnName, "Column name '{}' is ambiguous") \
|
||||
S(TableExists, "Table '{}' already exist") \
|
||||
S(InvalidType, "Invalid type '{}'") \
|
||||
S(InvalidDatabaseName, "Invalid database name '{}'") \
|
||||
S(InvalidValueType, "Invalid type for attribute '{}'") \
|
||||
S(InvalidNumberOfPlaceholderValues, "Number of values does not match number of placeholders") \
|
||||
S(InvalidNumberOfValues, "Number of values does not match number of columns") \
|
||||
S(BooleanOperatorTypeMismatch, "Cannot apply '{}' operator to non-boolean operands") \
|
||||
S(NumericOperatorTypeMismatch, "Cannot apply '{}' operator to non-numeric operands") \
|
||||
S(IntegerOperatorTypeMismatch, "Cannot apply '{}' operator to non-numeric operands") \
|
||||
S(InvalidOperator, "Invalid operator '{}'")
|
||||
|
||||
enum class SQLErrorCode {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue