Move name validation code to core

2025-12-15 14:45:45 +09:00
parent bf6027f507
commit 5f03b55eb5
8 changed files with 194 additions and 289 deletions
--- a/src/server/sql.rs
+++ b/src/server/sql.rs
@@ -1,3 +1,29 @@
 pub mod database_operations;
 pub mod database_privilege_operations;
 pub mod user_operations;
+
+#[inline]
+pub fn quote_literal(s: &str) -> String {
+    format!("'{}'", s.replace('\'', r"\'"))
+}
+
+#[inline]
+pub fn quote_identifier(s: &str) -> String {
+    format!("`{}`", s.replace('`', r"\`"))
+}
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    #[test]
+    fn test_quote_literal() {
+        let payload = "' OR 1=1 --";
+        assert_eq!(quote_literal(payload), r#"'\' OR 1=1 --'"#);
+    }
+
+    #[test]
+    fn test_quote_identifier() {
+        let payload = "` OR 1=1 --";
+        assert_eq!(quote_identifier(payload), r#"`\` OR 1=1 --`"#);
+    }
+}