Project

General

Profile

Actions
Copy link

Bug #66104

closed

ext_tables.sql all fields-names should be properly escaped

Added by Gabriel Kaufmann / Typoworx NewMedia over 9 years ago. Updated about 9 years ago.

Status:
Closed
Priority:
Must have
Assignee:
Morton Jonuschat
Category:
Install Tool
Target version:
-
Start date:
2015-03-27
Due date:
% Done:

0%

Estimated time:
TYPO3 Version:
6.2
PHP Version:
Tags:
Complexity:
Is Regression:
No
Sprint Focus:

Description

All field-names in ext_tables.sql and processing in install-tool/extension-installation should properly escape field-names (f.e. in MySQL using "`myfield`").

If you want to have a table named "order" f.e. for an extbase shop having relations within other tables, you run into real problems as the name "ORDER" is system-preserved if it is not properly escaped (meaning MySQL ORDER).

This causes serious problems as in Extbase it is recommended to use singulare-names on tables, so "orders" isn't a real good name for the table.

If all fields are escaped properly and the escaping is properly preserved in install-tool and other places, the Database will not mistype it as system-command "ORDER".

Currently escaping the field in ext_tables.sql does not solve this, as the Install-Tool still transforms the Query into an Alter-Statement (original table already exists) and strips off my escaping.

Related issues 1 (0 open1 closed)

Related to TYPO3 Core - Bug #68512: Mysql error running Upgrade WizardClosedMathias Schreiber2015-07-24

Actions
Actions
Copy link

Also available in: Atom PDF