DBAL - SQLParser mssql - escape '
TYPO3 : 6.2.14
I'm using DBAL in a scheduler task for connecting to a foreign database in MSSQL.
In \TYPO3\CMS\Dbal\Database\SqlParser, there is a problem in method getValueInQuotesMssql.
For exemple, this is my query :
$databaseConnectionDbal->exec_SELECTquery('*', 'EmploiPerso', 'Nom = 'D''Amour' AND Prenom = 'Denis'', '', '', '');
For the where_clause, the first time it goes into getValueInQuotesMssql, this is the print_r :
Array ( [__METHOD__] => TYPO3\CMS\Dbal\Database\SqlParser::getValueInQuotesMssql [__LINE__] => 73 [parseString] => 'D''Amours' AND Prenom = 'Denis' [quote] => ' )
It's good for the moment.
After the replacement of ' by \ (line 82) and the explode by quote into $parts, it shows this :
Array ( [__METHOD__] => TYPO3\CMS\Dbal\Database\SqlParser::getValueInQuotesMssql [__LINE__] => 99 [parseString] => 'D\'Amours' AND Prenom = 'Denis' [quote] => ', [parts] => Array (  => D\  => Amours  => AND Prenom =  => Denis  => ) )
It's still good.
However, the first result buffer is :
with strippedSlahes results of
This cause an error (debug DB in BE):
0 SELECT * FROM "EmploiPerso" WHERE "Nom" = 'D'Amours' AND "Prenom" = 'Denis' 1 SQLState: 42000 Error Code: 102 Message: [Microsoft][ODBC Driver 11 for SQL Server][SQL Server]Incorrect syntax near 'Amours'. SQLState: 42000 Error Code: 105 Message: [Microsoft][ODBC Driver 11 for SQL Server][SQL Server]Unclosed quotation mark after the character string ''
To resolve this, I modify :
$buffer .= $quote;
$buffer .= $quote . $quote;
And now it's working.