pg-format - npm Package Compare versions

Comparing version 0.1.0 to 0.1.1

lib/index.js

		// reserved Postgres words
		var reservedMap = require(__dirname + '/reserved.js');

		var fmtPattern = {
		ident: 'I',
		literal: 'L',
		string: 's',
		};

		// convert to Postgres default ISO 8601 format
		@@ -130,2 +136,16 @@ function formatDate(date) {

		function config(cfg) {

		// default
		fmtPattern.ident = 'I';
		fmtPattern.literal = 'L';
		fmtPattern.string = 's';

		if (cfg && cfg.pattern) {
		if (cfg.pattern.ident) { fmtPattern.ident = cfg.pattern.ident; }
		if (cfg.pattern.literal) { fmtPattern.literal = cfg.pattern.literal; }
		if (cfg.pattern.string) { fmtPattern.string = cfg.pattern.string; }
		}
		}

		function format(fmt) {
		@@ -135,4 +155,11 @@ var i = 1;

		return fmt.replace(/%([%sIL])/g, function(_, type) {
		var re = '%([%';
		re += fmtPattern.ident;
		re += fmtPattern.literal;
		re += fmtPattern.string;
		re += '])';
		re = new RegExp(re, 'g');

		return fmt.replace(re, function(_, type) {

		if (type === '%') {
		@@ -144,7 +171,7 @@ return '%';

		if (type === 'I') {
		if (type === fmtPattern.ident) {
		return quoteIdent(arg);
		} else if (type === 'L') {
		} else if (type === fmtPattern.literal) {
		return quoteLiteral(arg);
		} else if (type === 's') {
		} else if (type === fmtPattern.string) {
		return quoteString(arg);
		@@ -156,4 +183,5 @@ }
		exports = module.exports = format;
		exports.config = config;
		exports.ident = quoteIdent;
		exports.literal = quoteLiteral;
		exports.string = quoteString;

package.json

		@@ -9,3 +9,3 @@ {
		"description": "Node.js implementation of PostgreSQL's format() to safely create dynamic SQL queries.",
		"version": "0.1.0",
		"version": "0.1.1",
		"repository": {
		@@ -12,0 +12,0 @@ "type": "git",

README.md

		node-pg-format
		==============

		Node.js implementation of [PostgreSQL format()](http://www.postgresql.org/docs/9.3/static/functions-string.html#FUNCTIONS-STRING-FORMAT) to safely create dynamic SQL queries. SQL identifiers and literals are escaped to help prevent SQL injection. The behavior is equivalent to [PostgreSQL format()](http://www.postgresql.org/docs/9.3/static/functions-string.html#FUNCTIONS-STRING-FORMAT) except when handling Javascript arrays and objects.
		Node.js implementation of [PostgreSQL format()](http://www.postgresql.org/docs/9.3/static/functions-string.html#FUNCTIONS-STRING-FORMAT) to safely create dynamic SQL queries. SQL identifiers and literals are escaped to help prevent SQL injection. The behavior is equivalent to [PostgreSQL format()](http://www.postgresql.org/docs/9.3/static/functions-string.html#FUNCTIONS-STRING-FORMAT) except when handling Javascript arrays and objects which is explained [below](#arrobject).

		@@ -26,2 +26,15 @@ ## Install

		### format.config(cfg)
		Changes the global configuration. You can change which letters are used to denote identifiers, literals, and strings in the formatted string. This is useful when the formatted string contains a PL/pgSQL function which calls [PostgreSQL format()](http://www.postgresql.org/docs/9.3/static/functions-string.html#FUNCTIONS-STRING-FORMAT) itself.
		```js
		var format = require('pg-format');
		format.config({
		pattern: {
		ident: 'V',
		literal: 'C',
		string: 't'
		}
		});
		```

		### format.ident(input)
		@@ -36,3 +49,3 @@ Returns the input as an escaped SQL identifier string. ```undefined```, ```null```, arrays, and objects will throw an error.

		## Arrays and Objects
		## <a name="arrobject"></a> Arrays and Objects
		Javascript arrays and objects can be used for literals (```%L```) and strings (```%s```), but not identifiers (```%I```). For arrays, each element is escaped when appropriate and concatenated to a comma-delimited string. For objects, ```JSON.stringify()``` is called and the resulting string is escaped if appropriate. See the example below.
		@@ -39,0 +52,0 @@

pg-format - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics