Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More →
sqlquerybuilder
Advanced tools
sqlquerybuilder - npm Package Compare versions
Comparing version 0.0.45 to 0.0.46
@@ -29,5 +29,6 @@ var _ = require('lodash'); | ||
| if (alias) | ||
| orderByInput = alias.selectProp; | ||
| else | ||
| // Commented out because ordering from grid was not working, all tests still pass. | ||
| // if (alias) | ||
| // orderByInput = alias.selectProp; | ||
| // else | ||
| orderByInput = self._checkTableName(table) + '.' + parts[1]; | ||
@@ -34,0 +35,0 @@ } |
@@ -104,3 +104,2 @@ var _ = require('lodash'), | ||
| var subFilter = subFilters[s].trim(); | ||
| if (ored && s > 0) | ||
@@ -114,3 +113,3 @@ whereString += " OR "; | ||
| whereString += self._whereJoin(reference) + " LIKE '%" + | ||
| subFilter.substr(opIndex + 11, subFilter.lastIndexOf("\"") - (opIndex + 11)) + | ||
| sqlescape(subFilter.substr(opIndex + 11, subFilter.lastIndexOf("\"") - (opIndex + 11))) + | ||
| "%'"; | ||
@@ -125,3 +124,3 @@ continue; | ||
| " LIKE '" + | ||
| subFilter.substr(opIndex + 13, subFilter.lastIndexOf("\"") - (opIndex + 13)) + | ||
| sqlescape(subFilter.substr(opIndex + 13, subFilter.lastIndexOf("\"") - (opIndex + 13))) + | ||
| "%'"; | ||
@@ -136,3 +135,3 @@ continue; | ||
| " LIKE '%" + | ||
| subFilter.substr(opIndex + 11, subFilter.lastIndexOf("\"") - (opIndex + 11)) + | ||
| sqlescape(subFilter.substr(opIndex + 11, subFilter.lastIndexOf("\"") - (opIndex + 11))) + | ||
| "'"; | ||
@@ -155,3 +154,3 @@ continue; | ||
| " = '" + | ||
| subFilter.substr(opIndex + 9, subFilter.lastIndexOf("\"") - (opIndex + 9)) + | ||
| sqlescape(subFilter.substr(opIndex + 9, subFilter.lastIndexOf("\"") - (opIndex + 9))) + | ||
| "'"; | ||
@@ -170,3 +169,3 @@ if (shouldAppendParenth) | ||
| " >= '" + | ||
| subFilter.substr(opIndex + 2, subFilter.length - opIndex) + | ||
| sqlescape(subFilter.substr(opIndex + 2, subFilter.length - opIndex)) + | ||
| "'"; | ||
@@ -181,3 +180,3 @@ continue; | ||
| " > '" + | ||
| subFilter.substr(opIndex + 1, subFilter.length - opIndex) + //.replace(/-/g, "/") + | ||
| sqlescape(subFilter.substr(opIndex + 1, subFilter.length - opIndex)) + //.replace(/-/g, "/") + | ||
| "'"; | ||
@@ -192,3 +191,3 @@ continue; | ||
| " <= '" + | ||
| subFilter.substr(opIndex + 2, subFilter.length - opIndex - 1) + //.replace(/-/g, "/") + | ||
| sqlescape(subFilter.substr(opIndex + 2, subFilter.length - opIndex - 1)) + //.replace(/-/g, "/") + | ||
| "'"; | ||
@@ -203,3 +202,3 @@ continue; | ||
| " < '" + | ||
| subFilter.substr(opIndex + 1, subFilter.length - opIndex - 1) + | ||
| sqlescape(subFilter.substr(opIndex + 1, subFilter.length - opIndex - 1)) + | ||
| "'"; | ||
@@ -206,0 +205,0 @@ continue; |
| { | ||
| "name": "sqlquerybuilder", | ||
| "version": "0.0.45", | ||
| "version": "0.0.46", | ||
| "description": "Highly opinionated Sql Server Query Writer, mostly for internal use.", | ||
@@ -5,0 +5,0 @@ "main": "./lib/index", |
@@ -1,4 +0,4 @@ | ||
| module.exports =(function(s){ | ||
| if(!s){return "''";} | ||
| module.exports =(function(s, autoQuote){ | ||
| if(!s){return autoQuote ? "''" : "";} | ||
| return s.replace(/'/g,"''"); | ||
| }); |
@@ -1014,2 +1014,24 @@ /** | ||
| }); | ||
| it('should properly escape process list request where', function(done){ | ||
| var req = { filters: 'IsActive=true&&RemitTo.VendorName.Equals("AIRGAS USA, LLC")||RemitTo.VendorName.Equals("ARCADIA OILFIELD SUPPLY, INC.")||RemitTo.VendorName.Equals("ARROW PUMP & SUPPLY")||RemitTo.VendorName.Equals("BEARING HEADQUARTERS COMPANY")||RemitTo.VendorName.Equals("BELL SUPPLY")||RemitTo.VendorName.Equals("BIG D\'S RENT ALL")||RemitTo.VendorName.Equals("BLUE BEACON INTERNATIONAL, INC")||RemitTo.VendorName.Equals("BRAINERD CHEMICAL CO, INC.")||RemitTo.VendorName.Equals("BRANDT\'S INC.")||RemitTo.VendorName.Equals("BRENNTAG SOUTHWEST, INC")||RemitTo.VendorName.Equals("BROWN\'S TRUE VALUE")||RemitTo.VendorName.Equals("BRUCE DAVIS ALIGNMENT")||RemitTo.VendorName.Equals("C & S SAFETY SYSTEMS OF LOUISIANA, LLC")||RemitTo.VendorName.Equals("CHEMPLEX LOGISTICS SOLVAY GROUP")||RemitTo.VendorName.Equals("CONTAINER SUPPLY, INC")||RemitTo.VendorName.Equals("CRAWFORD SUPPLY CO., INC.")||RemitTo.VendorName.Equals("ELITE AUCTION, LLC")||RemitTo.VendorName.Equals("FISHER SCIENTIFIC")||RemitTo.VendorName.Equals("FORMBY OIL CO.")||RemitTo.VendorName.Equals("HARCROS CHEMICALS, INC.")||RemitTo.VendorName.Equals("JET SPECIALTY AND SUPPLY, INC.")||RemitTo.VendorName.Equals("JOHN L. LEWIS WELL SERVICE, LLC")||RemitTo.VendorName.Equals("JONES TRUCK REPAIR, LLC")||RemitTo.VendorName.Equals("KEYSTONE-BEARD EQUIPMENT CO.")||RemitTo.VendorName.Equals("M & M SUPPLY COMPANY")||RemitTo.VendorName.Equals("MACK TRUCK SALES OF TULSA, INC.")||RemitTo.VendorName.Equals("MAJOR GAS COMPANY, INC")||RemitTo.VendorName.Equals("MCMASTER-CARR SUPPLY")||RemitTo.VendorName.Equals("Meacham Pump Repair Service")||RemitTo.VendorName.Equals("MOORE\'S IGA")||RemitTo.VendorName.Equals("MORRIS PUMP & SUPPLY")||RemitTo.VendorName.Equals("MURPHY BROS. QUICK LUBE")||RemitTo.VendorName.Equals("OLG PROPANE")||RemitTo.VendorName.Equals("SCOTT TIRES CENTER INC")||RemitTo.VendorName.Equals("SCOTT-GREER SALES, INC.")||RemitTo.VendorName.Equals("SKYE PETROLEUM, INC")||RemitTo.VendorName.Equals("SOONER CONDITIONING")||RemitTo.VendorName.Equals("SOONER LIFT,INC.")||RemitTo.VendorName.Equals("SPECIALTY TIRE LLC")||RemitTo.VendorName.Equals("V K ENTERPRISES, INC.")||RemitTo.VendorName.Equals("WAYNE ENTERPRISES, INC.")&&DueDate<=10/28/2014&&(IsCreditCardReceipt==false)&&(AccountsPayableInvoiceStatus.Value==3)&&(ApprovalStatus.Value==3)', | ||
| sidx: 'InvoiceNumber', | ||
| sord: 'asc', | ||
| RenderFormat: 'paged', | ||
| page: '1', | ||
| pagePercent: '1', | ||
| total: '1', | ||
| rows: '100', | ||
| totalPages: '1' | ||
| }; | ||
| var query = sqlBuilder() | ||
| .select("AccountsPayableInvoices.*") | ||
| .from('AccountsPayableInvoices') | ||
| .processListRequest(req) | ||
| .build(); | ||
| query.trim().should.equal("WITH SelectedItems AS (SELECT AccountsPayableInvoices.*, ROW_NUMBER() OVER (ORDER BY AccountsPayableInvoices.InvoiceNumber ASC) AS Position FROM AccountsPayableInvoices LEFT JOIN RemitTo ON AccountsPayableInvoices.RemitTo_id = RemitTo.Id WHERE AccountsPayableInvoices.IsActive = 1 AND (RemitTo.VendorName = 'AIRGAS USA, LLC' OR RemitTo.VendorName = 'ARCADIA OILFIELD SUPPLY, INC.' OR RemitTo.VendorName = 'ARROW PUMP & SUPPLY' OR RemitTo.VendorName = 'BEARING HEADQUARTERS COMPANY' OR RemitTo.VendorName = 'BELL SUPPLY' OR RemitTo.VendorName = 'BIG D''S RENT ALL' OR RemitTo.VendorName = 'BLUE BEACON INTERNATIONAL, INC' OR RemitTo.VendorName = 'BRAINERD CHEMICAL CO, INC.' OR RemitTo.VendorName = 'BRANDT''S INC.' OR RemitTo.VendorName = 'BRENNTAG SOUTHWEST, INC' OR RemitTo.VendorName = 'BROWN''S TRUE VALUE' OR RemitTo.VendorName = 'BRUCE DAVIS ALIGNMENT' OR RemitTo.VendorName = 'C & S SAFETY SYSTEMS OF LOUISIANA, LLC' OR RemitTo.VendorName = 'CHEMPLEX LOGISTICS SOLVAY GROUP' OR RemitTo.VendorName = 'CONTAINER SUPPLY, INC' OR RemitTo.VendorName = 'CRAWFORD SUPPLY CO., INC.' OR RemitTo.VendorName = 'ELITE AUCTION, LLC' OR RemitTo.VendorName = 'FISHER SCIENTIFIC' OR RemitTo.VendorName = 'FORMBY OIL CO.' OR RemitTo.VendorName = 'HARCROS CHEMICALS, INC.' OR RemitTo.VendorName = 'JET SPECIALTY AND SUPPLY, INC.' OR RemitTo.VendorName = 'JOHN L. LEWIS WELL SERVICE, LLC' OR RemitTo.VendorName = 'JONES TRUCK REPAIR, LLC' OR RemitTo.VendorName = 'KEYSTONE-BEARD EQUIPMENT CO.' OR RemitTo.VendorName = 'M & M SUPPLY COMPANY' OR RemitTo.VendorName = 'MACK TRUCK SALES OF TULSA, INC.' OR RemitTo.VendorName = 'MAJOR GAS COMPANY, INC' OR RemitTo.VendorName = 'MCMASTER-CARR SUPPLY' OR RemitTo.VendorName = 'Meacham Pump Repair Service' OR RemitTo.VendorName = 'MOORE''S IGA' OR RemitTo.VendorName = 'MORRIS PUMP & SUPPLY' OR RemitTo.VendorName = 'MURPHY BROS. QUICK LUBE' OR RemitTo.VendorName = 'OLG PROPANE' OR RemitTo.VendorName = 'SCOTT TIRES CENTER INC' OR RemitTo.VendorName = 'SCOTT-GREER SALES, INC.' OR RemitTo.VendorName = 'SKYE PETROLEUM, INC' OR RemitTo.VendorName = 'SOONER CONDITIONING' OR RemitTo.VendorName = 'SOONER LIFT,INC.' OR RemitTo.VendorName = 'SPECIALTY TIRE LLC' OR RemitTo.VendorName = 'V K ENTERPRISES, INC.' OR RemitTo.VendorName = 'WAYNE ENTERPRISES, INC.') AND AccountsPayableInvoices.DueDate <= '10/28/2014' AND (AccountsPayableInvoices.IsCreditCardReceipt = 0) AND (AccountsPayableInvoices.AccountsPayableInvoiceStatusValue = 3) AND (AccountsPayableInvoices.ApprovalStatusValue = 3)) SELECT *, (Select MAX(Position) From SelectedItems) as 'TotalRows' FROM SelectedItems WHERE Position > 0 AND Position <= 100"); | ||
| done(); | ||
| }); | ||
| }); |
New alerts
Long strings
Supply chain riskContains long string literals, which may be a sign of obfuscated or packed code.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by2.66%
222084
- Lines of code
- increased by0.82%
4572
Worsened metrics
- Number of low supply chain risk alerts
- increased by28.57%
9
No dependency changes