RFR: 8143165 Add Statement.isSimpleIdentifier and update enquoteLiteral
Roger Riggs
Roger.Riggs at Oracle.com
Tue Nov 24 22:22:20 UTC 2015
+1
On 11/24/2015 5:18 PM, Lance Andersen wrote:
> Hi Roger
>
> Thank you for the feedback
> On Nov 24, 2015, at 4:11 PM, Roger Riggs <Roger.Riggs at oracle.com
> <mailto:Roger.Riggs at oracle.com>> wrote:
>
>> Hi Lance,
>>
>> Statement.java:
>> - "contains a {@code null} character or double quote, and is not a
>> simple SQL identifier."
>>
>> The "," is not needed and changes the semantics if it is present.
>>
>> +1518:
>> - "The string is between 1 and 128 characters in length"
> OK changed to
>
> * <li>The string is between 1 and 128 characters in length
> inclusive</li>
>
>>
>> You might want to add the word inclusive, otherwise I interpret the
>> length to be value >=2 and <= 127.
>>
>> The rest is fine.
>
> Here is the change:
>
> -------
> ljanders% hg diff src/java.sql/share/classes/java/sql/Statement.java
> diff -r b39bfadab299 src/java.sql/share/classes/java/sql/Statement.java
> --- a/src/java.sql/share/classes/java/sql/Statement.javaSat Nov 14
> 11:00:40 2015 +0800
> +++ b/src/java.sql/share/classes/java/sql/Statement.javaTue Nov 24
> 17:16:48 2015 -0500
> @@ -1397,9 +1397,10 @@
> * @param val a character string
> * @return A string enclosed by single quotes with every single quote
> * converted to two single quotes
> - * @throws NullPointerException if val is null
> + * @throws NullPointerException if val is {@code null}
> + * @throws SQLException if a database access error occurs
> */
> - default String enquoteLiteral(String val) {
> + default String enquoteLiteral(String val) throws SQLException {
> return "'" + val.replace("'", "''") + "'";
> }
> @@ -1437,7 +1438,7 @@
> *
> * The default implementation will throw a {@code SQLException} if:
> * <ul>
> - * <li>{@code identifier} contains a null character or double
> quote, and is not
> + * <li>{@code identifier} contains a {@code null} character or
> double quote and is not
> * a simple SQL identifier.</li>
> * <li>The length of {@code identifier} is less than 1 or greater
> than 128 characters
> * </ul>
> @@ -1501,14 +1502,14 @@
> * @throws SQLException if identifier is not a valid identifier
> * @throws SQLFeatureNotSupportedException if the datasource does
> not support
> * delimited identifiers
> - * @throws NullPointerException if identifier is null
> + * @throws NullPointerException if identifier is {@code null}
> */
> default String enquoteIdentifier(String identifier, boolean
> alwaysQuote) throws SQLException {
> int len = identifier.length();
> if (len < 1 || len > 128) {
> throw new SQLException("Invalid name");
> }
> - if
> (Pattern.compile("[\\p{Alpha}][\\p{Alnum}_]+").matcher(identifier).matches())
> {
> + if
> (Pattern.compile("[\\p{Alpha}][\\p{Alnum}_]*").matcher(identifier).matches())
> {
> return alwaysQuote ? "\"" + identifier + "\"" : identifier;
> }
> if (identifier.matches("^\".+\"$")) {
> @@ -1520,4 +1521,65 @@
> throw new SQLException("Invalid name");
> }
> }
> +
> + /**
> + * Retrieves whether {@code identifier} is a simple SQL identifier.
> + *
> + * @implSpec The default implementation uses the following
> criteria to
> + * determine a valid simple SQL identifier:
> + * <ul>
> + * <li>The string is not enclosed in double quotes</li>
> + * <li>The first character is an alphabetic character from a
> through z, or
> + * from A through Z</li>
> + * <li>The string only contains alphanumeric characters or the
> character
> + * "_"</li>
> + * <li>The string is between 1 and 128 characters in length
> inclusive</li>
> + * </ul>
> + *
> + * <blockquote>
> + * <table border = 1 cellspacing=0 cellpadding=5 >
> + * <caption>Examples of the conversion:</caption>
> + * <tr>
> + * <th>identifier</th>
> + * <th>Simple Identifier</th>
> + *
> + * <tr>
> + * <td align='center'>Hello</td>
> + * <td align='center'>true</td>
> + * </tr>
> + * <tr>
> + * <td align='center'>G'Day</td>
> + * <td align='center'>false</td>
> + * </tr>
> + * <tr>
> + * <td align='center'>"Bruce Wayne"</td>
> + * <td align='center'>false</td>
> + * </tr>
> + * <tr>
> + * <td align='center'>GoodDay$</td>
> + * <td align='center'>false</td>
> + * </tr>
> + * <tr>
> + * <td align='center'>Hello"World</td>
> + * <td align='center'>false</td>
> + * </tr>
> + * <tr>
> + * <td align='center'>"Hello"World"</td>
> + * <td align='center'>false</td>
> + * </tr>
> + * </table>
> + * </blockquote>
> + * @implNote JDBC driver implementations may need to provide
> their own
> + * implementation of this method in order to meet the
> requirements of the
> + * underlying datasource.
> + * @param identifier a SQL identifier
> + * @return true if a simple SQL identifier, false otherwise
> + * @throws NullPointerException if identifier is {@code null}
> + * @throws SQLException if a database access error occurs
> + */
> + default boolean isSimpleIdentifier(String identifier) throws
> SQLException {
> + int len = identifier.length();
> + return len >= 1 && len <= 128
> + &&
> Pattern.compile("[\\p{Alpha}][\\p{Alnum}_]*").matcher(identifier).matches();
> + }
> }
> -------
>>
>> Roger
>>
>>
>>
>> On 11/24/2015 2:48 PM, Lance Andersen wrote:
>>> Hi,
>>>
>>> Please provide a review for
>>> http://cr.openjdk.java.net/~lancea/8143165/webrev.00/
>>> <http://cr.openjdk.java.net/%7Elancea/8143165/webrev.00/>. This
>>> adds Statement.isSimpleIdentifier, adds a throws SQLException to
>>> Statement.enquoteLiteral and includes a few additional tests
>>>
>>> Best
>>> Lance
>>>
>>>
>>> Lance Andersen| Principal Member of Technical Staff | +1.781.442.2037
>>> Oracle Java Engineering
>>> 1 Network Drive
>>> Burlington, MA 01803
>>> Lance.Andersen at oracle.com <mailto:Lance.Andersen at oracle.com>
>>>
>>>
>>>
>>
>
> <http://oracle.com/us/design/oracle-email-sig-198324.gif>
> <http://oracle.com/us/design/oracle-email-sig-198324.gif><http://oracle.com/us/design/oracle-email-sig-198324.gif>
> <http://oracle.com/us/design/oracle-email-sig-198324.gif>Lance
> Andersen| Principal Member of Technical Staff | +1.781.442.2037
> Oracle Java Engineering
> 1 Network Drive
> Burlington, MA 01803
> Lance.Andersen at oracle.com <mailto:Lance.Andersen at oracle.com>
>
>
>
More information about the core-libs-dev
mailing list