1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
|
/// \file manip.h
/// \brief Declares the Query stream manipulators and operators.
///
/// These manipulators let you automatically quote elements or escape
/// characters that are special in SQL when inserting them into a
/// Query stream. They make it easier to build syntactically-correct
/// SQL queries.
///
/// This file also includes special \c operator<< definitions for a few
/// key MySQL++ data types, since we know when to do automatic quoting
/// and escaping for these types. This only works with Query streams,
/// not regular std::ostreams, since we're only concerned with making
/// correct SQL, not with presentation matters.
///
/// test/test_manip.cpp exercises the mechanisms defined here.
/***********************************************************************
Copyright (c) 1998 by Kevin Atkinson, (c) 1999-2001 by MySQL AB, and
(c) 2004-2007 by Educational Technology Resources, Inc. Others may
also hold copyrights on code in this file. See the CREDITS.txt file
in the top directory of the distribution for details.
This file is part of MySQL++.
MySQL++ is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published
by the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
MySQL++ is distributed in the hope that it will be useful, but WITHOUT
ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public
License for more details.
You should have received a copy of the GNU Lesser General Public
License along with MySQL++; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
USA
***********************************************************************/
#ifndef MYSQLPP_MANIP_H
#define MYSQLPP_MANIP_H
#include "common.h"
#include "myset.h"
#include "stadapter.h"
#include <iostream>
namespace mysqlpp {
class SQLQueryParms;
/// \enum quote_type0
/// \anchor quote_manip
///
/// The standard 'quote' manipulator. It is the most widely useful
/// manipulator in MySQL++.
///
/// Insert this manipulator into a Query or SQLQueryParms stream to put
/// single quotes around the next item in the stream, and escape any
/// characters within it that are special in SQL, if the data type of
/// the next item in the stream may require it. By contrast, Date
/// objects only require escaping, not quoting, and integers never
/// require either. The manipulators won't do work they know is not
/// necessary to ensure syntactially-correct SQL.
enum quote_type0
{
quote ///< insert into a Query stream to single-quote and escape next item
};
#if !defined(DOXYGEN_IGNORE)
// Doxygen will not generate documentation for this section.
struct quote_type1
{
std::ostream * ostr;
quote_type1(std::ostream * o) :
ostr(o)
{
}
};
inline quote_type1
operator <<(std::ostream& o, quote_type0 /* esc */)
{
return quote_type1(&o);
}
struct quote_type2
{
SQLQueryParms *qparms;
quote_type2(SQLQueryParms* p) :
qparms(p)
{
}
};
inline quote_type2
operator <<(SQLQueryParms& p, quote_type0 /* esc */)
{
return quote_type2(&p);
}
/// \brief Inserts a SQLTypeAdapter into a stream, quoted and escaped
/// as appropriate to the data type the object was initialized from.
MYSQLPP_EXPORT SQLQueryParms& operator <<(quote_type2 p,
SQLTypeAdapter& in);
/// \brief Inserts a anything that can be converted to SQLTypeAdapter
/// into a stream, quoted and escaped as needed if it's a Query stream
MYSQLPP_EXPORT std::ostream& operator <<(quote_type1 o,
const SQLTypeAdapter& in);
/// \brief Inserts a SQLTypeAdapter into a non-Query stream.
///
/// Although we know how to quote and escape SQLTypeAdapter objects, we
/// only do that when inserting them into Query streams or when given an
/// explicit manipulator because this feature is only intended to make
/// it easier to build syntactically-correct SQL queries.
MYSQLPP_EXPORT std::ostream& operator <<(std::ostream& o,
const SQLTypeAdapter& in);
template <class ST>
inline std::ostream&
operator <<(quote_type1 o, const Set<ST>& in)
{
return *o.ostr << '\'' << in << '\'';
}
#endif // !defined(DOXYGEN_IGNORE)
/// \enum quote_only_type0
/// \anchor quote_only_manip
///
/// The 'quote_only' manipulator.
///
/// Similar to <a href="#quote_manip">quote manipulator</a>, except that
/// it doesn't escape special SQL characters.
enum quote_only_type0
{
quote_only ///< insert into a std::ostream to single-quote next item
};
#if !defined(DOXYGEN_IGNORE)
// Doxygen will not generate documentation for this section.
struct quote_only_type1
{
std::ostream* ostr;
quote_only_type1(std::ostream* o) :
ostr(o)
{
}
};
inline quote_only_type1
operator <<(std::ostream& o, quote_only_type0 /* esc */)
{
return quote_only_type1(&o);
}
struct quote_only_type2
{
SQLQueryParms* qparms;
quote_only_type2(SQLQueryParms* p) :
qparms(p)
{
}
};
inline quote_only_type2
operator <<(SQLQueryParms& p, quote_only_type0 /* esc */)
{
return quote_only_type2(&p);
}
/// \brief Inserts a SQLTypeAdapter into a stream, quoting it unless it's
/// data that needs no quoting.
///
/// We make the decision to quote the data based on the in.quote_q()
/// flag. You can set it yourself, but SQLTypeAdapter's ctors should set
/// it correctly for you.
MYSQLPP_EXPORT SQLQueryParms& operator <<(quote_only_type2 p,
SQLTypeAdapter& in);
std::ostream& operator <<(quote_only_type1 o, const SQLTypeAdapter& in);
template <class ST>
inline std::ostream&
operator <<(quote_only_type1 o, const Set<ST>& in)
{
return *o.ostr << '\'' << in << '\'';
}
#endif // !defined(DOXYGEN_IGNORE)
/// \enum quote_double_only_type0
/// \anchor quote_double_manip
///
/// The 'double_quote_only' manipulator.
///
/// Similar to <a href="#quote_only_manip">quote_only manipulator</a>,
/// except that it uses double quotes instead of single quotes.
///
/// You might care to use it when you have MySQL's \c ANSI_QUOTES mode
/// enabled. In that mode, single quotes are used only for string
/// literals, and double quotes for identifiers. Otherwise,
/// \c quote_only and \c quote are quite sufficient.
enum quote_double_only_type0
{
quote_double_only ///< insert into a std::ostream to double-quote next item
};
#if !defined(DOXYGEN_IGNORE)
// Doxygen will not generate documentation for this section.
struct quote_double_only_type1
{
std::ostream* ostr;
quote_double_only_type1(std::ostream* o) :
ostr(o)
{
}
};
inline quote_double_only_type1
operator <<(std::ostream& o, quote_double_only_type0 /* esc */)
{
return quote_double_only_type1(&o);
}
struct quote_double_only_type2
{
SQLQueryParms *qparms;
quote_double_only_type2(SQLQueryParms* p) :
qparms(p)
{
}
};
inline quote_double_only_type2
operator <<(SQLQueryParms& p, quote_double_only_type0 /* esc */)
{
return quote_double_only_type2(&p);
}
/// \brief Inserts a SQLTypeAdapter into a stream, double-quoting it (")
/// unless it's data that needs no quoting.
///
/// We make the decision to quote the data based on the in.quote_q()
/// flag. You can set it yourself, but SQLTypeAdapter's ctors should set
/// it correctly for you.
MYSQLPP_EXPORT SQLQueryParms&
operator <<(quote_double_only_type2 p, SQLTypeAdapter& in);
std::ostream&
operator <<(quote_double_only_type1 o, const SQLTypeAdapter& in);
template <class ST>
inline std::ostream&
operator <<(quote_double_only_type1 o, const Set<ST>& in)
{
return *o.ostr << '"' << in << '"';
}
#endif // !defined(DOXYGEN_IGNORE)
/// \enum escape_type0
/// The 'escape' manipulator.
///
/// SQL-escapes following argument if it is of a data type that
/// may require escaping when inserted into a Query or SQLQueryParms
/// stream. This is useful with string types, for example, to avoid
/// bad SQL when they contain special characters like single quotes,
/// nulls, and newlines. Data types like integers which never benefit
/// from escaping don't get run through the escaping routine even if
/// you ask for it.
enum escape_type0 { escape };
#if !defined(DOXYGEN_IGNORE)
// Doxygen will not generate documentation for this section.
struct escape_type1
{
std::ostream* ostr;
escape_type1(std::ostream* o) :
ostr(o)
{
}
};
inline escape_type1
operator <<(std::ostream& o, escape_type0 /* esc */)
{
return escape_type1(&o);
}
struct escape_type2
{
SQLQueryParms *qparms;
escape_type2(SQLQueryParms* p) :
qparms(p)
{
}
};
inline escape_type2
operator <<(SQLQueryParms& p, escape_type0 /* esc */)
{
return escape_type2(&p);
}
#endif // !defined(DOXYGEN_IGNORE)
/// \brief Inserts a SQLTypeAdapter into a stream, escaping special SQL
/// characters
///
/// We actually only do the escaping if in.escape_q() returns true but
/// in.dont_escape is not. If that is not the case, we insert the
/// string data directly.
MYSQLPP_EXPORT SQLQueryParms& operator <<(escape_type2 p,
SQLTypeAdapter& in);
/// \brief Inserts anything that can be converted to SQLTypeAdapter into
/// a stream, escaping special SQL characters as needed.
MYSQLPP_EXPORT std::ostream& operator <<(escape_type1 o,
const SQLTypeAdapter& in);
/// \enum do_nothing_type0
/// \anchor do_nothing_manip
///
/// The 'do_nothing' manipulator.
///
/// Does exactly what it says: nothing. Used as a dummy manipulator when
/// you are required to use some manipulator but don't want anything to
/// be done to the following item. When used with SQLQueryParms it will
/// make sure that it does not get formatted in any way, overriding any
/// setting set by the template query.
enum do_nothing_type0
{
do_nothing ///< insert into a std::ostream to override manipulation of next item
};
#if !defined(DOXYGEN_IGNORE)
// Doxygen will not generate documentation for this section.
struct do_nothing_type1
{
std::ostream* ostr;
do_nothing_type1(std::ostream* o) :
ostr(o)
{
}
};
inline do_nothing_type1
operator <<(std::ostream& o, do_nothing_type0 /* esc */)
{
return do_nothing_type1(&o);
}
MYSQLPP_EXPORT std::ostream&
operator <<(do_nothing_type1 o, const SQLTypeAdapter& in);
struct do_nothing_type2
{
SQLQueryParms *qparms;
do_nothing_type2(SQLQueryParms* p) :
qparms(p)
{
}
};
inline do_nothing_type2
operator <<(SQLQueryParms& p, do_nothing_type0 /* esc */)
{
return do_nothing_type2(&p);
}
/// \brief Inserts a SQLTypeAdapter into a stream, with no escaping or
/// quoting.
MYSQLPP_EXPORT SQLQueryParms& operator <<(do_nothing_type2 p,
SQLTypeAdapter& in);
#endif // !defined(DOXYGEN_IGNORE)
/// \enum ignore_type0
/// \anchor ignore_manip
///
/// The 'ignore' manipulator.
///
/// Only valid when used with SQLQueryParms. It's a dummy manipulator
/// like the <a href="#do_nothing_manip">do_nothing manipulator</a>,
/// except that it will not override formatting set by the template
/// query. It is simply ignored.
enum ignore_type0
{
ignore ///< insert into a std::ostream as a dummy manipulator
};
#if !defined(DOXYGEN_IGNORE)
// Doxygen will not generate documentation for this section.
struct ignore_type2
{
SQLQueryParms* qparms;
ignore_type2(SQLQueryParms* p) :
qparms(p)
{
}
};
inline ignore_type2
operator <<(SQLQueryParms& p, ignore_type0 /* esc */)
{
return ignore_type2(&p);
}
/// \brief Inserts a SQLTypeAdapter into a stream, with no escaping or
/// quoting, and without marking the string as having been "processed".
MYSQLPP_EXPORT SQLQueryParms& operator <<(ignore_type2 p,
SQLTypeAdapter& in);
#endif // !defined(DOXYGEN_IGNORE)
} // end namespace mysqlpp
#endif
|
