EscapeName will escape a db/table/column/... name by wrapping with backticks. It is not fool proof. I'm just trying to do the right thing here, not solving SQL injection issues, which should be irrelevant for this tool.
(name string)
| 27 | // It is not fool proof. I'm just trying to do the right thing here, not solving |
| 28 | // SQL injection issues, which should be irrelevant for this tool. |
| 29 | func EscapeName(name string) string { |
| 30 | if unquoted, err := strconv.Unquote(name); err == nil { |
| 31 | name = unquoted |
| 32 | } |
| 33 | return fmt.Sprintf("`%s`", name) |
| 34 | } |
| 35 | |
| 36 | // TruncateColumnName truncates a name so it can be used as a MySQL |
| 37 | // column name, taking into account UTF-8 characters. |
no outgoing calls
searching dependent graphs…