3

I'm trying to fix the following issue, as it's being very annoying on my site. https://code.google.com/p/google-code-prettify/issues/detail?id=341&thanks=341&ts=1398085413

and refers to the following file of the prettify code: https://code.google.com/p/google-code-prettify/source/browse/trunk/src/lang-sql.js?r=179

The issue is that

  1. When in SQL creating a string that ends with a "\", the highlighter thinks it is escaped, while this is not T-SQL syntax.

  2. To reproduce, use this code as source code: (with Google Code Prettify installed)

    <pre class="prettyprint lang-sql">
 SELECT @BUPath = 'c:\backups\' + @DBName + '-B4 CHANGE.bak'
 SELECT @BUName = @DBName + '-B4 CHANGE'
</pre>

I would expect the code to understand that the slash before the quote in the part 'c:\backups\' is not an escaping character...

I am expecting that this line would need to be changed, but I am not sure how:

[PR['PR_STRING'],      /^(?:"(?:[^\"\\]|\\.)*"|'(?:[^\'\\]|\\.)*')/, null,
      '"\'']

fiddle showing the issue: http://jsfiddle.net/JH5uj/5/

Jongware
  • 22,200
  • 8
  • 54
  • 100
AlexT82
  • 1,114
  • 1
  • 7
  • 12

1 Answers1

3

I think the PR_STRING definition at https://github.com/google/code-prettify/blob/master/src/lang-sql.js must have been copied from some other language where backslash is an escape character.

/^(?:"[^"]*"|'[^']*')/

does it as far as I can tell, but being a mere database guy I could be missing something.

(Sorry to be late to the party with this, but I just hit the same issue and found this thread.)

William Robertson
  • 15,273
  • 4
  • 38
  • 44
  • Are double quotes used for string literals in SQL Server? In Oracle "xyz" would be an identifier, not a string. If they're not, it's just /^'[^']*'/ – William Robertson Aug 27 '15 at 17:28
  • I checked and you can lose the double-quotes too. https://msdn.microsoft.com/en-us/library/ms179899.aspx – William Robertson Sep 01 '15 at 08:35
  • 1
    @WilliamRobertson For SQL Server (T-SQL). 1) string literals are between single-quotes only. 2) Backslash for T-SQL is not an escape character. – TT. Nov 10 '16 at 10:51
  • 1
    In ANSI-SQL backslash in the escape character, except to escape single and double quotes. So the `lang-sql` implements this as such, AFAICT it wasn't blindly copied. – TT. Nov 10 '16 at 10:53
  • @TT. - that's interesting. There is certainly no escape character in Oracle SQL (my background) and apparently not in MS SQL either according to the OP. I found [this](http://www.ibm.com/support/knowledgecenter/SSGU8G_12.1.0/com.ibm.esqlc.doc/ids_esqlc_0015.htm) for Informix, which also mentions ANSI in passing - but then goes on to say ANSI SQL does *not* allow escaping of quotes with backslash. I could only find [this SQL-1992 document](http://www.contrib.andrew.cmu.edu/~shadow/sql/sql1992.txt), which doesn't mention it. – William Robertson Nov 10 '16 at 11:40
  • @TT. just noticed you're saying the same thing. So `lang-sql` is wrong to allow a backslash to escape a quote, right? – William Robertson Nov 10 '16 at 11:47
  • (Edited=) Yes. ANSI-SQL does not allow escaping of single quote and double quote with a backslash. – TT. Nov 10 '16 at 12:24
  • Tbh, I got that from this [link at IBM.com](https://www.ibm.com/support/knowledgecenter/SSGU8G_12.1.0/com.ibm.esqlc.doc/ids_esqlc_0015.htm). I don't have an official link to an ANSI SQL standard. – TT. Nov 10 '16 at 12:33