lib/sqlstring.js

SQL String

A few functions taken from the node-mysql lib, so it can be easily used with any library on the toString method, and on the browser.

var SqlString = {}; var _ = require('lodash');

Send in a "sql" string, values, and an optional timeZone and have it returned as a properly formatted SQL query.

SqlString.format = function(sql, values, timeZone) { values = [].concat(values); return sql.replace(/\?/g, function(match) { if (!values.length) return match; return SqlString.escape(values.shift(), timeZone); }); }; SqlString.escape = function(val, timeZone) { if (val === undefined || val === null) { return 'NULL'; } switch (typeof val) { case 'boolean': return (val) ? 'true' : 'false'; case 'number': return val+''; } if (val instanceof Date) { val = SqlString.dateToString(val, timeZone || "Z"); } if (typeof Buffer !== 'undefined' && Buffer.isBuffer(val)) { return SqlString.bufferToString(val); } if (_.isArray(val)) { return SqlString.arrayToList(val, timeZone); } if (typeof val === 'object') val = val.toString(); val = val.replace(/[\0\n\r\b\t\\\'\"\x1a]/g, function(s) { switch(s) { case "\0": return "\\0"; case "\n": return "\\n"; case "\r": return "\\r"; case "\b": return "\\b"; case "\t": return "\\t"; case "\x1a": return "\\Z"; default: return "\\"+s; } }); return "'"+val+"'"; }; SqlString.arrayToList = function(array, timeZone) { return array.map(function(v) { if (Array.isArray(v)) return '(' + SqlString.arrayToList(v) + ')'; return SqlString.escape(v, true, timeZone); }).join(', '); }; SqlString.dateToString = function(date, timeZone) { var dt = new Date(date); if (timeZone != 'local') { var tz = convertTimezone(timeZone); dt.setTime(dt.getTime() + (dt.getTimezoneOffset() * 60000)); if (tz !== false) { dt.setTime(dt.getTime() + (tz * 60000)); } } var year = dt.getFullYear(); var month = zeroPad(dt.getMonth() + 1); var day = zeroPad(dt.getDate()); var hour = zeroPad(dt.getHours()); var minute = zeroPad(dt.getMinutes()); var second = zeroPad(dt.getSeconds()); return year + '-' + month + '-' + day + ' ' + hour + ':' + minute + ':' + second; }; SqlString.bufferToString = function(buffer) { var hex = ''; try { hex = buffer.toString('hex'); } catch (err) {

node v0.4.x does not support hex / throws unknown encoding error

for (var i = 0; i < buffer.length; i++) { var byte = buffer[i]; hex += zeroPad(byte.toString(16)); } } return "X'" + hex+ "'"; }; function zeroPad(number) { return (number < 10) ? '0' + number : number; } function convertTimezone(tz) { if (tz == "Z") return 0; var m = tz.match(/([\+\-\s])(\d\d):?(\d\d)?/); if (m) { return (m[1] == '-' ? -1 : 1) * (parseInt(m[2], 10) + ((m[3] ? parseInt(m[3], 10) : 0) / 60)) * 60; } return false; } exports.SqlString = SqlString;