Skip to content

Commit d0d0c45

Browse files
authored
Escape backslashes in parameter strings. (#157)
1 parent e212cd4 commit d0d0c45

File tree

3 files changed

+30
-5
lines changed

3 files changed

+30
-5
lines changed

redisgraph/util.py

+1
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,7 @@ def quote_string(v):
2525
if len(v) == 0:
2626
return '""'
2727

28+
v = v.replace('\\', '\\\\')
2829
v = v.replace('"', '\\"')
2930

3031
return '"{}"'.format(v)

tests/functional/test_all.py

+23
Original file line numberDiff line numberDiff line change
@@ -101,6 +101,29 @@ def test_path(self):
101101
# All done, remove graph.
102102
redis_graph.delete()
103103

104+
def test_properties_with_escapes(self):
105+
redis_graph = Graph('props', self.r)
106+
107+
message = r'This raw string has \ a backslash character in it.'
108+
params = {'message': message}
109+
query = """CREATE (:Foo {message: $message})"""
110+
redis_graph.query(query, params)
111+
112+
query = """MATCH (u:Foo) RETURN u.message"""
113+
result = redis_graph.query(query)
114+
self.assertEqual(result.result_set[0][0], message)
115+
116+
message = r'This raw string has \" a quote preceded by backslash.'
117+
params = {'message': message}
118+
query = """CREATE (:Bar {message: $message})"""
119+
redis_graph.query(query, params)
120+
121+
query = """MATCH (u:Bar) RETURN u.message"""
122+
result = redis_graph.query(query)
123+
self.assertEqual(result.result_set[0][0], message)
124+
125+
redis_graph.delete()
126+
104127
def test_param(self):
105128
redis_graph = Graph('params', self.r)
106129

tests/unit/test_util.py

+6-5
Original file line numberDiff line numberDiff line change
@@ -12,11 +12,12 @@ def test_random_string(self):
1212

1313
def test_quote_string(self):
1414
self.assertEqual(util.quote_string(10), 10)
15-
self.assertEqual(util.quote_string("abc"), '"abc"')
16-
self.assertEqual(util.quote_string(""), '""')
17-
self.assertEqual(util.quote_string('\"'), '"\\\""')
18-
self.assertEqual(util.quote_string('"'), '"\\""')
19-
self.assertEqual(util.quote_string('a"a'), '"a\\"a"')
15+
self.assertEqual(util.quote_string('abc'), '"abc"')
16+
self.assertEqual(util.quote_string(''), '""')
17+
self.assertEqual(util.quote_string('"'), r'"\""')
18+
self.assertEqual(util.quote_string(r'foo \ bar'), r'"foo \\ bar"')
19+
self.assertEqual(util.quote_string(r'foo \" bar'), r'"foo \\\" bar"')
20+
self.assertEqual(util.quote_string('a"a'), r'"a\"a"')
2021

2122
def test_stringify_param_value(self):
2223
cases = [

0 commit comments

Comments
 (0)