Fix escaping of default values

Author: cebe

src/lib/ColumnToCode.php

@@ -169,7 +169,7 @@ public function getCode(bool $quoted = false):string
             $default = '';
         } elseif (ApiGenerator::isPostgres() && $this->isEnum()) {
             $default =
-                $this->rawParts['default'] !== null ? ' DEFAULT ' . self::escapeQuotes(trim($this->rawParts['default'])) : '';
+                $this->rawParts['default'] !== null ? ' DEFAULT ' . trim($this->rawParts['default']) : '';
         } else {
             $default = $this->rawParts['default'] !== null ? ' DEFAULT ' . trim($this->rawParts['default']) : '';
         }
@@ -178,13 +178,10 @@ public function getCode(bool $quoted = false):string
         if ((ApiGenerator::isMysql() || ApiGenerator::isMariaDb()) && $this->rawParts['position']) {
             $code .= ' ' . $this->rawParts['position'];
         }
-        if ((ApiGenerator::isMysql() || ApiGenerator::isMariaDb()) && $this->isEnum()) {
-            return $quoted ? "'" . $code . "'" : $code;
-        }
         if (ApiGenerator::isPostgres() && $this->alterByXDbType) {
-            return $quoted ? "'" . $this->rawParts['type'] . "'" : $this->rawParts['type'];
+            return $quoted ? VarDumper::export($this->rawParts['type']) : $this->rawParts['type'];
         }
-        return $quoted ? "'" . $code . "'" : $code;
+        return $quoted ? VarDumper::export($code) : $code;
     }
 
     public function getAlterExpression(bool $addUsingExpression = false):string
@@ -313,14 +310,14 @@ public static function mysqlEnumToString(array $enum):string
     private function defaultValueJson(array $value):string
     {
         if ($this->alter === true) {
-            return "'" . str_replace('"', '\"', Json::encode($value)). "'";
+            return "'" . str_replace('"', '\"', Json::encode($value, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE | JSON_HEX_QUOT)) . "'";
         }
-        return "\\'" . new Expression(Json::encode($value)) . "\\'";
+        return "'" . Json::encode($value, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE | JSON_HEX_QUOT) . "'";
     }
 
     private function defaultValueArray(array $value):string
     {
-        return "'{" . str_replace('"', "\"", trim(Json::encode($value), '[]')) . "}'";
+        return "'{" . trim(Json::encode($value, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE | JSON_HEX_QUOT), '[]') . "}'";
     }
 
     private function resolve():void
@@ -442,10 +439,10 @@ private function resolveDefaultValue():void
                 break;
             case 'object':
                 if ($value instanceof JsonExpression) {
-                    $this->fluentParts['default'] = "defaultValue('" . Json::encode($value->getValue()) . "')";
+                    $this->fluentParts['default'] = "defaultValue('" . Json::encode($value->getValue(), JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE | JSON_HEX_QUOT) . "')";
                     $this->rawParts['default'] = $this->defaultValueJson($value->getValue());
                 } elseif ($value instanceof ArrayExpression) {
-                    $this->fluentParts['default'] = "defaultValue('" . Json::encode($value->getValue()) . "')";
+                    $this->fluentParts['default'] = "defaultValue('" . Json::encode($value->getValue(), JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE | JSON_HEX_QUOT) . "')";
                     $this->rawParts['default'] = $this->defaultValueArray($value->getValue());
                 } else {
                     // $value instanceof \yii\db\Expression
@@ -454,19 +451,15 @@ private function resolveDefaultValue():void
                 }
                 break;
             case 'array':
-                $this->fluentParts['default'] = "defaultValue('" . Json::encode($value) . "')";
+                $this->fluentParts['default'] = "defaultValue('" . Json::encode($value, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE | JSON_HEX_QUOT) . "')";
                 $this->rawParts['default'] = $this->isJson()
                     ? $this->defaultValueJson($value)
                     : $this->defaultValueArray($value);
                 break;
             default:
                 $this->fluentParts['default'] = $expectInteger
-                    ? 'defaultValue(' . $value . ')' : 'defaultValue("' . self::escapeQuotes((string)$value) . '")';
-                $this->rawParts['default'] = $expectInteger ? $value : self::wrapQuotes($value);
-
-                if ((ApiGenerator::isMysql() || ApiGenerator::isMariaDb()) && $this->isEnum()) {
-                    $this->rawParts['default'] = self::escapeQuotes($this->rawParts['default']);
-                }
+                    ? 'defaultValue(' . $value . ')' : 'defaultValue(' . VarDumper::export((string)$value) . ')';
+                $this->rawParts['default'] = $expectInteger ? $value : VarDumper::export((string)$value);
         }
     }
 

src/lib/migrations/MigrationRecordBuilder.php

@@ -88,7 +88,7 @@ public function addColumn(string $tableAlias, ColumnSchema $column, ?string $pos
         if (is_string($column->xDbType) && !empty($column->xDbType)) {
             $converter = $this->columnToCode($tableAlias, $column, false, false, false, false, $position);
             $name = static::quote($column->name);
-            return sprintf(self::ADD_COLUMN_RAW, $tableAlias, $name, $converter->getCode());
+            return sprintf(self::ADD_COLUMN_RAW, $tableAlias, $name, ColumnToCode::escapeQuotes($converter->getCode()));
         }
 
         $converter = $this->columnToCode($tableAlias, $column, false, false, false, false, $position);
@@ -103,7 +103,7 @@ public function addDbColumn(string $tableAlias, ColumnSchema $column, ?string $p
         if (property_exists($column, 'xDbType') && is_string($column->xDbType) && !empty($column->xDbType)) {
             $converter = $this->columnToCode($tableAlias, $column, true, false, false, false, $position);
             $name = static::quote($column->name);
-            return sprintf(self::ADD_COLUMN_RAW, $tableAlias, $column->name, $converter->getCode());
+            return sprintf(self::ADD_COLUMN_RAW, $tableAlias, $column->name, ColumnToCode::escapeQuotes($converter->getCode()));
         }
         $converter = $this->columnToCode($tableAlias, $column, true, false, false, false, $position);
         return sprintf(self::ADD_COLUMN, $tableAlias, $column->name, $converter->getCode(true));
@@ -120,7 +120,7 @@ public function alterColumn(string $tableAlias, ColumnSchema $column):string
                 ApiGenerator::isPostgres() ? self::ALTER_COLUMN_RAW_PGSQL : self::ALTER_COLUMN_RAW,
                 $tableAlias,
                 $column->name,
-                $converter->getCode()
+                ColumnToCode::escapeQuotes($converter->getCode())
             );
         }
         $converter = $this->columnToCode($tableAlias, $column, true);
@@ -340,7 +340,7 @@ public static function makeString(array $codeColumns): string
             }
         }
 
-        $codeColumns = str_replace([PHP_EOL, "\\\'"], [PHP_EOL . self::INDENT.'    ', "'"], $finalStr);
+        $codeColumns = str_replace([PHP_EOL], [PHP_EOL . self::INDENT.'    '], $finalStr);
         $codeColumns = trim($codeColumns);
         $codeColumns = '['.PHP_EOL.self::INDENT.'    '.$codeColumns.PHP_EOL . self::INDENT.']';
         return $codeColumns;

tests/specs/blog/migrations/m200000_000001_create_table_users.php

@@ -12,7 +12,7 @@ public function up()
             'username' => $this->string(200)->notNull(),
             'email' => $this->string(200)->notNull(),
             'password' => $this->string()->notNull(),
-            'role' => $this->string(20)->null()->defaultValue("reader"),
+            'role' => $this->string(20)->null()->defaultValue('reader'),
             'flags' => $this->integer()->null()->defaultValue(0),
             'created_at' => $this->timestamp()->null()->defaultExpression("(CURRENT_TIMESTAMP)"),
         ]);

tests/specs/blog/migrations_maria_db/m200000_000001_create_table_users.php

@@ -12,7 +12,7 @@ public function up()
             'username' => $this->string(200)->notNull(),
             'email' => $this->string(200)->notNull(),
             'password' => $this->string()->notNull(),
-            'role' => $this->string(20)->null()->defaultValue("reader"),
+            'role' => $this->string(20)->null()->defaultValue('reader'),
             'flags' => $this->integer()->null()->defaultValue(0),
             'created_at' => $this->timestamp()->null()->defaultExpression("(CURRENT_TIMESTAMP)"),
         ]);

tests/specs/blog/migrations_mysql_db/m200000_000001_create_table_users.php

@@ -12,7 +12,7 @@ public function up()
             'username' => $this->string(200)->notNull(),
             'email' => $this->string(200)->notNull(),
             'password' => $this->string()->notNull(),
-            'role' => $this->string(20)->null()->defaultValue("reader"),
+            'role' => $this->string(20)->null()->defaultValue('reader'),
             'flags' => $this->integer()->null()->defaultValue(0),
             'created_at' => $this->timestamp()->null()->defaultExpression("(CURRENT_TIMESTAMP)"),
         ]);

tests/specs/blog/migrations_pgsql_db/m200000_000001_create_table_users.php

@@ -12,7 +12,7 @@ public function safeUp()
             'username' => $this->string(200)->notNull(),
             'email' => $this->string(200)->notNull(),
             'password' => $this->string()->notNull(),
-            'role' => $this->string(20)->null()->defaultValue("reader"),
+            'role' => $this->string(20)->null()->defaultValue('reader'),
             'flags' => $this->integer()->null()->defaultValue(0),
             'created_at' => $this->timestamp()->null()->defaultExpression("(CURRENT_TIMESTAMP)"),
         ]);

tests/specs/blog_v2/migrations/m200000_000005_create_table_v2_comments.php

@@ -12,7 +12,7 @@ public function up()
             'post_id' => $this->bigInteger()->notNull(),
             'user_id' => $this->bigInteger()->null()->defaultValue(null),
             'message' => $this->text()->notNull(),
-            'meta_data' => $this->string(300)->null()->defaultValue(""),
+            'meta_data' => $this->string(300)->null()->defaultValue(''),
             'created_at' => $this->timestamp()->notNull(),
         ]);
         $this->addForeignKey('fk_v2_comments_post_id_v2_posts_id', '{{%v2_comments}}', 'post_id', '{{%v2_posts}}', 'id');

tests/specs/blog_v2/migrations_maria_db/m200000_000004_change_table_v2_users.php

@@ -23,7 +23,7 @@ public function down()
         $this->dropIndex('v2_users_login_key', '{{%v2_users}}');
         $this->createIndex('v2_users_username_key', '{{%v2_users}}', 'username', true);
         $this->alterColumn('{{%v2_users}}', 'created_at', $this->timestamp()->null()->defaultExpression("current_timestamp()"));
-        $this->alterColumn('{{%v2_users}}', 'role', $this->string(20)->null()->defaultValue("reader"));
+        $this->alterColumn('{{%v2_users}}', 'role', $this->string(20)->null()->defaultValue('reader'));
         $this->alterColumn('{{%v2_users}}', 'email', $this->string(200)->notNull());
         $this->addColumn('{{%v2_users}}', 'username', $this->string(200)->notNull());
         $this->dropColumn('{{%v2_users}}', 'login');

tests/specs/blog_v2/migrations_maria_db/m200000_000005_change_table_v2_comments.php

@@ -12,7 +12,7 @@ public function up()
         $this->addColumn('{{%v2_comments}}', 'user_id', $this->bigInteger()->null()->defaultValue(null)->after('post_id'));
         $this->dropColumn('{{%v2_comments}}', 'author_id');
         $this->alterColumn('{{%v2_comments}}', 'message', $this->text()->notNull());
-        $this->alterColumn('{{%v2_comments}}', 'meta_data', $this->string(300)->null()->defaultValue(""));
+        $this->alterColumn('{{%v2_comments}}', 'meta_data', $this->string(300)->null()->defaultValue(''));
         $this->alterColumn('{{%v2_comments}}', 'created_at', $this->timestamp()->notNull());
         $this->addForeignKey('fk_v2_comments_post_id_v2_posts_id', '{{%v2_comments}}', 'post_id', '{{%v2_posts}}', 'id');
         $this->addForeignKey('fk_v2_comments_user_id_v2_users_id', '{{%v2_comments}}', 'user_id', '{{%v2_users}}', 'id');

tests/specs/blog_v2/migrations_mysql_db/m200000_000004_change_table_v2_users.php

@@ -23,7 +23,7 @@ public function down()
         $this->dropIndex('v2_users_login_key', '{{%v2_users}}');
         $this->createIndex('v2_users_username_key', '{{%v2_users}}', 'username', true);
         $this->alterColumn('{{%v2_users}}', 'created_at', $this->timestamp()->null()->defaultExpression("CURRENT_TIMESTAMP"));
-        $this->alterColumn('{{%v2_users}}', 'role', $this->string(20)->null()->defaultValue("reader"));
+        $this->alterColumn('{{%v2_users}}', 'role', $this->string(20)->null()->defaultValue('reader'));
         $this->alterColumn('{{%v2_users}}', 'email', $this->string(200)->notNull());
         $this->addColumn('{{%v2_users}}', 'username', $this->string(200)->notNull());
         $this->dropColumn('{{%v2_users}}', 'login');

tests/specs/blog_v2/migrations_mysql_db/m200000_000005_change_table_v2_comments.php

@@ -12,7 +12,7 @@ public function up()
         $this->addColumn('{{%v2_comments}}', 'user_id', $this->bigInteger()->null()->defaultValue(null)->after('post_id'));
         $this->dropColumn('{{%v2_comments}}', 'author_id');
         $this->alterColumn('{{%v2_comments}}', 'message', $this->text()->notNull());
-        $this->alterColumn('{{%v2_comments}}', 'meta_data', $this->string(300)->null()->defaultValue(""));
+        $this->alterColumn('{{%v2_comments}}', 'meta_data', $this->string(300)->null()->defaultValue(''));
         $this->alterColumn('{{%v2_comments}}', 'created_at', $this->timestamp()->notNull());
         $this->addForeignKey('fk_v2_comments_post_id_v2_posts_id', '{{%v2_comments}}', 'post_id', '{{%v2_posts}}', 'id');
         $this->addForeignKey('fk_v2_comments_user_id_v2_users_id', '{{%v2_comments}}', 'user_id', '{{%v2_users}}', 'id');

tests/specs/enum/new_column/maria/app/migrations_maria_db/m200000_000001_change_table_newcolumns.php

@@ -7,7 +7,7 @@ class m200000_000001_change_table_newcolumns extends \yii\db\Migration
 {
     public function up()
     {
-        $this->addColumn('{{%newcolumns}}', 'new_column', 'enum("ONE", "TWO", "THREE") NOT NULL DEFAULT \'ONE\'');
+        $this->addColumn('{{%newcolumns}}', 'new_column', 'enum("ONE", "TWO", "THREE") NOT NULL DEFAULT \'ONE\' AFTER id');
         $this->db->createCommand('ALTER TABLE {{%newcolumns}} ADD COLUMN new_column_x varchar(10) NOT NULL DEFAULT \'ONE\'')->execute();
         $this->dropColumn('{{%newcolumns}}', 'delete_col');
     }

tests/specs/enum/new_column/pgsql/app/migrations_pgsql_db/m200000_000001_change_table_newcolumns.php

@@ -9,7 +9,7 @@ public function safeUp()
     {
         $this->execute('CREATE TYPE "enum_itt_newcolumns_new_column" AS ENUM(\'ONE\', \'TWO\', \'THREE\')');
         $this->addColumn('{{%newcolumns}}', 'new_column', '"enum_itt_newcolumns_new_column" NOT NULL DEFAULT \'ONE\'');
-        $this->db->createCommand('ALTER TABLE {{%newcolumns}} ADD COLUMN new_column_x varchar(10) NOT NULL DEFAULT \'ONE\' AFTER id')->execute();
+        $this->db->createCommand('ALTER TABLE {{%newcolumns}} ADD COLUMN "new_column_x" varchar(10) NOT NULL DEFAULT \'ONE\'')->execute();
         $this->dropColumn('{{%newcolumns}}', 'delete_col');
         $this->execute('DROP TYPE "enum_itt_newcolumns_delete_col"');
     }

tests/specs/x_db_default_expression/maria/edit/app/migrations_maria_db/m200000_000000_change_table_fruits.php

@@ -8,14 +8,14 @@ class m200000_000000_change_table_fruits extends \yii\db\Migration
     public function up()
     {
         $this->alterColumn('{{%fruits}}', 'ts', $this->timestamp()->null()->defaultExpression("(CURRENT_TIMESTAMP)"));
-        $this->alterColumn('{{%fruits}}', 'ts2', $this->timestamp()->null()->defaultValue("2011-11-11 00:00:00"));
-        $this->alterColumn('{{%fruits}}', 'ts3', $this->timestamp()->null()->defaultValue("2022-11-11 00:00:00"));
-        $this->alterColumn('{{%fruits}}', 'ts4', $this->timestamp()->null()->defaultValue("2022-11-11 00:00:00"));
+        $this->alterColumn('{{%fruits}}', 'ts2', $this->timestamp()->null()->defaultValue('2011-11-11 00:00:00'));
+        $this->alterColumn('{{%fruits}}', 'ts3', $this->timestamp()->null()->defaultValue('2022-11-11 00:00:00'));
+        $this->alterColumn('{{%fruits}}', 'ts4', $this->timestamp()->null()->defaultValue('2022-11-11 00:00:00'));
         $this->alterColumn('{{%fruits}}', 'ts5', $this->timestamp()->null()->defaultExpression("(CURRENT_TIMESTAMP)"));
-        $this->alterColumn('{{%fruits}}', 'ts6', $this->timestamp()->null()->defaultValue("2000-11-11 00:00:00"));
+        $this->alterColumn('{{%fruits}}', 'ts6', $this->timestamp()->null()->defaultValue('2000-11-11 00:00:00'));
         $this->alterColumn('{{%fruits}}', 'd', $this->date()->null()->defaultExpression("(CURRENT_DATE + INTERVAL 1 YEAR)"));
         $this->alterColumn('{{%fruits}}', 'd2', $this->text()->null()->defaultExpression("(CURRENT_DATE + INTERVAL 1 YEAR)"));
-        $this->alterColumn('{{%fruits}}', 'd3', $this->text()->null()->defaultValue("text default"));
+        $this->alterColumn('{{%fruits}}', 'd3', $this->text()->null()->defaultValue('text default'));
         $this->alterColumn('{{%fruits}}', 'ts7', $this->date()->null()->defaultExpression("(CURRENT_DATE + INTERVAL 1 YEAR)"));
     }
 
@@ -25,8 +25,8 @@ public function down()
         $this->alterColumn('{{%fruits}}', 'd3', $this->text()->null()->defaultValue(null));
         $this->alterColumn('{{%fruits}}', 'd2', $this->text()->null()->defaultValue(null));
         $this->alterColumn('{{%fruits}}', 'd', $this->date()->null()->defaultValue(null));
-        $this->alterColumn('{{%fruits}}', 'ts6', $this->timestamp()->notNull()->defaultValue("0000-00-00 00:00:00"));
-        $this->alterColumn('{{%fruits}}', 'ts5', $this->timestamp()->notNull()->defaultValue("0000-00-00 00:00:00"));
+        $this->alterColumn('{{%fruits}}', 'ts6', $this->timestamp()->notNull()->defaultValue('0000-00-00 00:00:00'));
+        $this->alterColumn('{{%fruits}}', 'ts5', $this->timestamp()->notNull()->defaultValue('0000-00-00 00:00:00'));
         $this->alterColumn('{{%fruits}}', 'ts4', $this->timestamp()->notNull()->defaultExpression("current_timestamp()"));
         $this->alterColumn('{{%fruits}}', 'ts3', $this->datetime()->null()->defaultValue(null));
         $this->alterColumn('{{%fruits}}', 'ts2', $this->datetime()->null()->defaultValue(null));