From 1624d150c30eb773ef32f289865d53a04ffcbef1 Mon Sep 17 00:00:00 2001
From: Mohammed Alamri <modev32@gmail.com>
Date: Thu, 11 Apr 2024 23:34:57 +0300
Subject: [PATCH 1/9] Add wrangler.toml to .gitignore

---
 .gitignore | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitignore b/.gitignore
index 75bafeb..2b81c01 100644
--- a/.gitignore
+++ b/.gitignore
@@ -8,6 +8,7 @@ node_modules
 !.env.example
 vite.config.js.timestamp-*
 vite.config.ts.timestamp-*
+wrangler.toml
 
 cfai/
 .wrangler/

From 433b1abe6788ba0733e60637b6339c967e1bd8be Mon Sep 17 00:00:00 2001
From: Mohammed Alamri <modev32@gmail.com>
Date: Fri, 12 Apr 2024 02:16:14 +0300
Subject: [PATCH 2/9] Add utility functions file

---
 src/lib/utils.ts | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 src/lib/utils.ts

diff --git a/src/lib/utils.ts b/src/lib/utils.ts
new file mode 100644
index 0000000..bc3186b
--- /dev/null
+++ b/src/lib/utils.ts
@@ -0,0 +1 @@
+// This file contains utility functions that are used in the project

From 6d89c4218f3ff6cce23d3bae6d316d92f5b1a13f Mon Sep 17 00:00:00 2001
From: Mohammed Alamri <modev32@gmail.com>
Date: Fri, 12 Apr 2024 02:16:56 +0300
Subject: [PATCH 3/9] List `special characters`

---
 src/lib/utils.ts | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/lib/utils.ts b/src/lib/utils.ts
index bc3186b..93432eb 100644
--- a/src/lib/utils.ts
+++ b/src/lib/utils.ts
@@ -1 +1,4 @@
 // This file contains utility functions that are used in the project
+
+// This list contains all special characters that should be quoted in a name string
+const SPECIAL_CHARS = ["-"];

From 58da90360504433aaf7643374fb2fb82bfb95987 Mon Sep 17 00:00:00 2001
From: Mohammed Alamri <modev32@gmail.com>
Date: Fri, 12 Apr 2024 02:18:12 +0300
Subject: [PATCH 4/9] Add check function to detect special characters

---
 src/lib/utils.ts | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/lib/utils.ts b/src/lib/utils.ts
index 93432eb..49caec8 100644
--- a/src/lib/utils.ts
+++ b/src/lib/utils.ts
@@ -2,3 +2,12 @@
 
 // This list contains all special characters that should be quoted in a name string
 const SPECIAL_CHARS = ["-"];
+
+/**
+ * This function checks if a string contains any special characters and therefore should be quoted
+ * @param str The string to check
+ * @returns True if the string contains any special characters, otherwise false
+ */
+function should_quote(str: string) {
+	return SPECIAL_CHARS.some((char) => str.includes(char));
+}

From 6a08667c457cab322c2e47cfbc7ef18231810770 Mon Sep 17 00:00:00 2001
From: Mohammed Alamri <modev32@gmail.com>
Date: Fri, 12 Apr 2024 02:20:05 +0300
Subject: [PATCH 5/9] Add utility function to enclose a string in single quotes
 if it has any special characters

---
 src/lib/utils.ts | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/src/lib/utils.ts b/src/lib/utils.ts
index 49caec8..1336a58 100644
--- a/src/lib/utils.ts
+++ b/src/lib/utils.ts
@@ -11,3 +11,12 @@ const SPECIAL_CHARS = ["-"];
 function should_quote(str: string) {
 	return SPECIAL_CHARS.some((char) => str.includes(char));
 }
+
+/**
+ * This function enclose a name string in single quotes if it contains special characters predefined by the SPECIAL_CHARS list
+ * @param name The name to escape
+ * @returns A name enclosed in single quotes if it contains special characters, otherwise the name itself
+ */
+export function quote_name(name: string): string {
+	return should_quote(name) ? `'${name}'` : name;
+}

From ed3fb9961909a19f5bb5fa5f86c9758f775cdb6b Mon Sep 17 00:00:00 2001
From: Mohammed Alamri <modev32@gmail.com>
Date: Fri, 12 Apr 2024 02:24:29 +0300
Subject: [PATCH 6/9] Add utility function to iterate over records' keys to
 enclose strings with special chars

---
 src/lib/utils.ts | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/lib/utils.ts b/src/lib/utils.ts
index 1336a58..402c4e5 100644
--- a/src/lib/utils.ts
+++ b/src/lib/utils.ts
@@ -20,3 +20,16 @@ function should_quote(str: string) {
 export function quote_name(name: string): string {
 	return should_quote(name) ? `'${name}'` : name;
 }
+
+/**
+ * This function encloses all keys in a record in single quotes if they contain special characters
+ * @param record The record to quote
+ * @returns A new record with all keys enclosed in single quotes if they contain special characters
+ */
+export function quote_record(record: Record<string, any>): Record<string, any> {
+	return Object.fromEntries(
+		Object.entries(record).map(([key, value]) => {
+			return [quote_name(key), value];
+		}),
+	);
+}

From a0442360f46818576ef18389398ade435e78fbde Mon Sep 17 00:00:00 2001
From: Mohammed Alamri <modev32@gmail.com>
Date: Fri, 12 Apr 2024 02:29:54 +0300
Subject: [PATCH 7/9] Use quoted names (table & record) in TableBrowser

---
 src/lib/plugin/TableBrowser.svelte | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/src/lib/plugin/TableBrowser.svelte b/src/lib/plugin/TableBrowser.svelte
index 5d71ac7..1d7aebb 100644
--- a/src/lib/plugin/TableBrowser.svelte
+++ b/src/lib/plugin/TableBrowser.svelte
@@ -3,11 +3,14 @@
 	import { t } from "svelte-i18n";
 	import type { PluginData } from "./type";
 	import Icon from "@iconify/svelte";
+	import { quote_name, quote_record } from "$lib/utils";
 
 	export let database: string;
 	export let table: string;
 	export let data: PluginData;
 
+	const quoted_table = quote_name(table);
+
 	const cols =
 		data.db
 			.find(({ name }) => name === table)
@@ -51,7 +54,9 @@
 				params.set("order", order);
 				params.set("dir", dir);
 			}
-			const res = await fetch(`/api/db/${database}/${table}/data?${params.toString()}`);
+			const res = await fetch(
+				`/api/db/${database}/${quoted_table}/data?${params.toString()}`,
+			);
 
 			const json = await res.json<typeof result | typeof error>();
 			if (json) {
@@ -103,7 +108,7 @@
 				throw new Error($t("plugin.table-browser.invalid-rowid"));
 			}
 
-			const res = await fetch(`/api/db/${database}/${table}/data/?rowid=${rowid}`, {
+			const res = await fetch(`/api/db/${database}/${quoted_table}/data/?rowid=${rowid}`, {
 				method: "DELETE",
 			});
 
@@ -153,13 +158,15 @@
 			if (!record) {
 				throw new Error($t("plugin.table-browser.no-record"));
 			}
-			const res = await fetch(`/api/db/${database}/${table}/data/?rowid=${rowid}`, {
+			const quoted_record = quote_record(record);
+
+			const res = await fetch(`/api/db/${database}/${quoted_table}/data/?rowid=${rowid}`, {
 				method: "PUT",
 				headers: {
 					"Content-Type": "application/json",
 				},
 				body: JSON.stringify({
-					...record,
+					...quoted_record,
 					_: undefined,
 				}),
 			});

From a24e0d31ecc8f0619089e5eaa1fd147910dd4dcb Mon Sep 17 00:00:00 2001
From: Mohammed Alamri <modev32@gmail.com>
Date: Fri, 12 Apr 2024 02:34:16 +0300
Subject: [PATCH 8/9] Use quoted names (table & record) in AddRecord

---
 src/lib/plugin/AddRecord.svelte | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/lib/plugin/AddRecord.svelte b/src/lib/plugin/AddRecord.svelte
index 343563b..18096ca 100644
--- a/src/lib/plugin/AddRecord.svelte
+++ b/src/lib/plugin/AddRecord.svelte
@@ -2,11 +2,14 @@
 	import { t } from "svelte-i18n";
 	import type { PluginData } from "./type";
 	import { z } from "zod";
+	import { quote_name, quote_record } from "$lib/utils";
 
 	export let database: string;
 	export let table: string;
 	export let data: PluginData;
 
+	const quoted_table = quote_name(table);
+
 	const cols = data.db
 		.find(({ name }) => name === table)
 		?.columns.sort(({ cid: a }, { cid: b }) => a - b);
@@ -76,9 +79,10 @@
 		);
 
 		try {
-			const res = await fetch(`/api/db/${database}/${table}/data`, {
+			const quoted_record = quote_record(data);
+			const res = await fetch(`/api/db/${database}/${quoted_table}/data`, {
 				method: "POST",
-				body: JSON.stringify(data),
+				body: JSON.stringify(quoted_record),
 			});
 
 			const json = await res.json<typeof result | typeof error>();

From 85cbc5f58075c6f5d2918567bf146d36ae463455 Mon Sep 17 00:00:00 2001
From: Mohammed Alamri <modev32@gmail.com>
Date: Fri, 12 Apr 2024 02:39:42 +0300
Subject: [PATCH 9/9] Use quoted names (table & record keys) in CSV

---
 src/lib/plugin/CSV.svelte | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/lib/plugin/CSV.svelte b/src/lib/plugin/CSV.svelte
index 31627fb..7453962 100644
--- a/src/lib/plugin/CSV.svelte
+++ b/src/lib/plugin/CSV.svelte
@@ -3,11 +3,14 @@
 	import type { PluginData } from "./type";
 	import type { Type } from "../sqlite";
 	import { affinity, cast } from "../sqlite";
+	import { quote_name } from "$lib/utils";
 
 	export let database: string;
 	export let table: string;
 	export let data: PluginData;
 
+	const quoted_table = quote_name(table);
+
 	const cols = data.db
 		.find(({ name }) => name === table)
 		?.columns.sort(({ cid: a }, { cid: b }) => a - b);
@@ -108,8 +111,9 @@
 				return bodies;
 			}
 
+			const quoted_keys = keys?.map(quote_name);
 			const queries = bodies.map(
-				(body) => `INSERT INTO ${table} (${keys?.join(", ")}) VALUES ${body}`,
+				(body) => `INSERT INTO ${quoted_table} (${quoted_keys?.join(", ")}) VALUES ${body}`,
 			);
 
 			console.log(queries);
@@ -155,7 +159,7 @@
 
 		try {
 			const module = import("csv-stringify/browser/esm/sync");
-			const res = await fetch(`/api/db/${database}/${table}/data`);
+			const res = await fetch(`/api/db/${database}/${quoted_table}/data`);
 			const json = await res.json<any>();
 
 			const { stringify } = await module;