validatePostgresParams added

Author: JasminDreasond

package-lock.json

@@ -43,6 +43,7 @@
     "@babel/node": "^7.27.1",
     "@babel/preset-env": "^7.27.2",
     "@rollup/plugin-commonjs": "^28.0.6",
+    "@rollup/plugin-json": "^6.1.0",
     "@rollup/plugin-node-resolve": "^16.0.1",
     "@rollup/plugin-terser": "^0.4.4",
     "@rollup/plugin-typescript": "^12.1.3",

package.json

@@ -1,5 +1,6 @@
 import resolve from '@rollup/plugin-node-resolve';
 import commonjs from '@rollup/plugin-commonjs';
+import json from '@rollup/plugin-json';
 import preserveDirectories from 'rollup-preserve-directives';
 const pkg = JSON.parse(fs.readFileSync('./package.json'))
 
@@ -23,6 +24,7 @@ const inputFiles = getAllInputFiles();
 // Prepare Plugins
 const plugins = [
   resolve({ preferBuiltins: true }),
+  json(),
   commonjs(),
   preserveDirectories(),
 ];

rollup.config.mjs

@@ -2,6 +2,7 @@ import { open, Database } from 'sqlite';
 import { EventEmitter } from 'events';
 import { isJsonObject } from 'tiny-essentials';
 
+import { validatePostgresParams } from './Utils.mjs';
 import { pg, sqlite3 } from './Modules.mjs';
 import PuddySqlEngine from './PuddySqlEngine.mjs';
 import PuddySqlQuery from './PuddySqlQuery.mjs';
@@ -420,8 +421,7 @@ class PuddySqlInstance extends PuddySqlEngine {
    * @throws {Error} If the table has already been initialized.
    */
   async initTable(settings = {}, tableData = []) {
-    if (!isJsonObject(settings))
-      throw new Error('settings must be a plain object');
+    if (!isJsonObject(settings)) throw new Error('settings must be a plain object');
     if (typeof settings.name !== 'string') throw new Error('settings.name must be a string');
     if (!this.#tables[settings.name]) {
       const newTable = new PuddySqlQuery();
@@ -591,10 +591,9 @@ class PuddySqlInstance extends PuddySqlEngine {
        * @returns {void}
        */
       const rejectConnection = (reject, err) => {
-        if (isConnectionError(err)) event.emit('connection-error', err);
+        if (isConnectionError(err)) this.#events.emit('connection-error', err);
         reject(err);
       };
-      const event = this.#events;
       const getId = () => this.#debugCount++;
       const isDebug = () => this.#debug;
 
@@ -644,6 +643,7 @@ class PuddySqlInstance extends PuddySqlEngine {
        */
       this.all = async function (query, params = [], debugName = '') {
         return new Promise((resolve, reject) => {
+          validatePostgresParams(query, params, reject);
           const id = getId();
           sendSqlDebug(id, debugName, query, params);
           db.all(query, params)
@@ -664,6 +664,7 @@ class PuddySqlInstance extends PuddySqlEngine {
        */
       this.get = async function (query, params = [], debugName = '') {
         return new Promise((resolve, reject) => {
+          validatePostgresParams(query, params, reject);
           const id = getId();
           sendSqlDebug(id, debugName, query, params);
           db.get(query, params)
@@ -684,6 +685,7 @@ class PuddySqlInstance extends PuddySqlEngine {
        */
       this.run = async function (query, params, debugName = '') {
         return new Promise((resolve, reject) => {
+          validatePostgresParams(query, params, reject);
           const id = getId();
           sendSqlDebug(id, debugName, query, params);
           db.run(query, params)
@@ -756,9 +758,8 @@ class PuddySqlInstance extends PuddySqlEngine {
        * @returns {void}
        */
       const rejectConnection = (err) => {
-        if (isConnectionError(err)) event.emit('connection-error', err);
+        if (isConnectionError(err)) this.#events.emit('connection-error', err);
       };
-      const event = this.#events;
       db.on('error', rejectConnection);
 
       const getId = () => this.#debugCount++;
@@ -810,6 +811,7 @@ class PuddySqlInstance extends PuddySqlEngine {
        */
       this.all = async function (query, params = [], debugName = '') {
         try {
+          validatePostgresParams(query, params);
           const id = getId();
           sendSqlDebug(id, debugName, query, params);
           const res = await db.query(query, params);
@@ -830,6 +832,7 @@ class PuddySqlInstance extends PuddySqlEngine {
        */
       this.get = async function (query, params = [], debugName = '') {
         try {
+          validatePostgresParams(query, params);
           const id = getId();
           sendSqlDebug(id, debugName, query, params);
           const res = await db.query(query, params);
@@ -852,6 +855,7 @@ class PuddySqlInstance extends PuddySqlEngine {
        */
       this.run = async function (query, params, debugName = '') {
         try {
+          validatePostgresParams(query, params);
           const id = getId();
           sendSqlDebug(id, debugName, query, params);
           const res = await db.query(query, params);

src/PuddySqlInstance.mjs

@@ -0,0 +1,72 @@
+/**
+ * Converts PostgreSQL-style SQL placeholders ($1, $2, ...) to MySQL-style placeholders (?).
+ * Maintains full compatibility with repeated and unordered params.
+ *
+ * @param {string} query - The PostgreSQL-style query.
+ * @param {any[]} params - Parameters corresponding to placeholders.
+ * @param {(reason?: any) => void} [errCallback]
+ * @returns {{ query: string, params: any[] }} - MySQL-compatible query and reordered parameters.
+ */
+export function convertPgToMySQLSyntax(query, params, errCallback) {
+  /** @param {string} msg */
+  const sendError = (msg) => {
+    const err = new Error(msg);
+    if (typeof errCallback === 'function') return errCallback(err);
+    throw err;
+  };
+
+  /** @type {any[]} */
+  const usedParams = [];
+  const transformedQuery = query.replace(/\$([0-9]+)/g, (_, numStr) => {
+    const index = parseInt(numStr, 10) - 1;
+    if (index < 0 || index >= params.length) sendError(`Invalid parameter reference: $${numStr}`);
+    usedParams.push(params[index]);
+    return '?';
+  });
+
+  return { query: transformedQuery, params: usedParams };
+}
+
+/**
+ * Validates if a PostgreSQL-style query with $1, $2, ... placeholders
+ * matches the number of parameters in the params array.
+ * Ignores other placeholder styles like :name or ?.
+ *
+ * @param {string} query - SQL query with $n placeholders.
+ * @param {any[]} params - Array of parameter values.
+ * @param {(reason?: any) => void} [errCallback]
+ * @returns {true} Returns true if valid.
+ * @throws {Error} Throws if placeholders reference missing parameters or invalid indexes.
+ */
+export function validatePostgresParams(query, params, errCallback) {
+  const placeholders = new Set();
+  const matches = [...query.matchAll(/\$([0-9]+)/g)];
+
+  /** @param {string} msg */
+  const sendError = (msg) => {
+    const err = new Error(msg);
+    if (typeof errCallback === 'function') return errCallback(err);
+    throw err;
+  };
+
+  for (const [, numStr] of matches) {
+    const index = parseInt(numStr, 10);
+    if (index <= 0) {
+      sendError(`Invalid placeholder $${index}: must be greater than 0.`);
+    }
+    if (index > params.length) {
+      sendError(`Query references $${index} but only ${params.length} parameter(s) provided.`);
+    }
+    placeholders.add(index);
+  }
+
+  // Check for gaps: all numbers between 1 and max index must be present
+  const maxIndex = placeholders.size > 0 ? Math.max(...placeholders) : 0;
+  for (let i = 1; i <= maxIndex; i++) {
+    if (!placeholders.has(i)) {
+      sendError(`Placeholder $${i} is missing but higher placeholders exist.`);
+    }
+  }
+
+  return true;
+}

src/Utils.mjs

@@ -1,4 +1,5 @@
 import { pg, sqlite3 } from './Modules.mjs';
+import * as Utils from './Utils.mjs';
 import PuddySqlEvents from './PuddySqlEvents.mjs';
 import PuddySqlInstance from './PuddySqlInstance.mjs';
 import PuddySqlQuery from './PuddySqlQuery.mjs';
@@ -9,6 +10,7 @@ class PuddySql {
   static Query = PuddySqlQuery;
   static Tags = PuddySqlTags;
   static Events = PuddySqlEvents;
+  static Utils = Utils;
   static pg = pg;
   static sqlite3 = sqlite3;