Be less strict about escaping.

Author: Wout Gevaert

src/Traits/ErrorTrait.php

@@ -110,11 +110,8 @@ private static function assertValidName(string $name): void
             throw new InvalidArgumentException("A name cannot be an empty string");
         }
 
-        if (!preg_match('/^\p{L}[\p{L}\d_]*$/u', $name)) {
-            throw new InvalidArgumentException('A name can only contain alphanumeric characters and underscores and must begin with an alphabetic character');
-        }
-
         if (strlen($name) >= 65535) {
+            // Remark: Actual limit depends on Neo4j version, but we just take the lower bound.
             throw new InvalidArgumentException('A name cannot be longer than 65534 characters');
         }
     }

src/Traits/EscapeTrait.php

@@ -30,25 +30,33 @@
 trait EscapeTrait
 {
     /**
-     * Escapes the given 'name'. A name is an unquoted literal in a Cypher query, such as variables,
-     * types or property names.
+     * Escapes a 'name' if it needs to be escaped.
+     * A 'name' in cypher is any string that should be included directly in a cypher query,
+     * such as variable names, labels, property names and relation types
+     *
+     * Note that empty strings are usually not allowed as names, so these should not be passed to this function.
+     * However, some neo4j versions do not crash on empty string as variable name, so let's just escape them anyways.
      *
      * @param string $name
      * @return string
      */
     public static function escape(string $name): string
     {
-        if ($name === "") {
-            return "";
-        }
-
-        if (ctype_alnum($name) && !ctype_digit($name)) {
+        if ($name !== '' && preg_match('/^\p{L}[\p{L}\d_]*$/u', $name)) {
             return $name;
         }
 
-        if (strpos($name, '`') !== false) {
-            throw new InvalidArgumentException("A name must not contain a backtick (`)");
-        }
+        return self::escapeRaw($name);
+    }
+
+    /**
+     * Escapes the given $name to be used directly in a CYPHER query.
+     * Note: according to https://github.com/neo4j/neo4j/issues/12901 backslashes might give problems in some Neo4j versions.
+     */
+    public static function escapeRaw($name) {
+
+        // Escape backticks that are included in $name by doubling them.
+        $name = str_replace('`','``',$name);
 
         return sprintf("`%s`", $name);
     }

tests/Unit/ParameterTest.php

@@ -68,10 +68,7 @@ public function provideThrowsExceptionOnInvalidData(): array
     {
         return [
             [""],
-            ["@"],
-            ["!"],
-            ["-"],
-            [''],
+            [str_repeat('a', 65535)],
         ];
     }
 }

tests/Unit/Patterns/NodeTest.php

@@ -49,13 +49,12 @@ public function testEmptyNode(): void
         $this->assertSame($name, $node->getVariable());
     }
 
-    public function testBacktickThrowsException(): void
+    public function testBacktickIsEscaped(): void
     {
         $node = new Node();
 
-        $this->expectException(InvalidArgumentException::class);
-        $this->expectDeprecationMessage('A name can only contain alphanumeric characters and underscores');
         $node->named('abcdr`eer');
+        $this->assertEquals('(`abcdr``eer`)', $node->toQuery());
     }
 
     /**

tests/Unit/QueryTest.php

@@ -762,7 +762,7 @@ public function testWikiExamples(): void
             ->returning([$tom, $tomHanksMovies])
             ->build();
 
-        $this->assertSame("MATCH (tom:Person {name: 'Tom Hanks'})-[:`ACTED_IN`]->(tomHanksMovies) RETURN tom, tomHanksMovies", $statement);
+        $this->assertSame("MATCH (tom:Person {name: 'Tom Hanks'})-[:ACTED_IN]->(tomHanksMovies) RETURN tom, tomHanksMovies", $statement);
 
         $cloudAtlas = Query::variable("cloudAtlas");
         $cloudAtlasNode = Query::node()
@@ -795,7 +795,7 @@ public function testWikiExamples(): void
             ->returning($coActors->property("name"))
             ->build();
 
-        $this->assertSame("MATCH (tom:Person {name: 'Tom Hanks'})-[:`ACTED_IN`]->(m)<-[:`ACTED_IN`]-(coActors) RETURN coActors.name", $statement);
+        $this->assertSame("MATCH (tom:Person {name: 'Tom Hanks'})-[:ACTED_IN]->(m)<-[:ACTED_IN]-(coActors) RETURN coActors.name", $statement);
 
         /*
          * @see https://gitlab.wikibase.nl/community/libraries/php-cypher-dsl/-/wikis/Usage/Clauses/CALL-procedure-clause

tests/Unit/Traits/EscapeTraitTest.php

@@ -66,11 +66,9 @@ public function testUnsafeValueIsEscaped(string $value)
         $this->assertSame($expected, $actual);
     }
 
-    public function testValueWithBacktickThrowsException()
+    public function testValueWithBacktickIsProperlyEscaped()
     {
-        $this->expectException(InvalidArgumentException::class);
-
-        $this->trait->escape("foo`bar");
+        $this->assertSame('`foo``bar`', $this->trait->escape("foo`bar"));
     }
 
     public function provideSafeValueIsNotEscapedData(): array
@@ -79,45 +77,23 @@ public function provideSafeValueIsNotEscapedData(): array
             ['foobar'],
             ['fooBar'],
             ['FOOBAR'],
+            ['foo_bar'],
+            ['FOO_BAR'],
             ['aaa'],
-            ['bbb'],
-            ['ccc'],
-            ['ddd'],
-            ['eee'],
-            ['fff'],
-            ['ggg'],
-            ['hhh'],
-            ['iii'],
-            ['jjj'],
-            ['kkk'],
-            ['lll'],
-            ['mmm'],
-            ['nnn'],
-            ['ooo'],
-            ['ppp'],
-            ['qqq'],
-            ['rrr'],
-            ['sss'],
-            ['ttt'],
-            ['uuu'],
-            ['vvv'],
-            ['www'],
-            ['xxx'],
-            ['yyy'],
-            ['zzz'],
-            [''],
             ['aaa100'],
             ['a0'],
             ['z10'],
             ['z99'],
+            ['ça'],
+            ['日'],
         ];
     }
 
     public function provideUnsafeValueIsEscapedData(): array
     {
         return [
-            ['foo_bar'],
-            ['FOO_BAR'],
+            [''],
+            ['__FooBar__'],
             ['_'],
             ['__'],
             ['\''],