SQLite SELECT 与正则表达式捕获字符串一起使用时无法在 Ruby 中工作,但可以与字符串文字一起使用
我使用以下正则表达式来捕获以匹配 IRC PART 消息:
:(?<nick>[a-zA-Z\d<\-\[\]\\^{}_]+)!(.+)@(.+) PART (?<chan>[#&][^\x07\x2C\s]{0,200}) :(.+)
它正确匹配并捕获组,因为运行此代码时:
part_regex.match resp do |m|
puts "#{m[:nick]} has parted."
puts db.execute("SELECT * FROM users WHERE nick = ?", m[:nick])
end
第一个 puts 起作用,并输出正确的字符串。但第二个 puts 没有输出任何内容。我知道表中存在缺口捕获。每当我使用文字字符串而不是 m[:nick] 时,它都可以正常工作。我正在使用 sqlite3-ruby Gem 来操作数据库。
以下是收到 PART 消息时的完整输出:
>> :[email protected] PART #testing :mark
mark has parted.
I am using the following regex to capture to match an IRC PART message:
:(?<nick>[a-zA-Z\d<\-\[\]\\^{}_]+)!(.+)@(.+) PART (?<chan>[#&][^\x07\x2C\s]{0,200}) :(.+)
It matches and captures the groups correctly, because when this code is run:
part_regex.match resp do |m|
puts "#{m[:nick]} has parted."
puts db.execute("SELECT * FROM users WHERE nick = ?", m[:nick])
end
The first puts works, and outputs the correct string. But the second puts doesn't output anything. I know that the nick capture exists in the table. Whenever I use a literal string instead of m[:nick], it works just fine. I am using the sqlite3-ruby Gem for manipulating the database.
Here is the full output whenever it receives a PART message:
>> :[email protected] PART #testing :mark
mark has parted.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
我决定使用字符串插值而不是占位符。
I decided on using string interpolation instead of placeholders.
某些数据库库(例如 ActiveRecord)允许使用“?”来防止 SQL 注入。作为占位符。我不确定您使用的是什么数据库,但它可能不支持这种类型的字符串插值。即使是这样,它可能仍然需要有“?”用单引号括起来。
Some database libraries, such as ActiveRecord allows SQL injection prevention using the "?" as a placeholder. I am not sure what database library you are using, but it may not support this type of string interpolation. Even if it does, it may still need to have the "?" surrounded by single quotes.