If you are unfortunate enough to use a MySQL reserved keyword as a column name when creating a table, the column is added, but all further interaction with the field breaks (see eg. http://blog.ericlamb.net/2009/07/mysql-reserved-keywords/). This is unsurprising, as db_query() doesn't check for reserved queries and escape them with backticks.

If the UI is intended for more general use (rather than technical programmers) then should we validate column names against the keywords list (http://dev.mysql.com/doc/mysqld-version-reference/en/mysqld-version-refe...)?

Comments

joachim’s picture

Version: 6.x-1.0 » 7.x-1.x-dev

Agreed, column names should be checked and reserved words rejected.

Moving to 7.x branch.

joachim’s picture

Issue summary: View changes
Status: Active » Closed (duplicate)