lib/ronin/formatting/extensions/sql/string.rb in ronin-support-0.5.1 vs lib/ronin/formatting/extensions/sql/string.rb in ronin-support-0.5.2

@@ -1,32 +1,31 @@
 #
-# Copyright (c) 2006-2012 Hal Brodigan (postmodern.mod3 at gmail.com)
+# Copyright (c) 2006-2021 Hal Brodigan (postmodern.mod3 at gmail.com)
 #
-# This file is part of Ronin Support.
+# This file is part of ronin-support.
 #
-# Ronin Support is free software: you can redistribute it and/or modify
+# ronin-support is free software: you can redistribute it and/or modify
 # it under the terms of the GNU Lesser General Public License as published
 # by the Free Software Foundation, either version 3 of the License, or
 # (at your option) any later version.
 #
-# Ronin Support is distributed in the hope that it will be useful,
+# ronin-support is distributed in the hope that it will be useful,
 # but WITHOUT ANY WARRANTY; without even the implied warranty of
 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 # GNU Lesser General Public License for more details.
 #
 # You should have received a copy of the GNU Lesser General Public License
-# along with Ronin Support.  If not, see <http://www.gnu.org/licenses/>.
+# along with ronin-support.  If not, see <https://www.gnu.org/licenses/>.
 #
 
 class String
 
   #
   # Escapes an String for SQL.
   #
-  # @param [Symbol] quotes (:single)
+  # @param [:single, :double, :tick] quotes (:single)
   #   Specifies whether to create a single or double quoted string.
-  #   May be either `:single` or `:double`.
   #
   # @return [String]
   #   The escaped String.
   #
   # @raise [ArgumentError]
@@ -37,15 +36,18 @@
   #   # => "'O''Brian'"
   #
   # @since 0.3.0
   #
   def sql_escape(quotes=:single)
-    case quotes
-    when :single then "'#{gsub(/'/,"''")}'"
-    when :double then "\"#{gsub(/"/,'""')}\""
-    else
-      raise(ArgumentError,"invalid quoting style #{quotes.inspect}")
-    end
+    char = case quotes
+           when :single then "'"
+           when :double then '"'
+           when :tick   then '`'
+           else
+             raise(ArgumentError,"invalid quoting style #{quotes.inspect}")
+           end
+
+    return char + gsub(char,char * 2) + char
   end
 
   #
   # Returns the SQL hex-string encoded form of the String.
   #