fix(MySQL Node): Only escape table names when needed (#8246)

packages/nodes-base/nodes/MySql/v2/actions/database/deleteTable.operation.ts

@@ -13,7 +13,7 @@ import type {
 	WhereClause,
 } from '../../helpers/interfaces';
 
-import { addWhereClauses } from '../../helpers/utils';
+import { addWhereClauses, escapeSqlIdentifier } from '../../helpers/utils';
 
 import {
 	optionsCollection,
@@ -98,11 +98,11 @@ export async function execute(
 		let values: QueryValues = [];
 
 		if (deleteCommand === 'drop') {
-			query = `DROP TABLE IF EXISTS \`${table}\``;
+			query = `DROP TABLE IF EXISTS ${escapeSqlIdentifier(table)}`;
 		}
 
 		if (deleteCommand === 'truncate') {
-			query = `TRUNCATE TABLE \`${table}\``;
+			query = `TRUNCATE TABLE ${escapeSqlIdentifier(table)}`;
 		}
 
 		if (deleteCommand === 'delete') {
@@ -114,7 +114,7 @@ export async function execute(
 			[query, values] = addWhereClauses(
 				this.getNode(),
 				i,
-				`DELETE FROM \`${table}\``,
+				`DELETE FROM ${escapeSqlIdentifier(table)}`,
 				whereClauses,
 				values,
 				combineConditions,

packages/nodes-base/nodes/MySql/v2/actions/database/insert.operation.ts

@@ -14,7 +14,7 @@ import type {
 
 import { AUTO_MAP, BATCH_MODE, DATA_MODE } from '../../helpers/interfaces';
 
-import { replaceEmptyStringsByNulls } from '../../helpers/utils';
+import { escapeSqlIdentifier, replaceEmptyStringsByNulls } from '../../helpers/utils';
 
 import { optionsCollection } from '../common.descriptions';
 import { updateDisplayOptions } from '@utils/utilities';
@@ -171,11 +171,13 @@ export async function execute(
 			];
 		}
 
-		const escapedColumns = columns.map((column) => `\`${column}\``).join(', ');
+		const escapedColumns = columns.map(escapeSqlIdentifier).join(', ');
 		const placeholder = `(${columns.map(() => '?').join(',')})`;
 		const replacements = items.map(() => placeholder).join(',');
 
-		const query = `INSERT ${priority} ${ignore} INTO \`${table}\` (${escapedColumns}) VALUES ${replacements}`;
+		const query = `INSERT ${priority} ${ignore} INTO ${escapeSqlIdentifier(
+			table,
+		)} (${escapedColumns}) VALUES ${replacements}`;
 
 		const values = insertItems.reduce(
 			(acc: IDataObject[], item) => acc.concat(Object.values(item) as IDataObject[]),
@@ -214,10 +216,12 @@ export async function execute(
 				columns = Object.keys(insertItem);
 			}
 
-			const escapedColumns = columns.map((column) => `\`${column}\``).join(', ');
+			const escapedColumns = columns.map(escapeSqlIdentifier).join(', ');
 			const placeholder = `(${columns.map(() => '?').join(',')})`;
 
-			const query = `INSERT ${priority} ${ignore} INTO \`${table}\` (${escapedColumns}) VALUES ${placeholder};`;
+			const query = `INSERT ${priority} ${ignore} INTO ${escapeSqlIdentifier(
+				table,
+			)} (${escapedColumns}) VALUES ${placeholder};`;
 
 			const values = Object.values(insertItem) as QueryValues;
 

packages/nodes-base/nodes/MySql/v2/actions/database/select.operation.ts

@@ -13,7 +13,7 @@ import type {
 	WhereClause,
 } from '../../helpers/interfaces';
 
-import { addSortRules, addWhereClauses } from '../../helpers/utils';
+import { addSortRules, addWhereClauses, escapeSqlIdentifier } from '../../helpers/utils';
 
 import {
 	optionsCollection,
@@ -91,10 +91,10 @@ export async function execute(
 		const SELECT = selectDistinct ? 'SELECT DISTINCT' : 'SELECT';
 
 		if (outputColumns.includes('*')) {
-			query = `${SELECT} * FROM \`${table}\``;
+			query = `${SELECT} * FROM ${escapeSqlIdentifier(table)}`;
 		} else {
-			const escapedColumns = outputColumns.map((column) => `\`${column}\``).join(', ');
-			query = `${SELECT} ${escapedColumns} FROM \`${table}\``;
+			const escapedColumns = outputColumns.map(escapeSqlIdentifier).join(', ');
+			query = `${SELECT} ${escapedColumns} FROM ${escapeSqlIdentifier(table)}`;
 		}
 
 		let values: QueryValues = [];

packages/nodes-base/nodes/MySql/v2/actions/database/update.operation.ts

@@ -8,7 +8,7 @@ import type {
 import type { QueryRunner, QueryValues, QueryWithValues } from '../../helpers/interfaces';
 import { AUTO_MAP, DATA_MODE } from '../../helpers/interfaces';
 
-import { replaceEmptyStringsByNulls } from '../../helpers/utils';
+import { escapeSqlIdentifier, replaceEmptyStringsByNulls } from '../../helpers/utils';
 
 import { optionsCollection } from '../common.descriptions';
 import { updateDisplayOptions } from '@utils/utilities';
@@ -182,14 +182,16 @@ export async function execute(
 		const updates: string[] = [];
 
 		for (const column of updateColumns) {
-			updates.push(`\`${column}\` = ?`);
+			updates.push(`${escapeSqlIdentifier(column)} = ?`);
 			values.push(item[column] as string);
 		}
 
-		const condition = `\`${columnToMatchOn}\` = ?`;
+		const condition = `${escapeSqlIdentifier(columnToMatchOn)} = ?`;
 		values.push(valueToMatchOn);
 
-		const query = `UPDATE \`${table}\` SET ${updates.join(', ')} WHERE ${condition}`;
+		const query = `UPDATE ${escapeSqlIdentifier(table)} SET ${updates.join(
+			', ',
+		)} WHERE ${condition}`;
 
 		queries.push({ query, values });
 	}

packages/nodes-base/nodes/MySql/v2/actions/database/upsert.operation.ts

@@ -8,7 +8,7 @@ import type {
 import type { QueryRunner, QueryValues, QueryWithValues } from '../../helpers/interfaces';
 import { AUTO_MAP, DATA_MODE } from '../../helpers/interfaces';
 
-import { replaceEmptyStringsByNulls } from '../../helpers/utils';
+import { escapeSqlIdentifier, replaceEmptyStringsByNulls } from '../../helpers/utils';
 
 import { optionsCollection } from '../common.descriptions';
 import { updateDisplayOptions } from '@utils/utilities';
@@ -177,10 +177,12 @@ export async function execute(
 		const onConflict = 'ON DUPLICATE KEY UPDATE';
 
 		const columns = Object.keys(item);
-		const escapedColumns = columns.map((column) => `\`${column}\``).join(', ');
+		const escapedColumns = columns.map(escapeSqlIdentifier).join(', ');
 		const placeholder = `${columns.map(() => '?').join(',')}`;
 
-		const insertQuery = `INSERT INTO \`${table}\`(${escapedColumns}) VALUES(${placeholder})`;
+		const insertQuery = `INSERT INTO ${escapeSqlIdentifier(
+			table,
+		)}(${escapedColumns}) VALUES(${placeholder})`;
 
 		const values = Object.values(item) as QueryValues;
 
@@ -189,7 +191,7 @@ export async function execute(
 		const updates: string[] = [];
 
 		for (const column of updateColumns) {
-			updates.push(`\`${column}\` = ?`);
+			updates.push(`${escapeSqlIdentifier(column)} = ?`);
 			values.push(item[column] as string);
 		}