escapeQuery shouldn't modify provided array

dxg · dxg · commit e9532328889d · 2014-05-13T16:34:59.000+10:00
diff --git a/lib/Helpers.js b/lib/Helpers.js
@@ -4,11 +4,13 @@
 // into:
 // "name LIKE 'John' AND age > 23"
 module.exports.escapeQuery = function (Dialect, query, args) {
-	return query.replace(/[?]+/g, function (match) {
+	var pos = 0;
+
+	return query.replace(/\?{1,2}/g, function (match) {
 		if (match == '?') {
-			return Dialect.escapeVal(args.shift());
+			return Dialect.escapeVal(args[pos++]);
 		} else if (match == '??') {
-			return Dialect.escapeId(args.shift());
+			return Dialect.escapeId(args[pos++]);
 		}
 	});
 }
diff --git a/package.json b/package.json
@@ -6,7 +6,7 @@
 		"sql",
 		"query"
   	],
-	"version": "0.1.19",
+	"version": "0.1.20",
 	"license": "MIT",
 	"repository": {
 		"url": "http://github.com/dresende/node-sql-query"
diff --git a/test/lib/test-helpers.js b/test/lib/test-helpers.js
@@ -33,3 +33,16 @@ assert.equal(
 	Helpers.escapeQuery(Dialect, "SELECT * FROM abc WHERE LOWER(abc.??) LIKE ? AND ?? == ?", ['stuff', 'peaches', 'number']),
 	"SELECT * FROM abc WHERE LOWER(abc.`stuff`) LIKE 'peaches' AND `number` == NULL"
 );
+
+// Should match at most 2 '?' at a time
+assert.equal(
+	Helpers.escapeQuery(Dialect, "?????", ['a', 'b', 'c']),
+	"`a``b`'c'"
+);
+
+// Should not modify provided array
+var arr = ['a', 'b', 'c'];
+assert.equal(
+	arr.join(','),
+	'a,b,c'
+)
