From 6a8e7b16cff81ec765b4c7d9da146d3aefb1ef34 Mon Sep 17 00:00:00 2001
From: Michael Kret <88898367+michael-radency@users.noreply.github.com>
Date: Mon, 27 Nov 2023 16:41:35 +0200
Subject: [PATCH] fix(Microsoft SQL Node): Prevent double escaping table name
 (#7801)

Github issue / Community forum post (link here to close automatically):
https://community.n8n.io/t/issue-my-mssql-update-in-latest-version/32966
---
 .../nodes/Microsoft/Sql/GenericFunctions.ts   | 21 ++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/packages/nodes-base/nodes/Microsoft/Sql/GenericFunctions.ts b/packages/nodes-base/nodes/Microsoft/Sql/GenericFunctions.ts
index 8ab20cf44c105..3e743b07a7be6 100644
--- a/packages/nodes-base/nodes/Microsoft/Sql/GenericFunctions.ts
+++ b/packages/nodes-base/nodes/Microsoft/Sql/GenericFunctions.ts
@@ -111,6 +111,15 @@ export function configurePool(credentials: IDataObject) {
 	return new mssql.ConnectionPool(config);
 }
 
+const escapeTableName = (table: string) => {
+	table = table.trim();
+	if (table.startsWith('[') && table.endsWith(']')) {
+		return table;
+	} else {
+		return `[${table}]`;
+	}
+};
+
 export async function insertOperation(tables: ITables, pool: mssql.ConnectionPool) {
 	return executeQueryQueue(
 		tables,
@@ -128,7 +137,7 @@ export async function insertOperation(tables: ITables, pool: mssql.ConnectionPoo
 					}
 				}
 
-				const query = `INSERT INTO [${table}] (${formatColumns(
+				const query = `INSERT INTO ${escapeTableName(table)} (${formatColumns(
 					columnString,
 				)}) VALUES ${valuesPlaceholder.join(', ')};`;
 
@@ -155,7 +164,9 @@ export async function updateOperation(tables: ITables, pool: mssql.ConnectionPoo
 					request.input(`v${index}`, item[col]);
 				}
 
-				const query = `UPDATE [${table}] SET ${setValues.join(', ')} WHERE ${condition};`;
+				const query = `UPDATE ${escapeTableName(table)} SET ${setValues.join(
+					', ',
+				)} WHERE ${condition};`;
 
 				return request.query(query);
 			});
@@ -182,9 +193,9 @@ export async function deleteOperation(tables: ITables, pool: mssql.ConnectionPoo
 						request.input(`v${index}`, entry[deleteKey]);
 					}
 
-					const query = `DELETE FROM [${table}] WHERE [${deleteKey}] IN (${valuesPlaceholder.join(
-						', ',
-					)});`;
+					const query = `DELETE FROM ${escapeTableName(
+						table,
+					)} WHERE [${deleteKey}] IN (${valuesPlaceholder.join(', ')});`;
 
 					return request.query(query);
 				});