Default value is now escaped properly in Laravel v12.20.0 laravel/framework#56158

kitloong · kitloong · commit 660d64de8476 · 2025-07-22T02:02:53.000+08:00
diff --git a/src/Database/Models/DatabaseColumn.php b/src/Database/Models/DatabaseColumn.php
@@ -2,6 +2,7 @@
 
 namespace KitLoong\MigrationsGenerator\Database\Models;
 
+use Illuminate\Support\Facades\App;
 use KitLoong\MigrationsGenerator\Enum\Migrations\ColumnName;
 use KitLoong\MigrationsGenerator\Enum\Migrations\Method\ColumnType;
 use KitLoong\MigrationsGenerator\Schema\Models\Column;
@@ -293,7 +294,11 @@ protected function escapeDefault(?string $default): ?string
             return null;
         }
 
-        $default = str_replace("'", "''", $default);
+        // For Laravel versions lower than 12.20.0, escape single quotes
+        if (version_compare(App::version(), '12.20.0', '<')) {
+            $default = str_replace("'", "''", $default);
+        }
+
         return addcslashes($default, '\\');
     }
 
diff --git a/tests/Unit/Database/Models/DatabaseColumnTest.php b/tests/Unit/Database/Models/DatabaseColumnTest.php
@@ -0,0 +1,153 @@
+<?php
+
+namespace KitLoong\MigrationsGenerator\Tests\Unit\Database\Models;
+
+use Illuminate\Support\Facades\App;
+use KitLoong\MigrationsGenerator\Tests\TestCase;
+use PHPUnit\Framework\Attributes\DataProvider;
+
+class DatabaseColumnTest extends TestCase
+{
+    #[DataProvider('escapeDefaultVersionProvider')]
+    public function testEscapeDefaultBasedOnLaravelVersion(
+        string $laravelVersion,
+        ?string $input,
+        ?string $expected,
+    ): void {
+        // Mock Laravel version
+        App::shouldReceive('version')
+            ->andReturn($laravelVersion);
+
+        $column = new TestDatabaseColumn('test_table', [
+            'name'           => 'test_column',
+            'type_name'      => 'varchar',
+            'type'           => 'varchar(255)',
+            'collation'      => null,
+            'nullable'       => true,
+            'default'        => null,
+            'auto_increment' => false,
+            'comment'        => null,
+            'generation'     => null,
+        ]);
+
+        $result = $column->testEscapeDefault($input);
+        $this->assertSame($expected, $result);
+    }
+
+    public function testEscapeDefaultWithComplexStrings(): void
+    {
+        App::shouldReceive('version')->andReturn('11.0.0'); // Old version
+
+        $column = new TestDatabaseColumn('test_table', [
+            'name'           => 'test_column',
+            'type_name'      => 'varchar',
+            'type'           => 'varchar(255)',
+            'collation'      => null,
+            'nullable'       => true,
+            'default'        => null,
+            'auto_increment' => false,
+            'comment'        => null,
+            'generation'     => null,
+        ]);
+
+        // Test complex string with multiple characters to escape
+        $input  = "string !@#$%^^&*()_+-=[]{};:,./<>?~`| \\ \\' \\\\\' \" \\\" \\\\\"";
+        $result = $column->testEscapeDefault($input);
+
+        // Should escape both single quotes and backslashes for old Laravel versions
+        $expected = "string !@#$%^^&*()_+-=[]{};:,./<>?~`| \\\\ \\\\'' \\\\\\\\\\\\'' \" \\\\\" \\\\\\\\\"";
+        $this->assertSame($expected, $result);
+    }
+
+    public function testEscapeDefaultWithNewLaravelVersionComplexString(): void
+    {
+        App::shouldReceive('version')->andReturn('12.20.0'); // New version
+
+        $column = new TestDatabaseColumn('test_table', [
+            'name'           => 'test_column',
+            'type_name'      => 'varchar',
+            'type'           => 'varchar(255)',
+            'collation'      => null,
+            'nullable'       => true,
+            'default'        => null,
+            'auto_increment' => false,
+            'comment'        => null,
+            'generation'     => null,
+        ]);
+
+        // Test complex string - should only escape backslashes, not quotes
+        $input  = "string !@#$%^^&*()_+-=[]{};:,./<>?~`| \\ \\' \\\\\' \" \\\" \\\\\"";
+        $result = $column->testEscapeDefault($input);
+
+        // Should only escape backslashes for new Laravel versions
+        $expected = "string !@#$%^^&*()_+-=[]{};:,./<>?~`| \\\\ \\\\' \\\\\\\\\\\\' \" \\\\\" \\\\\\\\\"";
+        $this->assertSame($expected, $result);
+    }
+
+    /**
+     * @return array<string, array{string, string|null, string|null}>
+     */
+    public static function escapeDefaultVersionProvider(): array
+    {
+        return [
+            // Laravel < 12.20.0 cases - should escape single quotes
+            'Laravel 11.x.x with single quotes'                => [
+                '11.5.0',
+                "test'value",
+                "test''value",
+            ],
+            'Laravel 12.19.x with single quotes'               => [
+                '12.19.9',
+                "value with 'quotes' inside",
+                "value with ''quotes'' inside",
+            ],
+            'Laravel 12.19.x with backslashes'                 => [
+                '12.19.9',
+                'path\\to\\file',
+                'path\\\\to\\\\file',
+            ],
+            'Laravel 12.19.x with both quotes and backslashes' => [
+                '12.19.9',
+                "path\\to'file'",
+                "path\\\\to''file''",
+            ],
+            'Laravel 12.19.x with null input'                  => [
+                '12.19.9',
+                null,
+                null,
+            ],
+
+            // Laravel >= 12.20.0 cases - should NOT escape single quotes
+            'Laravel 12.20.0 with single quotes'               => [
+                '12.20.0',
+                "test'value",
+                "test'value",
+            ],
+            'Laravel 12.21.x with single quotes'               => [
+                '12.21.5',
+                "value with 'quotes' inside",
+                "value with 'quotes' inside",
+            ],
+            'Laravel 13.x.x with single quotes'                => [
+                '13.0.0',
+                "test'value",
+                "test'value",
+            ],
+            'Laravel 12.20.0 with backslashes'                 => [
+                '12.20.0',
+                'path\\to\\file',
+                'path\\\\to\\\\file',
+            ],
+            'Laravel 12.20.0 with both quotes and backslashes' => [
+                '12.20.0',
+                "path\\to'file'",
+                "path\\\\to'file'",
+            ],
+            'Laravel 12.20.0 with null input'                  => [
+                '12.20.0',
+                null,
+                null,
+            ],
+        ];
+    }
+}
diff --git a/tests/Unit/Database/Models/TestDatabaseColumn.php b/tests/Unit/Database/Models/TestDatabaseColumn.php
@@ -0,0 +1,25 @@
+<?php
+
+namespace KitLoong\MigrationsGenerator\Tests\Unit\Database\Models;
+
+use KitLoong\MigrationsGenerator\Database\Models\DatabaseColumn;
+use KitLoong\MigrationsGenerator\Enum\Migrations\Method\ColumnType;
+
+/**
+ * Test implementation of DatabaseColumn for testing purposes
+ */
+class TestDatabaseColumn extends DatabaseColumn
+{
+    /**
+     * Expose the protected escapeDefault method for testing
+     */
+    public function testEscapeDefault(?string $default): ?string
+    {
+        return $this->escapeDefault($default);
+    }
+
+    protected function getColumnType(string $type): ColumnType
+    {
+        return ColumnType::STRING;
+    }
+}
