From a5480c70cb9b1bbe98a51ce53d68c579872945b0 Mon Sep 17 00:00:00 2001
From: Matthew Bucci <buccim2@gene.com>
Date: Mon, 26 Feb 2024 12:27:23 -0800
Subject: [PATCH] quote any variable usages in SQL

---
 pg4wp/rewriters/SelectSQLRewriter.php          | 2 +-
 pg4wp/rewriters/ShowTableStatusSQLRewriter.php | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/pg4wp/rewriters/SelectSQLRewriter.php b/pg4wp/rewriters/SelectSQLRewriter.php
index d9ef394..8ff6f63 100644
--- a/pg4wp/rewriters/SelectSQLRewriter.php
+++ b/pg4wp/rewriters/SelectSQLRewriter.php
@@ -373,7 +373,7 @@ class SelectSQLRewriter extends AbstractSQLRewriter
         INNER JOIN 
             pg_stat_user_tables S ON (S.relid = C.oid) 
         WHERE 
-            N.nspname = $schema AND 
+            N.nspname = '$schema' AND 
             C.relname IN ('wp_comments','wp_options','wp_posts','wp_terms','wp_users')
         GROUP BY 
             C.relname, pg_total_relation_size(C.oid), S.n_live_tup;
diff --git a/pg4wp/rewriters/ShowTableStatusSQLRewriter.php b/pg4wp/rewriters/ShowTableStatusSQLRewriter.php
index cf7ea68..794a99e 100644
--- a/pg4wp/rewriters/ShowTableStatusSQLRewriter.php
+++ b/pg4wp/rewriters/ShowTableStatusSQLRewriter.php
@@ -42,9 +42,9 @@ class ShowTableStatusSQLRewriter extends AbstractSQLRewriter
             pg_namespace nsp ON cls.relnamespace = nsp.oid
         WHERE 
             cls.relkind = 'r' 
-            AND nsp.nspname NOT LIKE 'pg_%' -- Ignore schemas with names starting with pg_
-            AND nsp.nspname != 'information_schema' -- Ignore the information_schema
-            AND nsp.nspname = $schema -- Select only tables in the 'myschema' schema
+            AND nsp.nspname NOT LIKE 'pg_%' 
+            AND nsp.nspname != 'information_schema' 
+            AND nsp.nspname = '$schema' 
         ORDER BY 
             cls.relname ASC;
         SQL;