From 16e930bc9273597e8055d9c165ccc8d3c79ed40b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?sylvain=20plan=C3=A7on?= <sanplomb@gmail.com>
Date: Mon, 28 Jul 2014 23:18:20 +0200
Subject: [PATCH 1/2] Add backquotes to protect field's names and table name
 during the dump command.

---
 DataFixtures/Dumper/AbstractDataDumper.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/DataFixtures/Dumper/AbstractDataDumper.php b/DataFixtures/Dumper/AbstractDataDumper.php
index 2f71eb7..d00f2d1 100644
--- a/DataFixtures/Dumper/AbstractDataDumper.php
+++ b/DataFixtures/Dumper/AbstractDataDumper.php
@@ -107,7 +107,7 @@ abstract class AbstractDataDumper extends AbstractDataHandler implements DataDum
                 }
                 $stmt = $this
                     ->con
-                    ->query(sprintf('SELECT %s FROM %s', implode(',', $in), constant(constant($tableName.'::PEER').'::TABLE_NAME')));
+                    ->query(sprintf('SELECT `%s` FROM `%s`', implode('`,`', $in), constant(constant($tableName.'::PEER').'::TABLE_NAME')));
 
                 $resultsSets[] = $stmt->fetchAll(PDO::FETCH_ASSOC);
                 $stmt->closeCursor();

From 79f0fe4c61c2c29f7eec8140f61911cb06511881 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?sylvain=20plan=C3=A7on?= <sanplomb@gmail.com>
Date: Tue, 29 Jul 2014 22:25:04 +0200
Subject: [PATCH 2/2] Use Propel::getDB() to find adapter using by  and use
 quoteIdentifier() from adapter to protect fieldnames and tablenames.

---
 DataFixtures/Dumper/AbstractDataDumper.php | 21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

diff --git a/DataFixtures/Dumper/AbstractDataDumper.php b/DataFixtures/Dumper/AbstractDataDumper.php
index d00f2d1..f5ad731 100644
--- a/DataFixtures/Dumper/AbstractDataDumper.php
+++ b/DataFixtures/Dumper/AbstractDataDumper.php
@@ -58,7 +58,7 @@ abstract class AbstractDataDumper extends AbstractDataHandler implements DataDum
      * @param  string $connectionName The connection name
      * @return array
      */
-    protected function getDataAsArray()
+    protected function getDataAsArray($connectionName = null)
     {
         $tables = array();
         foreach ($this->dbMap->getTables() as $table) {
@@ -105,9 +105,22 @@ abstract class AbstractDataDumper extends AbstractDataHandler implements DataDum
                 foreach ($tableMap->getColumns() as $column) {
                     $in[] = strtolower($column->getName());
                 }
-                $stmt = $this
-                    ->con
-                    ->query(sprintf('SELECT `%s` FROM `%s`', implode('`,`', $in), constant(constant($tableName.'::PEER').'::TABLE_NAME')));
+
+                if (null !== $connectionName) {
+                    $adapter = Propel::getDB($connectionName);
+                    // Quote fieldnames
+                    $countFields = count($in);
+                    for ($i=0;$i<$countFields;$i++) {
+                        $in[$i] = $adapter->quoteIdentifier($in[$i]);
+                    }
+                    $stmt = $this
+                        ->con
+                        ->query(sprintf('SELECT %s FROM %s', implode(',', $in), $adapter->quoteIdentifier(constant(constant($tableName.'::PEER').'::TABLE_NAME'))));
+                } else {
+                    $stmt = $this
+                        ->con
+                        ->query(sprintf('SELECT %s FROM %s', implode(',', $in), constant(constant($tableName.'::PEER').'::TABLE_NAME')));
+                }
 
                 $resultsSets[] = $stmt->fetchAll(PDO::FETCH_ASSOC);
                 $stmt->closeCursor();