1
0
Fork 0
mirror of https://github.com/rails/rails.git synced 2022-11-09 12:12:34 -05:00

Merge pull request #13008 from ktheory/sanitize_order

Support SQL sanitization in AR::QueryMethods#order
This commit is contained in:
Sean Griffin 2015-10-29 14:38:42 -06:00
commit 6a6dbb4c51
2 changed files with 12 additions and 0 deletions

View file

@ -1045,6 +1045,13 @@ module ActiveRecord
end
def preprocess_order_args(order_args)
order_args.map! do |arg|
if arg.is_a?(Array) && arg.first.to_s.include?('?')
klass.send(:sanitize_sql, arg)
else
arg
end
end
order_args.flatten!
validate_order_args(order_args)

View file

@ -297,6 +297,11 @@ class RelationTest < ActiveRecord::TestCase
assert_equal 3, tags.length
end
def test_finding_with_sanitized_order
query = Tag.order(["field(id, ?)", [1,3,2]]).to_sql
assert_match(/field\(id, 1,3,2\)/, query)
end
def test_finding_with_order_limit_and_offset
entrants = Entrant.order("id ASC").limit(2).offset(1)