mirror of
https://github.com/rails/rails.git
synced 2022-11-09 12:12:34 -05:00
Fix edge case with colons in times interpreted as bind variables by requiring that bind vars start with a letter. Closes #10519 [matrix9180]
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@8936 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
This commit is contained in:
parent
33736bc18a
commit
8352287c72
2 changed files with 3 additions and 1 deletions
|
@ -1924,7 +1924,7 @@ module ActiveRecord #:nodoc:
|
||||||
end
|
end
|
||||||
|
|
||||||
def replace_named_bind_variables(statement, bind_vars) #:nodoc:
|
def replace_named_bind_variables(statement, bind_vars) #:nodoc:
|
||||||
statement.gsub(/:(\w+)/) do
|
statement.gsub(/:([a-zA-Z]\w*)/) do
|
||||||
match = $1.to_sym
|
match = $1.to_sym
|
||||||
if bind_vars.include?(match)
|
if bind_vars.include?(match)
|
||||||
quote_bound_value(bind_vars[match])
|
quote_bound_value(bind_vars[match])
|
||||||
|
|
|
@ -340,6 +340,8 @@ class FinderTest < ActiveRecord::TestCase
|
||||||
assert_equal '1', bind(':a', :a => 1) # ' ruby-mode
|
assert_equal '1', bind(':a', :a => 1) # ' ruby-mode
|
||||||
assert_equal '1 1', bind(':a :a', :a => 1) # ' ruby-mode
|
assert_equal '1 1', bind(':a :a', :a => 1) # ' ruby-mode
|
||||||
|
|
||||||
|
assert_nothing_raised { bind("'+00:00'", :foo => "bar") }
|
||||||
|
|
||||||
assert_kind_of Firm, Company.find(:first, :conditions => ["name = :name", { :name => "37signals" }])
|
assert_kind_of Firm, Company.find(:first, :conditions => ["name = :name", { :name => "37signals" }])
|
||||||
assert_nil Company.find(:first, :conditions => ["name = :name", { :name => "37signals!" }])
|
assert_nil Company.find(:first, :conditions => ["name = :name", { :name => "37signals!" }])
|
||||||
assert_nil Company.find(:first, :conditions => ["name = :name", { :name => "37signals!' OR 1=1" }])
|
assert_nil Company.find(:first, :conditions => ["name = :name", { :name => "37signals!' OR 1=1" }])
|
||||||
|
|
Loading…
Reference in a new issue