diff options
| author | Ryuta Kamizono <kamipo@gmail.com> | 2019-06-06 18:36:24 +0900 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-06-06 18:36:24 +0900 |
| commit | 497256747905ad6bcea78b8d7e1e4458dc291d8c (patch) | |
| tree | 7eea651fd6b65a0118b1f97ed2c9443da3fc0710 /activerecord/lib/active_record/connection_adapters/mysql | |
| parent | 76d260797eb4195ad5dac916e46467f097ec375f (diff) | |
| parent | 7696f44f6ff4d3eda8510b67eaab0441153430c3 (diff) | |
| download | rails-497256747905ad6bcea78b8d7e1e4458dc291d8c.tar.gz rails-497256747905ad6bcea78b8d7e1e4458dc291d8c.tar.bz2 rails-497256747905ad6bcea78b8d7e1e4458dc291d8c.zip | |
Merge pull request #36420 from kamipo/quoted_identifier_regex
Allow quoted identifier string as safe SQL string
Diffstat (limited to 'activerecord/lib/active_record/connection_adapters/mysql')
| -rw-r--r-- | activerecord/lib/active_record/connection_adapters/mysql/quoting.rb | 31 |
1 files changed, 26 insertions, 5 deletions
diff --git a/activerecord/lib/active_record/connection_adapters/mysql/quoting.rb b/activerecord/lib/active_record/connection_adapters/mysql/quoting.rb index 75564a61d6..84354c0187 100644 --- a/activerecord/lib/active_record/connection_adapters/mysql/quoting.rb +++ b/activerecord/lib/active_record/connection_adapters/mysql/quoting.rb @@ -32,12 +32,33 @@ module ActiveRecord "x'#{value.hex}'" end - def _type_cast(value) - case value - when Date, Time then value - else super - end + def column_name_matcher + COLUMN_NAME + end + + def column_name_with_order_matcher + COLUMN_NAME_WITH_ORDER end + + COLUMN_NAME = /\A(?:(`?)\w+\k<1>\.)?(`?)\w+\k<2>\z/i + + COLUMN_NAME_WITH_ORDER = / + \A + (?:(`?)\w+\k<1>\.)? + (`?)\w+\k<2> + (?:\s+ASC|\s+DESC)? + \z + /ix + + private_constant :COLUMN_NAME, :COLUMN_NAME_WITH_ORDER + + private + def _type_cast(value) + case value + when Date, Time then value + else super + end + end end end end |