diff options
author | David Heinemeier Hansson <david@loudthinking.com> | 2004-12-07 14:48:53 +0000 |
---|---|---|
committer | David Heinemeier Hansson <david@loudthinking.com> | 2004-12-07 14:48:53 +0000 |
commit | 49403831fc90a9d0d6955bab2ae6f7833be3c0ba (patch) | |
tree | 4765bf694483851dc83b6d9dbaada5caede95a81 /activerecord/lib/active_record/connection_adapters | |
parent | 8a40c6b52258df9f790fd160104c3ab18e0494e7 (diff) | |
download | rails-49403831fc90a9d0d6955bab2ae6f7833be3c0ba.tar.gz rails-49403831fc90a9d0d6955bab2ae6f7833be3c0ba.tar.bz2 rails-49403831fc90a9d0d6955bab2ae6f7833be3c0ba.zip |
Fixed value quoting in all generated SQL statements, so that integers are not surrounded in quotes and that all sanitation are happening through the database's own quoting routine. This should hopefully make it lots easier for new adapters that doesn't accept '1' for integer columns.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@70 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Diffstat (limited to 'activerecord/lib/active_record/connection_adapters')
-rwxr-xr-x | activerecord/lib/active_record/connection_adapters/abstract_adapter.rb | 15 | ||||
-rwxr-xr-x | activerecord/lib/active_record/connection_adapters/mysql_adapter.rb | 4 |
2 files changed, 12 insertions, 7 deletions
diff --git a/activerecord/lib/active_record/connection_adapters/abstract_adapter.rb b/activerecord/lib/active_record/connection_adapters/abstract_adapter.rb index 301ee208a3..6f4dca1b7b 100755 --- a/activerecord/lib/active_record/connection_adapters/abstract_adapter.rb +++ b/activerecord/lib/active_record/connection_adapters/abstract_adapter.rb @@ -320,13 +320,14 @@ module ActiveRecord def quote(value, column = nil) case value - when String then "'#{quote_string(value)}'" # ' (for ruby-mode) - when NilClass then "NULL" - when TrueClass then (column && column.type == :boolean ? "'t'" : "1") - when FalseClass then (column && column.type == :boolean ? "'f'" : "0") - when Float, Fixnum, Bignum, Date then "'#{value.to_s}'" - when Time, DateTime then "'#{value.strftime("%Y-%m-%d %H:%M:%S")}'" - else "'#{quote_string(value.to_yaml)}'" + when String then "'#{quote_string(value)}'" # ' (for ruby-mode) + when NilClass then "NULL" + when TrueClass then (column && column.type == :boolean ? "'t'" : "1") + when FalseClass then (column && column.type == :boolean ? "'f'" : "0") + when Float, Fixnum, Bignum then value.to_s + when Date then "'#{value.to_s}'" + when Time, DateTime then "'#{value.strftime("%Y-%m-%d %H:%M:%S")}'" + else "'#{quote_string(value.to_yaml)}'" end end diff --git a/activerecord/lib/active_record/connection_adapters/mysql_adapter.rb b/activerecord/lib/active_record/connection_adapters/mysql_adapter.rb index 5dcdded5bc..55c15c6823 100755 --- a/activerecord/lib/active_record/connection_adapters/mysql_adapter.rb +++ b/activerecord/lib/active_record/connection_adapters/mysql_adapter.rb @@ -117,6 +117,10 @@ module ActiveRecord execute "CREATE DATABASE #{name}" end + def quote_string(s) + Mysql::quote(s) + end + private def select(sql, name = nil) result = nil |