aboutsummaryrefslogtreecommitdiffstats
path: root/activerecord/test
diff options
context:
space:
mode:
authorDavid Heinemeier Hansson <david@loudthinking.com>2004-12-07 10:37:50 +0000
committerDavid Heinemeier Hansson <david@loudthinking.com>2004-12-07 10:37:50 +0000
commit3e7d191e6450a3050976c735b0efc11b8a0aee93 (patch)
tree1d954adc5207f7fcd231fe79e2fde0293e2b1d26 /activerecord/test
parent5e3eaff5bb00c4d19d9ff2e80d32090e9515fe2c (diff)
downloadrails-3e7d191e6450a3050976c735b0efc11b8a0aee93.tar.gz
rails-3e7d191e6450a3050976c735b0efc11b8a0aee93.tar.bz2
rails-3e7d191e6450a3050976c735b0efc11b8a0aee93.zip
Added bind-style variable interpolation for the condition arrays that uses the adapter's quote method [Michael Koziarski]
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@56 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Diffstat (limited to 'activerecord/test')
-rwxr-xr-xactiverecord/test/finder_test.rb7
1 files changed, 7 insertions, 0 deletions
diff --git a/activerecord/test/finder_test.rb b/activerecord/test/finder_test.rb
index d369f6b033..b7b4ab589a 100755
--- a/activerecord/test/finder_test.rb
+++ b/activerecord/test/finder_test.rb
@@ -60,6 +60,13 @@ class FinderTest < Test::Unit::TestCase
assert_kind_of Time, Topic.find_first(["id = %d", 1]).written_on
end
+ def test_bind_variables
+ assert_kind_of Firm, Company.find_first(["name = ?", "37signals"])
+ assert_nil Company.find_first(["name = ?", "37signals!"])
+ assert_nil Company.find_first(["name = ?", "37signals!' OR 1=1"])
+ assert_kind_of Time, Topic.find_first(["id = ?", 1]).written_on
+ end
+
def test_string_sanitation
assert_equal "something '' 1=1", ActiveRecord::Base.sanitize("something ' 1=1")
assert_equal "something select table", ActiveRecord::Base.sanitize("something; select table")
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-03 14:47:06 +0000