diff options
Diffstat (limited to 'activerecord/lib/active_record/associations')
3 files changed, 18 insertions, 14 deletions
diff --git a/activerecord/lib/active_record/associations/association_collection.rb b/activerecord/lib/active_record/associations/association_collection.rb index a60b9ddab5..00758aa66c 100644 --- a/activerecord/lib/active_record/associations/association_collection.rb +++ b/activerecord/lib/active_record/associations/association_collection.rb @@ -81,7 +81,7 @@ module ActiveRecord end def quoted_record_ids(records) - records.map { |record| "'#{@association_class.send(:sanitize, record.id)}'" }.join(',') + records.map { |record| record.quoted_id }.join(',') end def interpolate_sql_options!(options, *keys) diff --git a/activerecord/lib/active_record/associations/has_and_belongs_to_many_association.rb b/activerecord/lib/active_record/associations/has_and_belongs_to_many_association.rb index 8dec71403c..d53650fbd8 100644 --- a/activerecord/lib/active_record/associations/has_and_belongs_to_many_association.rb +++ b/activerecord/lib/active_record/associations/has_and_belongs_to_many_association.rb @@ -13,7 +13,7 @@ module ActiveRecord @finder_sql = options[:finder_sql] || "SELECT t.*, j.* FROM #{association_table_name} t, #{@join_table} j " + "WHERE t.#{@owner.class.primary_key} = j.#{@association_foreign_key} AND " + - "j.#{association_class_primary_key_name} = '#{@owner.id}' " + + "j.#{association_class_primary_key_name} = #{@owner.quoted_id} " + (options[:conditions] ? " AND " + options[:conditions] : "") + " " + "ORDER BY #{@order}" end @@ -26,11 +26,11 @@ module ActiveRecord each { |record| @owner.connection.execute(sql) } elsif @options[:conditions] sql = - "DELETE FROM #{@join_table} WHERE #{@association_class_primary_key_name} = '#{@owner.id}' " + + "DELETE FROM #{@join_table} WHERE #{@association_class_primary_key_name} = #{@owner.quoted_id} " + "AND #{@association_foreign_key} IN (#{collect { |record| record.id }.join(", ")})" @owner.connection.execute(sql) else - sql = "DELETE FROM #{@join_table} WHERE #{@association_class_primary_key_name} = '#{@owner.id}'" + sql = "DELETE FROM #{@join_table} WHERE #{@association_class_primary_key_name} = #{@owner.quoted_id}" @owner.connection.execute(sql) end @@ -46,7 +46,7 @@ module ActiveRecord if loaded? find_all { |record| record.id == association_id.to_i }.first else - find_all_records(@finder_sql.sub(/ORDER BY/, "AND j.#{@association_foreign_key} = '#{association_id}' ORDER BY")).first + find_all_records(@finder_sql.sub(/ORDER BY/, "AND j.#{@association_foreign_key} = #{@owner.send(:quote, association_id)} ORDER BY")).first end end end @@ -80,7 +80,8 @@ module ActiveRecord if @options[:insert_sql] @owner.connection.execute(interpolate_sql(@options[:insert_sql], record)) else - sql = "INSERT INTO #{@join_table} (#{@association_class_primary_key_name}, #{@association_foreign_key}) VALUES ('#{@owner.id}','#{record.id}')" + sql = "INSERT INTO #{@join_table} (#{@association_class_primary_key_name}, #{@association_foreign_key}) " + + "VALUES (#{@owner.quoted_id},#{record.quoted_id})" @owner.connection.execute(sql) end end @@ -98,7 +99,7 @@ module ActiveRecord records.each { |record| @owner.connection.execute(sql) } else ids = quoted_record_ids(records) - sql = "DELETE FROM #{@join_table} WHERE #{@association_class_primary_key_name} = '#{@owner.id}' AND #{@association_foreign_key} IN (#{ids})" + sql = "DELETE FROM #{@join_table} WHERE #{@association_class_primary_key_name} = #{@owner.quoted_id} AND #{@association_foreign_key} IN (#{ids})" @owner.connection.execute(sql) end end diff --git a/activerecord/lib/active_record/associations/has_many_association.rb b/activerecord/lib/active_record/associations/has_many_association.rb index 0f2d20d240..1d8441e6f8 100644 --- a/activerecord/lib/active_record/associations/has_many_association.rb +++ b/activerecord/lib/active_record/associations/has_many_association.rb @@ -8,7 +8,7 @@ module ActiveRecord if options[:finder_sql] @finder_sql = interpolate_sql(options[:finder_sql]) else - @finder_sql = "#{@association_class_primary_key_name} = '#{@owner.id}' #{@conditions ? " AND " + interpolate_sql(@conditions) : ""}" + @finder_sql = "#{@association_class_primary_key_name} = #{@owner.quoted_id} #{@conditions ? " AND " + interpolate_sql(@conditions) : ""}" end if options[:counter_sql] @@ -16,7 +16,7 @@ module ActiveRecord elsif options[:finder_sql] @counter_sql = options[:counter_sql] = @finder_sql.gsub(/SELECT (.*) FROM/i, "SELECT COUNT(*) FROM") else - @counter_sql = "#{@association_class_primary_key_name} = '#{@owner.id}'#{@conditions ? " AND " + interpolate_sql(@conditions) : ""}" + @counter_sql = "#{@association_class_primary_key_name} = #{@owner.quoted_id}#{@conditions ? " AND " + interpolate_sql(@conditions) : ""}" end end @@ -40,8 +40,8 @@ module ActiveRecord @collection.find_all(&block) else @association_class.find_all( - "#{@association_class_primary_key_name} = '#{@owner.id}' " + - "#{@conditions ? " AND " + @conditions : ""} #{runtime_conditions ? " AND " + @association_class.send(:sanitize_conditions, runtime_conditions) : ""}", + "#{@association_class_primary_key_name} = #{@owner.quoted_id}" + + "#{@conditions ? " AND " + @conditions : ""}#{runtime_conditions ? " AND " + @association_class.send(:sanitize_conditions, runtime_conditions) : ""}", orderings, limit, joins @@ -55,7 +55,7 @@ module ActiveRecord @collection.find(&block) else @association_class.find_on_conditions(association_id, - "#{@association_class_primary_key_name} = '#{@owner.id}' #{@conditions ? " AND " + @conditions : ""}" + "#{@association_class_primary_key_name} = #{@owner.quoted_id}#{@conditions ? " AND " + @conditions : ""}" ) end end @@ -63,7 +63,7 @@ module ActiveRecord # Removes all records from this association. Returns +self+ so # method calls may be chained. def clear - @association_class.update_all("#{@association_class_primary_key_name} = NULL", "#{@association_class_primary_key_name} = '#{@owner.id}'") + @association_class.update_all("#{@association_class_primary_key_name} = NULL", "#{@association_class_primary_key_name} = #{@owner.quoted_id}") @collection = [] self end @@ -101,7 +101,10 @@ module ActiveRecord def delete_records(records) ids = quoted_record_ids(records) - @association_class.update_all("#{@association_class_primary_key_name} = NULL", "#{@association_class_primary_key_name} = '#{@owner.id}' AND #{@association_class.primary_key} IN (#{ids})") + @association_class.update_all( + "#{@association_class_primary_key_name} = NULL", + "#{@association_class_primary_key_name} = #{@owner.quoted_id} AND #{@association_class.primary_key} IN (#{ids})" + ) end end end |