aboutsummaryrefslogtreecommitdiffstats
path: root/activerecord/test
diff options
context:
space:
mode:
Diffstat (limited to 'activerecord/test')
-rwxr-xr-xactiverecord/test/finder_test.rb7
1 files changed, 7 insertions, 0 deletions
diff --git a/activerecord/test/finder_test.rb b/activerecord/test/finder_test.rb
index d369f6b033..b7b4ab589a 100755
--- a/activerecord/test/finder_test.rb
+++ b/activerecord/test/finder_test.rb
@@ -60,6 +60,13 @@ class FinderTest < Test::Unit::TestCase
assert_kind_of Time, Topic.find_first(["id = %d", 1]).written_on
end
+ def test_bind_variables
+ assert_kind_of Firm, Company.find_first(["name = ?", "37signals"])
+ assert_nil Company.find_first(["name = ?", "37signals!"])
+ assert_nil Company.find_first(["name = ?", "37signals!' OR 1=1"])
+ assert_kind_of Time, Topic.find_first(["id = ?", 1]).written_on
+ end
+
def test_string_sanitation
assert_equal "something '' 1=1", ActiveRecord::Base.sanitize("something ' 1=1")
assert_equal "something select table", ActiveRecord::Base.sanitize("something; select table")
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-06 01:21:25 +0000