aboutsummaryrefslogtreecommitdiffstats
path: root/activerecord/test/cases/sanitize_test.rb
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #22209 from ↵Sean Griffin2015-12-141-0/+10
|\ | | | | | | | | yui-knk/add_test_sanitize_sql_array_handles_named_bind_variables Add test cases for `#sanitize_sql_array` with named_bind_variables
| * Add test cases for `#sanitize_sql_array` with named_bind_variablesyui-knk2015-11-091-0/+10
| | | | | | | | | | And add code examples to `sanitize_sql_for_conditions`, `sanitize_sql_for_assignment`, and `sanitize_sql_array`.
* | Remove some bind related test cases from finder_test.rb to sanitize_test.rbyui-knk2015-11-211-0/+94
|/ | | | | | `replace_named_bind_variables` and `replace_bind_variables` are definded in `sanitization.rb`, so it is reasonable these tests are on `sanitize_test.rb`.
* Quote prepared statements of `sanitize_sql_array`yui-knk2015-09-251-4/+4
| | | | | | Sure unquoted SQL code pass test, but this % style prepared statements are dangerous. Test codes and code examples are also "Rails" codes, so quote placeholder of prepared statements.
* Remove deprecated `sanitize_sql_hash_for_conditions`Rafael Mendonça França2015-01-041-11/+0
|
* Add an `assert_deprecated` for `sanitize_sql_hash_for_conditions`Sean Griffin2014-11-021-1/+3
|
* remove warningKuldeep Aggarwal2014-04-181-1/+1
| | | | `warning: ambiguous first argument; put parentheses or even spaces`
* `sanitize_sql_like` escapes `escape_character` not only backslash.Yves Senn2014-04-161-4/+5
| | | | | | * This is a follow up to: fe4b0eee05f59831e1468ed50f55fbad0ce11e1d * The originating PR is #14222 * It should fix the build
* SQL Like escaping helper method. [Rob Gilson & Yves Senn]Rob Gilson2014-04-161-0/+26
| | | | | | | | | Closes #14222. This is a follow up to #6104 This does not have the backwards compatibility issues brought up in implementation to break.
* add activerecord test coverage for `sanitize_sql_array`Dmitry Polushkin2014-02-091-0/+5
| | | | check it is handles empty statement
* Process sub-query relation's binding valuesPaul Nikitochkin2013-10-201-4/+13
| | | | | | | | | Generated sub-query for Relation as array condition for `where` method did not take in account its bind values, in result generates invalid SQL query. Fixed by adding sub-query relation's binding values to base relation Closes: #12586
* Generate subquery for Relation passed as array condition for wherePaul Nikitochkin2013-10-131-0/+6
| | | | | | | | | Instead of executing 2 queries for fetching records filtered by array condition with Relation, added generation of subquery to current query. This behaviour will be consistent when passes Relation as hash condition to where Closes: #12415
* Remove current_adapter? from test_sanitize_sql_hash_handles_associationsYasuo Honda2013-05-081-5/+4
| | | | | | | Because of each adapter implementation differences, `expected_value` string needed to be handled by each adapter. This commit removes current_adapter by using ActiveRecord::ConnectionAdapters::Quoting methods.
* Fix test asserting the sanitized SQL hash differently to some adaptersRafael Mendonça França2013-05-061-1/+7
|
* Fix bug in ActiveRecord::Sanitization#sanitize_sql_hash_for_conditionsZach Ohlgren2013-05-061-0/+4
| | | | | | | | Fixing CHANGLOG description Remove extra line. Remove blank lines.
* please use ruby -I lib:test path/to/test.rb, or export RUBY_OPTAaron Patterson2011-06-061-1/+1
|
* Refactor Active Record test connection setup. Please see the ↵Jon Leighton2011-06-041-1/+1
| | | | RUNNING_UNIT_TESTS file for details, but essentially you can now configure things in test/config.yml. You can also run tests directly via the command line, e.g. ruby path/to/test.rb (no rake needed, uses default db connection from test/config.yml). This will help us fix the CI by enabling us to isolate the different Rails versions to different databases.
* Change all calls to String#chars to String#mb_chars.Manfred Stienstra2008-09-211-4/+4
|
* Fix ActiveRecord::Base.quote_bound_value for ActiveSupper::Multibyte::Chars ↵Manfred Stienstra2008-09-111-0/+25
values. - Adds String#acts_like_string? - Adds Chars#acts_like_string? Signed-off-by: Michael Koziarski <michael@koziarski.com> [#1029 state:committed]