From 3e7d191e6450a3050976c735b0efc11b8a0aee93 Mon Sep 17 00:00:00 2001
From: David Heinemeier Hansson <david@loudthinking.com>
Date: Tue, 7 Dec 2004 10:37:50 +0000
Subject: Added bind-style variable interpolation for the condition arrays that
 uses the adapter's quote method [Michael Koziarski]

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@56 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
---
 activerecord/test/finder_test.rb | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'activerecord/test')

diff --git a/activerecord/test/finder_test.rb b/activerecord/test/finder_test.rb
index d369f6b033..b7b4ab589a 100755
--- a/activerecord/test/finder_test.rb
+++ b/activerecord/test/finder_test.rb
@@ -60,6 +60,13 @@ class FinderTest < Test::Unit::TestCase
     assert_kind_of Time, Topic.find_first(["id = %d", 1]).written_on
   end
 
+  def test_bind_variables
+    assert_kind_of Firm, Company.find_first(["name = ?", "37signals"])
+    assert_nil Company.find_first(["name = ?", "37signals!"])
+    assert_nil Company.find_first(["name = ?", "37signals!' OR 1=1"])
+    assert_kind_of Time, Topic.find_first(["id = ?", 1]).written_on
+  end
+	
   def test_string_sanitation
     assert_equal "something '' 1=1", ActiveRecord::Base.sanitize("something ' 1=1")
     assert_equal "something select table", ActiveRecord::Base.sanitize("something; select table")
-- 
cgit v1.2.3