CreateUpdateCommand fix for zero length string #194

Closed
wants to merge 2 commits into
from

Conversation

Projects
None yet
2 participants

srdjo commented Jun 2, 2013

If you try to submit form that has some empty fields and then try to update the database using

table.Update(Request.Form, ID);

You might get error saying

The UPDATE statement conflicted with the CHECK constraint - Allow Zero Length.

This change fixes it by replacing empty string with 'Null'.

srdjo added some commits Jun 2, 2013

@srdjo srdjo CreateUpdateCommand fix for zero length string
If you try to submit form that has some empty fields and then try to update the database using

table.Update(Request.Form, ID);

You might get error saying

The UPDATE statement conflicted with the CHECK constraint - Allow Zero Length.

This change fixes it by replacing empty string with 'Null'.
8ad91a8
@srdjo srdjo Fixed "Null" to null 9d88f67
Contributor

robconery commented Jun 5, 2013

Couple of issues with this... first is sending request.form naked to an update. That's ripe for mass-assignment and I would recommend not doing this. The other is that NULL is not the same as empty string... I think I'll remove this update method altogether actually...

srdjo commented Jun 5, 2013

That would really be bad since this is the easiest way to do DB updates I found so far.

On my form I have the fields with exactly the same names as the fields in the database and I can do inserts or updates with only one line of code. This is one of the best things you did and I cant thank you enough for it.

I even populate the form using only one statement.

With a bit of work this function could make Massive even more popular since I see that there are many people still not aware of it.

I might even write an article about it so the others may enjoy it as much as I do.

Contributor

robconery commented Sep 14, 2013

Appreciate the help here - really I do - but I'm going to be ripping form assignment stuff out in v2. Perhaps you could start a contrib project that had helpers which did this? I think it's a security hole in a big way...

robconery closed this Sep 14, 2013

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment