Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP

Loading…

CreateUpdateCommand fix for zero length string #194

Closed
wants to merge 2 commits into from

2 participants

@srdjo

If you try to submit form that has some empty fields and then try to update the database using

table.Update(Request.Form, ID);

You might get error saying

The UPDATE statement conflicted with the CHECK constraint - Allow Zero Length.

This change fixes it by replacing empty string with 'Null'.

srdjo added some commits
@srdjo srdjo CreateUpdateCommand fix for zero length string
If you try to submit form that has some empty fields and then try to update the database using

table.Update(Request.Form, ID);

You might get error saying

The UPDATE statement conflicted with the CHECK constraint - Allow Zero Length.

This change fixes it by replacing empty string with 'Null'.
8ad91a8
@srdjo srdjo Fixed "Null" to null 9d88f67
@robconery
Collaborator

Couple of issues with this... first is sending request.form naked to an update. That's ripe for mass-assignment and I would recommend not doing this. The other is that NULL is not the same as empty string... I think I'll remove this update method altogether actually...

@srdjo

That would really be bad since this is the easiest way to do DB updates I found so far.

On my form I have the fields with exactly the same names as the fields in the database and I can do inserts or updates with only one line of code. This is one of the best things you did and I cant thank you enough for it.

I even populate the form using only one statement.

With a bit of work this function could make Massive even more popular since I see that there are many people still not aware of it.

I might even write an article about it so the others may enjoy it as much as I do.

@robconery
Collaborator

Appreciate the help here - really I do - but I'm going to be ripping form assignment stuff out in v2. Perhaps you could start a contrib project that had helpers which did this? I think it's a security hole in a big way...

@robconery robconery closed this
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Commits on Jun 2, 2013
  1. @srdjo

    CreateUpdateCommand fix for zero length string

    srdjo authored
    If you try to submit form that has some empty fields and then try to update the database using
    
    table.Update(Request.Form, ID);
    
    You might get error saying
    
    The UPDATE statement conflicted with the CHECK constraint - Allow Zero Length.
    
    This change fixes it by replacing empty string with 'Null'.
  2. @srdjo

    Fixed "Null" to null

    srdjo authored
This page is out of date. Refresh to see the latest.
Showing with 2 additions and 1 deletion.
  1. +2 −1  Massive.cs
View
3  Massive.cs
@@ -454,6 +454,7 @@ private dynamic BuildPagedResult(string sql = "", string primaryKeyField = "", s
foreach (var item in settings) {
var val = item.Value;
if (!item.Key.Equals(PrimaryKeyField, StringComparison.OrdinalIgnoreCase) && item.Value != null) {
+ if (String.IsNullOrEmpty(item.Value.ToString())) { val = null; };
result.AddParam(val);
sbKeys.AppendFormat("{0} = @{1}, \r\n", item.Key, counter.ToString());
counter++;
@@ -670,4 +671,4 @@ private dynamic BuildPagedResult(string sql = "", string primaryKeyField = "", s
return true;
}
}
-}
+}
Something went wrong with that request. Please try again.