Skip to content

Commit

Permalink
Sanitize lat/lon for SQL query.
Browse files Browse the repository at this point in the history
  • Loading branch information
@alexreisner
alexreisner committed Jan 23, 2020
1 parent 1ff64c4 commit dcdc3d8
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions lib/geocoder/sql.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,13 +44,13 @@ def approx_distance(latitude, longitude, lat_attr, lon_attr, options = {})
end

def within_bounding_box(sw_lat, sw_lng, ne_lat, ne_lng, lat_attr, lon_attr)
spans = "#{lat_attr} BETWEEN #{sw_lat} AND #{ne_lat} AND "
spans = "#{lat_attr} BETWEEN #{sw_lat.to_f} AND #{ne_lat.to_f} AND "
# handle box that spans 180 longitude
if sw_lng.to_f > ne_lng.to_f
spans + "(#{lon_attr} BETWEEN #{sw_lng} AND 180 OR " +
"#{lon_attr} BETWEEN -180 AND #{ne_lng})"
spans + "(#{lon_attr} BETWEEN #{sw_lng.to_f} AND 180 OR " +
"#{lon_attr} BETWEEN -180 AND #{ne_lng.to_f})"
else
spans + "#{lon_attr} BETWEEN #{sw_lng} AND #{ne_lng}"
spans + "#{lon_attr} BETWEEN #{sw_lng.to_f} AND #{ne_lng.to_f}"
end
end

Expand Down

0 comments on commit dcdc3d8

Please sign in to comment.