Merge pull request #28748 from staudenmeir/database-rule

[5.8] Fix database rules with WHERE clauses

src/Illuminate/Validation/Rules/DatabaseRule.php

@@ -166,7 +166,7 @@ public function queryCallbacks()
     protected function formatWheres()
     {
         return collect($this->wheres)->map(function ($where) {
-            return $where['column'].','.$where['value'];
+            return $where['column'].','.'"'.str_replace('"', '""', $where['value']).'"';
         })->implode(',');
     }
 }

tests/Validation/ValidationExistsRuleTest.php

@@ -37,11 +37,11 @@ public function testItCorrectlyFormatsAStringVersionOfTheRule()
     {
         $rule = new Exists('table');
         $rule->where('foo', 'bar');
-        $this->assertEquals('exists:table,NULL,foo,bar', (string) $rule);
+        $this->assertEquals('exists:table,NULL,foo,"bar"', (string) $rule);
 
         $rule = new Exists('table', 'column');
         $rule->where('foo', 'bar');
-        $this->assertEquals('exists:table,column,foo,bar', (string) $rule);
+        $this->assertEquals('exists:table,column,foo,"bar"', (string) $rule);
     }
 
     public function testItChoosesValidRecordsUsingWhereInRule()

tests/Validation/ValidationUniqueRuleTest.php

@@ -12,36 +12,40 @@ public function testItCorrectlyFormatsAStringVersionOfTheRule()
     {
         $rule = new Unique('table');
         $rule->where('foo', 'bar');
-        $this->assertEquals('unique:table,NULL,NULL,id,foo,bar', (string) $rule);
+        $this->assertEquals('unique:table,NULL,NULL,id,foo,"bar"', (string) $rule);
 
         $rule = new Unique('table', 'column');
         $rule->ignore('Taylor, Otwell', 'id_column');
         $rule->where('foo', 'bar');
-        $this->assertEquals('unique:table,column,"Taylor, Otwell",id_column,foo,bar', (string) $rule);
+        $this->assertEquals('unique:table,column,"Taylor, Otwell",id_column,foo,"bar"', (string) $rule);
 
         $rule = new Unique('table', 'column');
         $rule->ignore('Taylor, Otwell"\'..-"', 'id_column');
         $rule->where('foo', 'bar');
-        $this->assertEquals('unique:table,column,"Taylor, Otwell\"\\\'..-\"",id_column,foo,bar', (string) $rule);
-        $this->assertEquals('Taylor, Otwell"\'..-"', stripslashes(str_getcsv('table,column,"Taylor, Otwell\"\\\'..-\"",id_column,foo,bar')[2]));
-        $this->assertEquals('id_column', stripslashes(str_getcsv('table,column,"Taylor, Otwell\"\\\'..-\"",id_column,foo,bar')[3]));
+        $this->assertEquals('unique:table,column,"Taylor, Otwell\"\\\'..-\"",id_column,foo,"bar"', (string) $rule);
+        $this->assertEquals('Taylor, Otwell"\'..-"', stripslashes(str_getcsv('table,column,"Taylor, Otwell\"\\\'..-\"",id_column,foo,"bar"')[2]));
+        $this->assertEquals('id_column', stripslashes(str_getcsv('table,column,"Taylor, Otwell\"\\\'..-\"",id_column,foo,"bar"')[3]));
 
         $rule = new Unique('table', 'column');
         $rule->ignore(null, 'id_column');
         $rule->where('foo', 'bar');
-        $this->assertEquals('unique:table,column,NULL,id_column,foo,bar', (string) $rule);
+        $this->assertEquals('unique:table,column,NULL,id_column,foo,"bar"', (string) $rule);
 
         $model = new EloquentModelStub(['id_column' => 1]);
 
         $rule = new Unique('table', 'column');
         $rule->ignore($model);
         $rule->where('foo', 'bar');
-        $this->assertEquals('unique:table,column,"1",id_column,foo,bar', (string) $rule);
+        $this->assertEquals('unique:table,column,"1",id_column,foo,"bar"', (string) $rule);
 
         $rule = new Unique('table', 'column');
         $rule->ignore($model, 'id_column');
         $rule->where('foo', 'bar');
-        $this->assertEquals('unique:table,column,"1",id_column,foo,bar', (string) $rule);
+        $this->assertEquals('unique:table,column,"1",id_column,foo,"bar"', (string) $rule);
+
+        $rule = new Unique('table');
+        $rule->where('foo', '"bar"');
+        $this->assertEquals('unique:table,NULL,NULL,id,foo,"""bar"""', (string) $rule);
     }
 }