Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fixed quoting in validates_format_of that would allow some rules to p…

…ass regardless of input #390 [Dmitry V. Sabanin]

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@288 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
  • Loading branch information...
commit 256d3871597079a274aa9685b66e34307ff479b1 1 parent 43f5ab9
@dhh dhh authored
View
2  activerecord/CHANGELOG
@@ -1,5 +1,7 @@
*SVN*
+* Fixed quoting in validates_format_of that would allow some rules to pass regardless of input #390 [Dmitry V. Sabanin]
+
* Fixed broken transactions that were actually only running object-level and not db level transactions [andreas]
* Added Base.default_timezone accessor that determines whether to use Time.local (using :local) or Time.utc (using :utc) when pulling dates
View
2  activerecord/lib/active_record/validations.rb
@@ -240,7 +240,7 @@ def validates_format_of(*attr_names)
raise(ArgumentError, "A regular expression must be supplied as the :with option of the configuration hash") unless configuration[:with].is_a?(Regexp)
for attr_name in attr_names
- class_eval(%(#{validation_method(configuration[:on])} %{errors.add("#{attr_name}", "#{configuration[:message]}") unless #{attr_name} and #{attr_name}.to_s.match(/#{configuration[:with]}/)}))
+ class_eval(%(#{validation_method(configuration[:on])} %{errors.add("#{attr_name}", "#{configuration[:message]}") unless #{attr_name} and #{attr_name}.to_s.match(/#{Regexp.quote(configuration[:with].source)}/)}))
end
end
View
2  activerecord/test/validations_test.rb
@@ -224,7 +224,7 @@ def test_validate_uniqueness_with_scope
end
def test_validate_format
- Topic.validates_format_of(:title, :content, :with => /^Validation macros rule!$/, :message => "is bad data")
+ Topic.validates_format_of(:title, :content, :with => /^Validation\smacros \w+!$/, :message => "is bad data")
t = Topic.create("title" => "i'm incorrect", "content" => "Validation macros rule!")
assert !t.valid?, "Shouldn't be valid"
Please sign in to comment.
Something went wrong with that request. Please try again.