Skip to content
Browse files

Named bind variables can now be used with postgresql-style typecasts

For example :conditions => ['stringcol::integer = :var', { :var => 10 }]
will no longer raise an exception about ':integer' having a missing value.
  • Loading branch information...
1 parent 9855d0b commit 4ecc13b46b11b05c133c663fc1868687130b798f @tarmo tarmo committed with jeremy
Showing with 11 additions and 3 deletions.
  1. +4 −3 activerecord/lib/active_record/base.rb
  2. +7 −0 activerecord/test/cases/finder_test.rb
View
7 activerecord/lib/active_record/base.rb
@@ -2053,9 +2053,10 @@ def replace_bind_variables(statement, values) #:nodoc:
end
def replace_named_bind_variables(statement, bind_vars) #:nodoc:
- statement.gsub(/:([a-zA-Z]\w*)/) do
- match = $1.to_sym
- if bind_vars.include?(match)
+ statement.gsub(/(:?):([a-zA-Z]\w*)/) do
+ if $1 == ':' # skip postgresql casts
+ $& # return the whole match
+ elsif bind_vars.include?(match = $2.to_sym)
quote_bound_value(bind_vars[match])
else
raise PreparedStatementInvalid, "missing value for :#{match} in #{statement}"
View
7 activerecord/test/cases/finder_test.rb
@@ -1,5 +1,6 @@
require "cases/helper"
require 'models/author'
+require 'models/categorization'
require 'models/comment'
require 'models/company'
require 'models/topic'
@@ -394,6 +395,12 @@ def test_bind_record
assert_equal '1,1,1', bind('?', os)
end
+ def test_named_bind_with_postgresql_type_casts
+ l = Proc.new { bind(":a::integer '2009-01-01'::date", :a => '10') }
+ assert_nothing_raised(&l)
+ assert_equal "#{ActiveRecord::Base.quote_value('10')}::integer '2009-01-01'::date", l.call
+ end
+
def test_string_sanitation
assert_not_equal "#{ActiveRecord::Base.connection.quoted_string_prefix}'something ' 1=1'", ActiveRecord::Base.sanitize("something ' 1=1")
assert_equal "#{ActiveRecord::Base.connection.quoted_string_prefix}'something; select table'", ActiveRecord::Base.sanitize("something; select table")

0 comments on commit 4ecc13b

Please sign in to comment.
Something went wrong with that request. Please try again.