Skip to content

Commit

Permalink
Merge pull request #21758 from yui-knk/fix_sanitize_test_example
Browse files Browse the repository at this point in the history 
Quote prepared statements of `sanitize_sql_array`
  • Loading branch information
@eileencodes
eileencodes committed Sep 25, 2015
2 parents 2b41959 + 14d2652 commit 73eec7a
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions activerecord/test/cases/sanitize_test.rb
View file
Expand Up @@ -9,11 +9,11 @@ def setup

def test_sanitize_sql_array_handles_string_interpolation
quoted_bambi = ActiveRecord::Base.connection.quote_string("Bambi")
assert_equal "name=#{quoted_bambi}", Binary.send(:sanitize_sql_array, ["name=%s", "Bambi"])
assert_equal "name=#{quoted_bambi}", Binary.send(:sanitize_sql_array, ["name=%s", "Bambi".mb_chars])
assert_equal "name='#{quoted_bambi}'", Binary.send(:sanitize_sql_array, ["name='%s'", "Bambi"])
assert_equal "name='#{quoted_bambi}'", Binary.send(:sanitize_sql_array, ["name='%s'", "Bambi".mb_chars])
quoted_bambi_and_thumper = ActiveRecord::Base.connection.quote_string("Bambi\nand\nThumper")
assert_equal "name=#{quoted_bambi_and_thumper}",Binary.send(:sanitize_sql_array, ["name=%s", "Bambi\nand\nThumper"])
assert_equal "name=#{quoted_bambi_and_thumper}",Binary.send(:sanitize_sql_array, ["name=%s", "Bambi\nand\nThumper".mb_chars])
assert_equal "name='#{quoted_bambi_and_thumper}'",Binary.send(:sanitize_sql_array, ["name='%s'", "Bambi\nand\nThumper"])
assert_equal "name='#{quoted_bambi_and_thumper}'",Binary.send(:sanitize_sql_array, ["name='%s'", "Bambi\nand\nThumper".mb_chars])
end

def test_sanitize_sql_array_handles_bind_variables
Expand Down

0 comments on commit 73eec7a

Please sign in to comment.