From 93221685f131ea689d458bcd78f638fb3d6dfc90 Mon Sep 17 00:00:00 2001
From: David Heinemeier Hansson <david@loudthinking.com>
Date: Sun, 2 Jan 2005 12:45:53 +0000
Subject: [PATCH] Restored bind arity checking #412 [bitsweat]

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@306 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
---
 activerecord/lib/active_record/base.rb | 15 ++++++++-------
 activerecord/test/finder_test.rb       |  6 ++++--
 2 files changed, 12 insertions(+), 9 deletions(-)

diff --git a/activerecord/lib/active_record/base.rb b/activerecord/lib/active_record/base.rb
index e0e7c37d73f7b..63810d3c41653 100755
--- a/activerecord/lib/active_record/base.rb
+++ b/activerecord/lib/active_record/base.rb
@@ -681,18 +681,13 @@ def sanitize_sql(ary)
         alias_method :sanitize_conditions, :sanitize_sql
 
         def replace_bind_variables(statement, values)
-          expected_number_of_variables = statement.count('?')
-          provided_number_of_variables = values.size
-
-          unless expected_number_of_variables == provided_number_of_variables
-            raise PreparedStatementInvalid, "wrong number of bind variables (#{provided_number_of_variables} for #{expected_number_of_variables}) in: #{statement}"
-          end
-
+          raise_if_bind_arity_mismatch(statement, statement.count('?'), values.size)
           bound = values.dup
           statement.gsub('?') { connection.quote(bound.shift) }
         end
 
         def replace_named_bind_variables(statement, bind_vars)
+          raise_if_bind_arity_mismatch(statement, statement.scan(/:(\w+)/).uniq.size, bind_vars.size)
           statement.gsub(/:(\w+)/) do
             match = $1.to_sym
             if bind_vars.has_key?(match)
@@ -703,6 +698,12 @@ def replace_named_bind_variables(statement, bind_vars)
           end
         end
 
+        def raise_if_bind_arity_mismatch(statement, expected, provided)
+          unless expected == provided
+            raise PreparedStatementInvalid, "wrong number of bind variables (#{provided} for #{expected}) in: #{statement}"
+          end
+        end
+
         def extract_options_from_args!(args)
           if args.last.is_a?(Hash) then args.pop else {} end
         end
diff --git a/activerecord/test/finder_test.rb b/activerecord/test/finder_test.rb
index 93b0d06f4ee51..74ea11c9443c3 100755
--- a/activerecord/test/finder_test.rb
+++ b/activerecord/test/finder_test.rb
@@ -143,10 +143,12 @@ def test_named_bind_variables
 
   def test_named_bind_arity
     assert_nothing_raised { bind '', {} }
-    assert_nothing_raised { bind '', :a => 1 }
+    assert_raises(ActiveRecord::PreparedStatementInvalid) { bind '', :a => 1 }
     assert_raises(ActiveRecord::PreparedStatementInvalid) { bind ':a', {} } # ' ruby-mode
     assert_nothing_raised { bind ':a', :a => 1 } # ' ruby-mode
-    assert_nothing_raised { bind ':a', :a => 1, :b => 2 } # ' ruby-mode
+    assert_raises(ActiveRecord::PreparedStatementInvalid) { bind ':a', :a => 1, :b => 2 } # ' ruby-mode
+    assert_nothing_raised { bind ':a :a', :a => 1 } # ' ruby-mode
+    assert_raises(ActiveRecord::PreparedStatementInvalid) { bind ':a :a', :a => 1, :b => 2 } # ' ruby-mode
   end
 	
   def test_string_sanitation