Restored bind arity checking #412 [bitsweat]

git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@306 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
rails · Jan 2, 2005 · 9322168 · 9322168
1 parent 6bd672e
commit 9322168
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 9 deletions.
diff --git a/activerecord/lib/active_record/base.rb b/activerecord/lib/active_record/base.rb
@@ -681,18 +681,13 @@ def sanitize_sql(ary)
         alias_method :sanitize_conditions, :sanitize_sql
 
         def replace_bind_variables(statement, values)
-          expected_number_of_variables = statement.count('?')
-          provided_number_of_variables = values.size
-
-          unless expected_number_of_variables == provided_number_of_variables
-            raise PreparedStatementInvalid, "wrong number of bind variables (#{provided_number_of_variables} for #{expected_number_of_variables}) in: #{statement}"
-          end
-
+          raise_if_bind_arity_mismatch(statement, statement.count('?'), values.size)
           bound = values.dup
           statement.gsub('?') { connection.quote(bound.shift) }
         end
 
         def replace_named_bind_variables(statement, bind_vars)
+          raise_if_bind_arity_mismatch(statement, statement.scan(/:(\w+)/).uniq.size, bind_vars.size)
           statement.gsub(/:(\w+)/) do
             match = $1.to_sym
             if bind_vars.has_key?(match)
@@ -703,6 +698,12 @@ def replace_named_bind_variables(statement, bind_vars)
           end
         end
 
+        def raise_if_bind_arity_mismatch(statement, expected, provided)
+          unless expected == provided
+            raise PreparedStatementInvalid, "wrong number of bind variables (#{provided} for #{expected}) in: #{statement}"
+          end
+        end
+
         def extract_options_from_args!(args)
           if args.last.is_a?(Hash) then args.pop else {} end
         end

diff --git a/activerecord/test/finder_test.rb b/activerecord/test/finder_test.rb
@@ -143,10 +143,12 @@ def test_named_bind_variables
 
   def test_named_bind_arity
     assert_nothing_raised { bind '', {} }
-    assert_nothing_raised { bind '', :a => 1 }
+    assert_raises(ActiveRecord::PreparedStatementInvalid) { bind '', :a => 1 }
     assert_raises(ActiveRecord::PreparedStatementInvalid) { bind ':a', {} } # ' ruby-mode
     assert_nothing_raised { bind ':a', :a => 1 } # ' ruby-mode
-    assert_nothing_raised { bind ':a', :a => 1, :b => 2 } # ' ruby-mode
+    assert_raises(ActiveRecord::PreparedStatementInvalid) { bind ':a', :a => 1, :b => 2 } # ' ruby-mode
+    assert_nothing_raised { bind ':a :a', :a => 1 } # ' ruby-mode
+    assert_raises(ActiveRecord::PreparedStatementInvalid) { bind ':a :a', :a => 1, :b => 2 } # ' ruby-mode
   end
 
   def test_string_sanitation