Skip to content
Browse files

Revert "Merge pull request #9210 from dylanahsmith/3-0-mysql-quote-nu…

…meric"

This reverts commit 663c9a6, reversing
changes made to 10513d2.
  • Loading branch information...
1 parent f2839f1 commit 9fdd56c51580a01a6f29579f8f9338f47052ac79 @steveklabnik steveklabnik committed Feb 27, 2013
View
13 activerecord/CHANGELOG
@@ -1,15 +1,18 @@
-## Rails 3.0.21 (unreleased)
+## unreleased ##
+
+* Revert 'quote numeric values being compared to non-numeric columns.' This
+ caused a bunch of regressions.
+
+## Rails 3.0.21
* Quote numeric values being compared to non-numeric columns. Otherwise,
- in some database, the string column values will be coerced to a numeric
- allowing 0, 0.0 or false to match any string starting with a non-digit.
+ in some database, the string column values will be coerced to a numeric
+ allowing 0, 0.0 or false to match any string starting with a non-digit.
Example:
App.where(apikey: 0) # => SELECT * FROM users WHERE apikey = '0'
-## Rails 3.0.20 (Jan 28, 2013)
-
## Rails 3.0.19 (Jan 8, 2013)
* Fix querying with an empty hash *Damien Mathieu* [CVE-2013-0155]
View
20 activerecord/lib/active_record/connection_adapters/abstract/quoting.rb
@@ -21,21 +21,11 @@ def quote(value, column = nil)
"'#{quote_string(value)}'" # ' (for ruby-mode)
end
when NilClass then "NULL"
- when TrueClass, FalseClass
- if column && column.type == :integer
- value ? '1' : '0'
- elsif column && [:text, :string, :binary].include?(column.type)
- value ? "'1'" : "'0'"
- else
- value ? quoted_true : quoted_false
- end
- when Numeric, ActiveSupport::Duration
- # BigDecimals need to be output in a non-normalized form and quoted.
- value = BigDecimal === value ? value.to_s('F') : value.to_s
- if column && ![:integer, :float, :decimal].include?(column.type)
- value = "'#{value}'"
- end
- value
+ when TrueClass then (column && column.type == :integer ? '1' : quoted_true)
+ when FalseClass then (column && column.type == :integer ? '0' : quoted_false)
+ when Float, Fixnum, Bignum then value.to_s
+ # BigDecimals need to be output in a non-normalized form and quoted.
+ when BigDecimal then value.to_s('F')
when Symbol then "'#{quote_string(value.to_s)}'"
else
if value.acts_like?(:date) || value.acts_like?(:time)
View
2 activerecord/lib/active_record/connection_adapters/mysql_adapter.rb
@@ -191,6 +191,8 @@ def quote(value, column = nil)
if value.kind_of?(String) && column && column.type == :binary && column.class.respond_to?(:string_to_binary)
s = column.class.string_to_binary(value).unpack("H*")[0]
"x'#{s}'"
+ elsif value.kind_of?(BigDecimal)
+ value.to_s("F")
else
super
end
View
3 activerecord/lib/active_record/relation/predicate_builder.rb
@@ -40,9 +40,6 @@ def build_from_hash(attributes, default_table, allow_table_name = true)
when Class
# FIXME: I think we need to deprecate this behavior
attribute.eq(value.name)
- when Integer, ActiveSupport::Duration
- # Arel treats integers as literals, but they should be quoted when compared with strings
- attribute.eq(Arel::Nodes::SqlLiteral.new(@engine.connection.quote(value, attribute.column)))
else
attribute.eq(value)
end
View
25 activerecord/test/cases/relation/where_test.rb
@@ -35,30 +35,5 @@ def test_where_with_table_name_and_empty_array
def test_where_with_empty_hash_and_no_foreign_key
assert_equal 0, Edge.where(:sink => {}).count
end
-
- def test_where_with_integer_for_string_column
- count = Post.where(:title => 0).count
- assert_equal 0, count
- end
-
- def test_where_with_float_for_string_column
- count = Post.where(:title => 0.0).count
- assert_equal 0, count
- end
-
- def test_where_with_boolean_for_string_column
- count = Post.where(:title => false).count
- assert_equal 0, count
- end
-
- def test_where_with_decimal_for_string_column
- count = Post.where(:title => BigDecimal.new('0')).count
- assert_equal 0, count
- end
-
- def test_where_with_duration_for_string_column
- count = Post.where(:title => 0.seconds).count
- assert_equal 0, count
- end
end
end
View
2 activerecord/test/schema/schema.rb
@@ -444,8 +444,6 @@ def create_table(*args, &block)
create_table :price_estimates, :force => true do |t|
t.string :estimate_of_type
t.integer :estimate_of_id
- t.string :thing_type
- t.integer :thing_id
t.integer :price
end

0 comments on commit 9fdd56c

Please sign in to comment.
Something went wrong with that request. Please try again.