From 3e2832366755a2964bc8ee1857d1c30cb4e5f01e Mon Sep 17 00:00:00 2001 From: nate Date: Fri, 18 Apr 2008 05:39:54 +0000 Subject: [PATCH] Fixing conditions quoting in DboSource::conditionKeysToString(), closes #4368 git-svn-id: https://svn.cakephp.org/repo/branches/1.2.x.x@6691 3807eeeb-6ff5-0310-8944-8be069107fe0 --- cake/libs/model/datasources/dbo_source.php | 13 ++++++++++--- .../libs/model/datasources/dbo_source.test.php | 18 +++++++++++++++++- 2 files changed, 27 insertions(+), 4 deletions(-) diff --git a/cake/libs/model/datasources/dbo_source.php b/cake/libs/model/datasources/dbo_source.php index 7d938f8e6..e5cfb1897 100644 --- a/cake/libs/model/datasources/dbo_source.php +++ b/cake/libs/model/datasources/dbo_source.php @@ -1704,6 +1704,7 @@ class DboSource extends DataSource { $not = false; $mValue = trim($match['1']); + if (empty($match['1'])) { $match['1'] = ' = '; } elseif (empty($mValue)) { @@ -1722,10 +1723,16 @@ class DboSource extends DataSource { $match['2'] = str_replace('-!', '', $match['2']); $data = $this->name($key) . ' ' . $match['1'] . ' ' . $match['2']; } else { + $op = substr(trim($match[1]), 0, 1); + if (!empty($match['2']) && $quoteValues) { - $match['2'] = $this->value($match['2']); - if (preg_match('/^(?:' . join('\\x20)|(?:', $this->__sqlOps) . '\\x20)/i', $match['1'])) { - $match['2'] = str_replace(' AND ', "' AND '", $match['2']); + if (!in_array($op, str_split('!=<>')) && !in_array(strtolower(trim($match[1])), $this->__sqlOps)) { + $match['1'] = ' = '; + $match['2'] = $this->value($match['0']); + } elseif (preg_match('/^(?:' . join('\\x20)|(?:', $this->__sqlOps) . '\\x20)/i', $match['1'])) { + $match['2'] = str_replace(' AND ', "' AND '", $this->value($match['2'])); + } else { + $match['2'] = $this->value($match['2']); } } $data = $this->__quoteFields($key); diff --git a/cake/tests/cases/libs/model/datasources/dbo_source.test.php b/cake/tests/cases/libs/model/datasources/dbo_source.test.php index 81ab0f98d..8ab0ba084 100644 --- a/cake/tests/cases/libs/model/datasources/dbo_source.test.php +++ b/cake/tests/cases/libs/model/datasources/dbo_source.test.php @@ -32,6 +32,7 @@ if (!defined('CAKEPHP_UNIT_TEST_EXECUTION')) { uses('model'.DS.'model', 'model'.DS.'datasources'.DS.'datasource', 'model'.DS.'datasources'.DS.'dbo_source', 'model'.DS.'datasources'.DS.'dbo'.DS.'dbo_mysql'); + /** * Short description for class. * @@ -593,6 +594,7 @@ class DboTest extends DboMysql { * @subpackage cake.tests.cases.libs.model.datasources */ class DboSourceTest extends CakeTestCase { + var $debug = null; function setUp() { @@ -1711,6 +1713,21 @@ class DboSourceTest extends CakeTestCase { $result = $this->db->conditions($conditions); $expected = " WHERE `id` IN (2, 5, 6, 9, 12, 45, 78, 43, 76) "; $this->assertEqual($result, $expected); + + $conditions = array('title' => 'user(s)'); + $result = $this->db->conditions($conditions); + $expected = " WHERE `title` = 'user(s)'"; + $this->assertEqual($result, $expected); + + $conditions = array('title' => 'user(s) data'); + $result = $this->db->conditions($conditions); + $expected = " WHERE `title` = 'user(s) data'"; + $this->assertEqual($result, $expected); + + $conditions = array('title' => 'user(s,arg) data'); + $result = $this->db->conditions($conditions); + $expected = " WHERE `title` = 'user(s,arg) data'"; + $this->assertEqual($result, $expected); } function testMixedConditionsParsing() { @@ -2175,7 +2192,6 @@ class DboSourceTest extends CakeTestCase { $result = $this->db->calculate($this->Model, 'max', array('`Model`.`id`', 'id')); $this->assertEqual($result, 'MAX(`Model`.`id`) AS `id`'); } - } ?> \ No newline at end of file