Changeset 589

Show
Ignore:
Timestamp:
09/28/07 11:02:31 (1 year ago)
Author:
laurentj
Message:

fixed bug #282 jDao : quote in content of selectpattern was not escaped. p=Bastien Jaillot

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • branches/1.0beta3.x/lib/jelix/CREDITS

    r537 r589  
    4848 - updated JSON class (#231) 
    4949 
     50Bastien Jaillot (aka bastnic) 
     51 - bug fix in jDaoGenerator (#282) 
     52 
    5053Nicolas Jeudy (aka njeudy) 
    5154 - auth driver: jAuthDriverLDS (pour les annuaires ldap LDS) 

  • branches/1.0beta3.x/lib/jelix/CREDITS

    r537 r589  
    4848 - updated JSON class (#231) 
    4949 
     50Bastien Jaillot (aka bastnic) 
     51 - bug fix in jDaoGenerator (#282) 
     52 
    5053Nicolas Jeudy (aka njeudy) 
    5154 - auth driver: jAuthDriverLDS (pour les annuaires ldap LDS) 

  • branches/1.0beta3.x/lib/jelix/dao/jDaoGenerator.class.php

    r587 r589  
    55* @author     Croes Gérald, Laurent Jouanneau 
    66* @contributor Laurent Jouanneau 
     7* @contributor Bastien Jaillot (bug fix) 
    78* @copyright  2001-2005 CopixTeam, 2005-2006 Laurent Jouanneau 
    89* This class was get originally from the Copix project (CopixDAOGeneratorV1, Copix 2.3dev20050901, http://www.copix.org) 
     
    448449               //in oracle we must escape name 
    449450               if ($this->_dbtype == 'oci8') { 
    450                   $field = sprintf ($prop->selectPattern, $table.$this->_encloseName($prop->fieldName)).' "'.$prop->name.'"'; 
     451                  $field = sprintf (str_replace("'","\\'",$prop->selectPattern), $table.$this->_encloseName($prop->fieldName)).' "'.$prop->name.'"'; 
    451452               }else{ 
    452                   $field = sprintf ($prop->selectPattern, $table.$this->_encloseName($prop->fieldName)).' as '.$this->_encloseName($prop->name); 
     453                  $field = sprintf (str_replace("'","\\'",$prop->selectPattern), $table.$this->_encloseName($prop->fieldName)).' as '.$this->_encloseName($prop->name); 
    453454               } 
    454455            } 

  • branches/1.0beta3.x/lib/jelix/dao/jDaoGenerator.class.php

    r587 r589  
    55* @author     Croes Gérald, Laurent Jouanneau 
    66* @contributor Laurent Jouanneau 
     7* @contributor Bastien Jaillot (bug fix) 
    78* @copyright  2001-2005 CopixTeam, 2005-2006 Laurent Jouanneau 
    89* This class was get originally from the Copix project (CopixDAOGeneratorV1, Copix 2.3dev20050901, http://www.copix.org) 
     
    448449               //in oracle we must escape name 
    449450               if ($this->_dbtype == 'oci8') { 
    450                   $field = sprintf ($prop->selectPattern, $table.$this->_encloseName($prop->fieldName)).' "'.$prop->name.'"'; 
     451                  $field = sprintf (str_replace("'","\\'",$prop->selectPattern), $table.$this->_encloseName($prop->fieldName)).' "'.$prop->name.'"'; 
    451452               }else{ 
    452                   $field = sprintf ($prop->selectPattern, $table.$this->_encloseName($prop->fieldName)).' as '.$this->_encloseName($prop->name); 
     453                  $field = sprintf (str_replace("'","\\'",$prop->selectPattern), $table.$this->_encloseName($prop->fieldName)).' as '.$this->_encloseName($prop->name); 
    453454               } 
    454455            } 

  • branches/1.0beta3.x/testapp/modules/jelix_tests/tests/jdao.generator_select.html.php

    r576 r589  
    147147        $this->assertEqualOrDiff('SELECT `product_test`.`id`, TOUPPER(name) as `name`, `product_test`.`price`',$result); 
    148148 
     149 
     150        $doc ='<?xml version="1.0"?> 
     151<dao xmlns="http://jelix.org/ns/dao/1.0"> 
     152   <datasources> 
     153      <primarytable name="product_test" primarykey="id" /> 
     154   </datasources> 
     155   <record> 
     156      <property name="id"   fieldname="id" datatype="autoincrement"/> 
     157      <property name="name" fieldname="name" datatype="string"  required="true" selectpattern="CONCAT(name,\' \',price)"/> 
     158      <property name="price" fieldname="price" datatype="float"/> 
     159   </record> 
     160</dao>'; 
     161        $parser = new jDaoParser (); 
     162        $parser->parse(simplexml_load_string($doc)); 
     163 
     164        $generator= new testDaoGenerator2('cDao_foo_Jx_bar_Jx_mysql', 'cDaoRecord_foo_Jx_bar_Jx_mysql', $parser); 
     165        $result = $generator->GetSelectClause(); 
     166        $this->assertEqualOrDiff('SELECT `product_test`.`id`, CONCAT(name,\\\' \\\',price) as `name`, `product_test`.`price`',$result); 
     167 
    149168    } 
    150169} 

  • branches/1.0beta3.x/testapp/modules/jelix_tests/tests/jdao.generator_select.html.php

    r576 r589  
    147147        $this->assertEqualOrDiff('SELECT `product_test`.`id`, TOUPPER(name) as `name`, `product_test`.`price`',$result); 
    148148 
     149 
     150        $doc ='<?xml version="1.0"?> 
     151<dao xmlns="http://jelix.org/ns/dao/1.0"> 
     152   <datasources> 
     153      <primarytable name="product_test" primarykey="id" /> 
     154   </datasources> 
     155   <record> 
     156      <property name="id"   fieldname="id" datatype="autoincrement"/> 
     157      <property name="name" fieldname="name" datatype="string"  required="true" selectpattern="CONCAT(name,\' \',price)"/> 
     158      <property name="price" fieldname="price" datatype="float"/> 
     159   </record> 
     160</dao>'; 
     161        $parser = new jDaoParser (); 
     162        $parser->parse(simplexml_load_string($doc)); 
     163 
     164        $generator= new testDaoGenerator2('cDao_foo_Jx_bar_Jx_mysql', 'cDaoRecord_foo_Jx_bar_Jx_mysql', $parser); 
     165        $result = $generator->GetSelectClause(); 
     166        $this->assertEqualOrDiff('SELECT `product_test`.`id`, CONCAT(name,\\\' \\\',price) as `name`, `product_test`.`price`',$result); 
     167 
    149168    } 
    150169} 

  • trunk/lib/jelix/CREDITS

    r537 r589  
    4848 - updated JSON class (#231) 
    4949 
     50Bastien Jaillot (aka bastnic) 
     51 - bug fix in jDaoGenerator (#282) 
     52 
    5053Nicolas Jeudy (aka njeudy) 
    5154 - auth driver: jAuthDriverLDS (pour les annuaires ldap LDS) 

  • trunk/lib/jelix/CREDITS

    r537 r589  
    4848 - updated JSON class (#231) 
    4949 
     50Bastien Jaillot (aka bastnic) 
     51 - bug fix in jDaoGenerator (#282) 
     52 
    5053Nicolas Jeudy (aka njeudy) 
    5154 - auth driver: jAuthDriverLDS (pour les annuaires ldap LDS) 

  • trunk/lib/jelix/dao/jDaoGenerator.class.php

    r582 r589  
    55* @author     Croes Gérald, Laurent Jouanneau 
    66* @contributor Laurent Jouanneau 
     7* @contributor Bastien Jaillot (bug fix) 
    78* @copyright  2001-2005 CopixTeam, 2005-2006 Laurent Jouanneau 
    89* This class was get originally from the Copix project (CopixDAOGeneratorV1, Copix 2.3dev20050901, http://www.copix.org) 
     
    448449               //in oracle we must escape name 
    449450               if ($this->_dbtype == 'oci8') { 
    450                   $field = sprintf ($prop->selectPattern, $table.$this->_encloseName($prop->fieldName)).' "'.$prop->name.'"'; 
     451                  $field = sprintf (str_replace("'","\\'",$prop->selectPattern), $table.$this->_encloseName($prop->fieldName)).' "'.$prop->name.'"'; 
    451452               }else{ 
    452                   $field = sprintf ($prop->selectPattern, $table.$this->_encloseName($prop->fieldName)).' as '.$this->_encloseName($prop->name); 
     453                  $field = sprintf (str_replace("'","\\'",$prop->selectPattern), $table.$this->_encloseName($prop->fieldName)).' as '.$this->_encloseName($prop->name); 
    453454               } 
    454455            } 

  • trunk/lib/jelix/dao/jDaoGenerator.class.php

    r582 r589  
    55* @author     Croes Gérald, Laurent Jouanneau 
    66* @contributor Laurent Jouanneau 
     7* @contributor Bastien Jaillot (bug fix) 
    78* @copyright  2001-2005 CopixTeam, 2005-2006 Laurent Jouanneau 
    89* This class was get originally from the Copix project (CopixDAOGeneratorV1, Copix 2.3dev20050901, http://www.copix.org) 
     
    448449               //in oracle we must escape name 
    449450               if ($this->_dbtype == 'oci8') { 
    450                   $field = sprintf ($prop->selectPattern, $table.$this->_encloseName($prop->fieldName)).' "'.$prop->name.'"'; 
     451                  $field = sprintf (str_replace("'","\\'",$prop->selectPattern), $table.$this->_encloseName($prop->fieldName)).' "'.$prop->name.'"'; 
    451452               }else{ 
    452                   $field = sprintf ($prop->selectPattern, $table.$this->_encloseName($prop->fieldName)).' as '.$this->_encloseName($prop->name); 
     453                  $field = sprintf (str_replace("'","\\'",$prop->selectPattern), $table.$this->_encloseName($prop->fieldName)).' as '.$this->_encloseName($prop->name); 
    453454               } 
    454455            } 

  • trunk/testapp/modules/jelix_tests/tests/jdao.generator_select.html.php

    r576 r589  
    147147        $this->assertEqualOrDiff('SELECT `product_test`.`id`, TOUPPER(name) as `name`, `product_test`.`price`',$result); 
    148148 
     149 
     150        $doc ='<?xml version="1.0"?> 
     151<dao xmlns="http://jelix.org/ns/dao/1.0"> 
     152   <datasources> 
     153      <primarytable name="product_test" primarykey="id" /> 
     154   </datasources> 
     155   <record> 
     156      <property name="id"   fieldname="id" datatype="autoincrement"/> 
     157      <property name="name" fieldname="name" datatype="string"  required="true" selectpattern="CONCAT(name,\' \',price)"/> 
     158      <property name="price" fieldname="price" datatype="float"/> 
     159   </record> 
     160</dao>'; 
     161        $parser = new jDaoParser (); 
     162        $parser->parse(simplexml_load_string($doc)); 
     163 
     164        $generator= new testDaoGenerator2('cDao_foo_Jx_bar_Jx_mysql', 'cDaoRecord_foo_Jx_bar_Jx_mysql', $parser); 
     165        $result = $generator->GetSelectClause(); 
     166        $this->assertEqualOrDiff('SELECT `product_test`.`id`, CONCAT(name,\\\' \\\',price) as `name`, `product_test`.`price`',$result); 
     167 
    149168    } 
    150169} 

  • trunk/testapp/modules/jelix_tests/tests/jdao.generator_select.html.php

    r576 r589  
    147147        $this->assertEqualOrDiff('SELECT `product_test`.`id`, TOUPPER(name) as `name`, `product_test`.`price`',$result); 
    148148 
     149 
     150        $doc ='<?xml version="1.0"?> 
     151<dao xmlns="http://jelix.org/ns/dao/1.0"> 
     152   <datasources> 
     153      <primarytable name="product_test" primarykey="id" /> 
     154   </datasources> 
     155   <record> 
     156      <property name="id"   fieldname="id" datatype="autoincrement"/> 
     157      <property name="name" fieldname="name" datatype="string"  required="true" selectpattern="CONCAT(name,\' \',price)"/> 
     158      <property name="price" fieldname="price" datatype="float"/> 
     159   </record> 
     160</dao>'; 
     161        $parser = new jDaoParser (); 
     162        $parser->parse(simplexml_load_string($doc)); 
     163 
     164        $generator= new testDaoGenerator2('cDao_foo_Jx_bar_Jx_mysql', 'cDaoRecord_foo_Jx_bar_Jx_mysql', $parser); 
     165        $result = $generator->GetSelectClause(); 
     166        $this->assertEqualOrDiff('SELECT `product_test`.`id`, CONCAT(name,\\\' \\\',price) as `name`, `product_test`.`price`',$result); 
     167 
    149168    } 
    150169} 
Download in other formats: Unified Diff Zip Archive