[Erp5-report] r22223 - in /erp5/trunk/products/ZSQLCatalog: SearchKey/ tests/
nobody at svn.erp5.org
nobody at svn.erp5.org
Wed Jul 2 17:56:59 CEST 2008
Author: jerome
Date: Wed Jul 2 17:56:57 2008
New Revision: 22223
URL: http://svn.erp5.org?rev=22223&view=rev
Log:
using ExactMatch could generate invalid SQL
Modified:
erp5/trunk/products/ZSQLCatalog/SearchKey/RawKey.py
erp5/trunk/products/ZSQLCatalog/tests/testZSQLCatalog.py
Modified: erp5/trunk/products/ZSQLCatalog/SearchKey/RawKey.py
URL: http://svn.erp5.org/erp5/trunk/products/ZSQLCatalog/SearchKey/RawKey.py?rev=22223&r1=22222&r2=22223&view=diff
==============================================================================
--- erp5/trunk/products/ZSQLCatalog/SearchKey/RawKey.py (original)
+++ erp5/trunk/products/ZSQLCatalog/SearchKey/RawKey.py Wed Jul 2 17:56:57 2008
@@ -39,8 +39,11 @@
def buildSQLExpression(self, key, value,
format=None, mode=None, range_value=None, stat__=None):
+
if value is not None:
- where_expression = "%s = '%s'" % (key, value)
+ value = self.quoteSQLString(value, format)
+ key = self.quoteSQLKey(key, format)
+ where_expression = "%s = %s" % (key, value)
else:
where_expression = "%s is NULL" % (key)
return where_expression, []
Modified: erp5/trunk/products/ZSQLCatalog/tests/testZSQLCatalog.py
URL: http://svn.erp5.org/erp5/trunk/products/ZSQLCatalog/tests/testZSQLCatalog.py?rev=22223&r1=22222&r2=22223&view=diff
==============================================================================
--- erp5/trunk/products/ZSQLCatalog/tests/testZSQLCatalog.py (original)
+++ erp5/trunk/products/ZSQLCatalog/tests/testZSQLCatalog.py Wed Jul 2 17:56:57 2008
@@ -384,6 +384,13 @@
select_expression_list=[]),
q.asSQLExpression())
+ def testQuotedStringExactMatch(self):
+ q = Query(title='Foo d\'Ba', key='ExactMatch')
+ self.assertEquals(
+ dict(where_expression="title = 'Foo d''Ba'",
+ select_expression_list=[]),
+ q.asSQLExpression())
+
def testQuotedStringFullTextKey(self):
q = Query(title='Foo d\'Ba', type='fulltext')
self.assertEquals(
@@ -391,6 +398,21 @@
select_expression_list=["MATCH title AGAINST ('+Foo +d''Ba' IN BOOLEAN MODE)"
" AS title_relevance"]),
q.asSQLExpression())
+
+ def testQuotedStringListKeywordKey(self):
+ q = Query(title=('Foo d\'Ba',), key='Keyword')
+ self.assertEquals(
+ dict(where_expression="((((title LIKE '%Foo d''Ba%'))))",
+ select_expression_list=[]),
+ q.asSQLExpression())
+
+ def testQuotedStringListExactMatch(self):
+ q = Query(title=('Foo d\'Ba',), key='ExactMatch')
+ self.assertEquals(
+ dict(where_expression="title = 'Foo d''Ba'",
+ select_expression_list=[]),
+ q.asSQLExpression())
+
def testQuotedStringDateKey(self):
q = Query(title='Foo d\'Ba', type='date')
More information about the Erp5-report
mailing list