mirrors
/
redmine
mirror of https://github.com/redmine/redmine.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 199 Wiki Activity
Browse Source

Explicitly specify escape character using an ESCAPE on SQLite (#35073). 

Patch by Go MAEDA.

git-svn-id: http://svn.redmine.org/redmine/trunk@21240 e93f8b46-1217-0410-a6f0-8f06a7374b81
tags/5.0.0
Marius Balteanu 2 years ago
parent
a84efa8046
commit
6cbf1f2015
3 changed files with 8 additions and 6 deletions
Split View Show Diff Stats
  1. 4
    4
      app/models/principal.rb
  2. 1
    1
      app/models/project.rb
  3. 3
    1
      lib/redmine/database.rb

+ 4
- 4
app/models/principal.rb View File

@@ -72,16 +72,16 @@ class Principal < ActiveRecord::Base
where({})
else
pattern = "%#{sanitize_sql_like q}%"
sql = +"LOWER(#{table_name}.login) LIKE LOWER(:p)"
sql << " OR #{table_name}.id IN (SELECT user_id FROM #{EmailAddress.table_name} WHERE LOWER(address) LIKE LOWER(:p))"
params = {:p => pattern}
sql = +"LOWER(#{table_name}.login) LIKE LOWER(:p) ESCAPE :s"
sql << " OR #{table_name}.id IN (SELECT user_id FROM #{EmailAddress.table_name} WHERE LOWER(address) LIKE LOWER(:p) ESCAPE :s)"
params = {:p => pattern, :s => '\\'}

tokens = q.split(/\s+/).reject(&:blank?).map {|token| "%#{sanitize_sql_like token}%"}
if tokens.present?
sql << ' OR ('
sql << tokens.map.with_index do |token, index|
params[:"token_#{index}"] = token
"(LOWER(#{table_name}.firstname) LIKE LOWER(:token_#{index}) OR LOWER(#{table_name}.lastname) LIKE LOWER(:token_#{index}))"
"(LOWER(#{table_name}.firstname) LIKE LOWER(:token_#{index}) ESCAPE :s OR LOWER(#{table_name}.lastname) LIKE LOWER(:token_#{index}) ESCAPE :s)"
end.join(' AND ')
sql << ')'
end

+ 1
- 1
app/models/project.rb View File

@@ -108,7 +108,7 @@ class Project < ActiveRecord::Base
scope :like, (lambda do |arg|
if arg.present?
pattern = "%#{sanitize_sql_like arg.to_s.strip}%"
where("LOWER(identifier) LIKE LOWER(:p) OR LOWER(name) LIKE LOWER(:p)", :p => pattern)
where("LOWER(identifier) LIKE LOWER(:p) ESCAPE :s OR LOWER(name) LIKE LOWER(:p) ESCAPE :s", :p => pattern, :s => '\\')
end
end)
scope :sorted, lambda {order(:lft)}

+ 3
- 1
lib/redmine/database.rb View File

@@ -71,8 +71,10 @@ module Redmine
else
"#{left} #{neg}ILIKE #{right}"
end
else
elsif mysql?
"#{left} #{neg}LIKE #{right}"
else
"#{left} #{neg}LIKE #{right} ESCAPE '\\'"
end
end


Write Preview
Loading…
Cancel
Save