From 77f6b404fac599a01511e8d96002af001b0042f5 Mon Sep 17 00:00:00 2001 From: Jean-Philippe Lang Date: Thu, 3 Jan 2013 13:33:16 +0000 Subject: Make sure we don't cast an empty string to numeric (#12713). SQLServer evaluates the CAST condition even if the <> '' condition is false. git-svn-id: svn+ssh://rubyforge.org/var/svn/redmine/trunk@11103 e93f8b46-1217-0410-a6f0-8f06a7374b81 --- app/models/custom_field.rb | 4 ++-- app/models/query.rb | 10 +++++----- 2 files changed, 7 insertions(+), 7 deletions(-) (limited to 'app/models') diff --git a/app/models/custom_field.rb b/app/models/custom_field.rb index a9c42d4bb..c5a1ca6ef 100644 --- a/app/models/custom_field.rb +++ b/app/models/custom_field.rb @@ -185,7 +185,7 @@ class CustomField < ActiveRecord::Base # Make the database cast values into numeric # Postgresql will raise an error if a value can not be casted! # CustomValue validations should ensure that it doesn't occur - "CAST(#{join_alias}.value AS decimal(30,3))" + "CAST(CASE #{join_alias}.value WHEN '' THEN '0' ELSE #{join_alias}.value END AS decimal(30,3))" when 'user', 'version' value_class.fields_for_order_statement(value_join_alias) else @@ -220,7 +220,7 @@ class CustomField < ActiveRecord::Base " AND #{join_alias}_2.customized_id = #{join_alias}.customized_id" + " AND #{join_alias}_2.custom_field_id = #{join_alias}.custom_field_id)" + " LEFT OUTER JOIN #{value_class.table_name} #{value_join_alias}" + - " ON CAST(#{join_alias}.value as decimal(30,0)) = #{value_join_alias}.id" + " ON CAST(CASE #{join_alias}.value WHEN '' THEN '0' ELSE #{join_alias}.value END AS decimal(30,0)) = #{value_join_alias}.id" when 'int', 'float' "LEFT OUTER JOIN #{CustomValue.table_name} #{join_alias}" + " ON #{join_alias}.customized_type = '#{self.class.customized_class.base_class.name}'" + diff --git a/app/models/query.rb b/app/models/query.rb index e4be380bf..702236645 100644 --- a/app/models/query.rb +++ b/app/models/query.rb @@ -532,13 +532,13 @@ class Query < ActiveRecord::Base sql = date_clause(db_table, db_field, (Date.parse(value.first) rescue nil), (Date.parse(value.first) rescue nil)) when :integer if is_custom_filter - sql = "(#{db_table}.#{db_field} <> '' AND CAST(#{db_table}.#{db_field} AS decimal(30,3)) = #{value.first.to_i})" + sql = "(#{db_table}.#{db_field} <> '' AND CAST(CASE #{db_table}.#{db_field} WHEN '' THEN '0' ELSE #{db_table}.#{db_field} END AS decimal(30,3)) = #{value.first.to_i})" else sql = "#{db_table}.#{db_field} = #{value.first.to_i}" end when :float if is_custom_filter - sql = "(#{db_table}.#{db_field} <> '' AND CAST(#{db_table}.#{db_field} AS decimal(30,3)) BETWEEN #{value.first.to_f - 1e-5} AND #{value.first.to_f + 1e-5})" + sql = "(#{db_table}.#{db_field} <> '' AND CAST(CASE #{db_table}.#{db_field} WHEN '' THEN '0' ELSE #{db_table}.#{db_field} END AS decimal(30,3)) BETWEEN #{value.first.to_f - 1e-5} AND #{value.first.to_f + 1e-5})" else sql = "#{db_table}.#{db_field} BETWEEN #{value.first.to_f - 1e-5} AND #{value.first.to_f + 1e-5}" end @@ -567,7 +567,7 @@ class Query < ActiveRecord::Base sql = date_clause(db_table, db_field, (Date.parse(value.first) rescue nil), nil) else if is_custom_filter - sql = "(#{db_table}.#{db_field} <> '' AND CAST(#{db_table}.#{db_field} AS decimal(30,3)) >= #{value.first.to_f})" + sql = "(#{db_table}.#{db_field} <> '' AND CAST(CASE #{db_table}.#{db_field} WHEN '' THEN '0' ELSE #{db_table}.#{db_field} END AS decimal(30,3)) >= #{value.first.to_f})" else sql = "#{db_table}.#{db_field} >= #{value.first.to_f}" end @@ -577,7 +577,7 @@ class Query < ActiveRecord::Base sql = date_clause(db_table, db_field, nil, (Date.parse(value.first) rescue nil)) else if is_custom_filter - sql = "(#{db_table}.#{db_field} <> '' AND CAST(#{db_table}.#{db_field} AS decimal(30,3)) <= #{value.first.to_f})" + sql = "(#{db_table}.#{db_field} <> '' AND CAST(CASE #{db_table}.#{db_field} WHEN '' THEN '0' ELSE #{db_table}.#{db_field} END AS decimal(30,3)) <= #{value.first.to_f})" else sql = "#{db_table}.#{db_field} <= #{value.first.to_f}" end @@ -587,7 +587,7 @@ class Query < ActiveRecord::Base sql = date_clause(db_table, db_field, (Date.parse(value[0]) rescue nil), (Date.parse(value[1]) rescue nil)) else if is_custom_filter - sql = "(#{db_table}.#{db_field} <> '' AND CAST(#{db_table}.#{db_field} AS decimal(30,3)) BETWEEN #{value[0].to_f} AND #{value[1].to_f})" + sql = "(#{db_table}.#{db_field} <> '' AND CAST(CASE #{db_table}.#{db_field} WHEN '' THEN '0' ELSE #{db_table}.#{db_field} END AS decimal(30,3)) BETWEEN #{value[0].to_f} AND #{value[1].to_f})" else sql = "#{db_table}.#{db_field} BETWEEN #{value[0].to_f} AND #{value[1].to_f}" end -- cgit v1.2.3