Nemcio/Redmine
1
0
Fork 0
mirror of https://github.com/redmine/redmine.git synced 2025-11-15 09:46:02 +01:00
Code Issues Packages Projects Releases Activity

Use sanitize_sql_like in Query#sql_contains (#35073).

Browse Source 
Patch by Jens Krämer.

git-svn-id: http://svn.redmine.org/redmine/trunk@21232 e93f8b46-1217-0410-a6f0-8f06a7374b81
This commit is contained in:
Marius Balteanu
2021-10-03 19:45:20 +00:00
parent 05e9d7883b
commit 0ec96f52f3
2 changed files with 16 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
test/unit/query_test.rb
View File

@@ -2811,4 +2811,19 @@ class QueryTest < ActiveSupport::TestCase
end
end
end
def test_sql_contains_should_escape_value
i = Issue.generate! subject: 'Sanitize test'
query = IssueQuery.new(:project => nil, :name => '_')
query.add_filter('subject', '~', ['te%t'])
assert_equal 0, query.issue_count
i.update_column :subject, 'Sanitize te%t'
assert_equal 1, query.issue_count
i.update_column :subject, 'Sanitize te_t'
query = IssueQuery.new(:project => nil, :name => '_')
query.add_filter('subject', '~', ['te_t'])
assert_equal 1, query.issue_count
end
end