diff options
author | godzilla80@gmx.net <> | 2010-02-20 09:18:40 +0000 |
---|---|---|
committer | godzilla80@gmx.net <> | 2010-02-20 09:18:40 +0000 |
commit | a1d65f3737980658e9a5dd12165860e35e435941 (patch) | |
tree | c9b3afc8d9ba9708e1cb16741d422ece27827753 /tests/unit/Data | |
parent | c625202466d9677f4005905f73b00c2941e1f6da (diff) |
Fixed Issue 209 - SqlMap doesn't escape inline params properly
Diffstat (limited to 'tests/unit/Data')
-rw-r--r-- | tests/unit/Data/SqlMap/DynamicParameterTest.php | 19 | ||||
-rw-r--r-- | tests/unit/Data/SqlMap/DynamicParameterTestMap.xml | 6 |
2 files changed, 25 insertions, 0 deletions
diff --git a/tests/unit/Data/SqlMap/DynamicParameterTest.php b/tests/unit/Data/SqlMap/DynamicParameterTest.php index ec37f4e0..f9b39b96 100644 --- a/tests/unit/Data/SqlMap/DynamicParameterTest.php +++ b/tests/unit/Data/SqlMap/DynamicParameterTest.php @@ -15,6 +15,9 @@ class DynamicParameterTest extends PHPUnit_Framework_TestCase static $conn;
static $sqlMapManager;
+ if(Prado::getApplication() === null)
+ Prado::setApplication(new TApplication(dirname(__FILE__).'/app'));
+
if($conn === null)
$conn = new TDbConnection('mysql:host=localhost;dbname=prado_system_data_sqlmap', 'prado_unitest', 'prado_system_data_sqlmap_unitest');
@@ -85,6 +88,22 @@ class DynamicParameterTest extends PHPUnit_Framework_TestCase self::assertEquals('staticsql1', $value);
}
+ /**
+ * Issue#209 test
+ */
+ public function testMysqlInlineEscapeParam()
+ {
+ $mapper = $this->getMysqlSqlMapManager();
+ $gateway = $mapper->getSqlmapGateway();
+
+ $value = $gateway->queryForObject('SelectInlineEscapeParam', "'1234567*123$456789$012345' AS foobar");
+ self::assertEquals('1234567*123$456789$012345', $value);
+
+ $value = $gateway->queryForObject('SelectInlineEscapeParam', '"1234567*123$456789$012345" AS foobar');
+ self::assertEquals('1234567*123$456789$012345', $value);
+
+ }
+
}
?>
\ No newline at end of file diff --git a/tests/unit/Data/SqlMap/DynamicParameterTestMap.xml b/tests/unit/Data/SqlMap/DynamicParameterTestMap.xml index 65a91154..29670578 100644 --- a/tests/unit/Data/SqlMap/DynamicParameterTestMap.xml +++ b/tests/unit/Data/SqlMap/DynamicParameterTestMap.xml @@ -1,5 +1,6 @@ <?xml version="1.0" encoding="UTF-8" ?>
<sqlMap namespace="DynamicParameterTestMap">
+
<select id="SelectStaticSql1" resultClass="string">
<![CDATA[
SELECT `teststring` FROM `dynamicparametertest1` WHERE `testname`="staticsql"
@@ -30,4 +31,9 @@ ]]>
</select>
+ <select id="SelectInlineEscapeParam" parameterClass="string" resultClass="string">
+ <![CDATA[
+ SELECT $value$
+ ]]>
+ </select>
</sqlMap>
\ No newline at end of file |