From 2d6ecbd762e6eae7b79c10d555baabe667243298 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=A9rome=20Perrin?= <jerome@nexedi.com> Date: Wed, 2 Jul 2008 15:56:57 +0000 Subject: [PATCH] using ExactMatch could generate invalid SQL git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@22223 20353a03-c40f-0410-a6d1-a30d3c3de9de --- product/ZSQLCatalog/SearchKey/RawKey.py | 5 ++++- product/ZSQLCatalog/tests/testZSQLCatalog.py | 22 ++++++++++++++++++++ 2 files changed, 26 insertions(+), 1 deletion(-) diff --git a/product/ZSQLCatalog/SearchKey/RawKey.py b/product/ZSQLCatalog/SearchKey/RawKey.py index 064bf7c4b4..718a352e0e 100644 --- a/product/ZSQLCatalog/SearchKey/RawKey.py +++ b/product/ZSQLCatalog/SearchKey/RawKey.py @@ -39,8 +39,11 @@ class RawKey(SearchKey): def buildSQLExpression(self, key, value, format=None, mode=None, range_value=None, stat__=None): + if value is not None: - where_expression = "%s = '%s'" % (key, value) + value = self.quoteSQLString(value, format) + key = self.quoteSQLKey(key, format) + where_expression = "%s = %s" % (key, value) else: where_expression = "%s is NULL" % (key) return where_expression, [] diff --git a/product/ZSQLCatalog/tests/testZSQLCatalog.py b/product/ZSQLCatalog/tests/testZSQLCatalog.py index bb0bdfd873..d534c8d6cc 100644 --- a/product/ZSQLCatalog/tests/testZSQLCatalog.py +++ b/product/ZSQLCatalog/tests/testZSQLCatalog.py @@ -384,6 +384,13 @@ class TestQuery(unittest.TestCase): select_expression_list=[]), q.asSQLExpression()) + def testQuotedStringExactMatch(self): + q = Query(title='Foo d\'Ba', key='ExactMatch') + self.assertEquals( + dict(where_expression="title = 'Foo d''Ba'", + select_expression_list=[]), + q.asSQLExpression()) + def testQuotedStringFullTextKey(self): q = Query(title='Foo d\'Ba', type='fulltext') self.assertEquals( @@ -392,6 +399,21 @@ class TestQuery(unittest.TestCase): " AS title_relevance"]), q.asSQLExpression()) + def testQuotedStringListKeywordKey(self): + q = Query(title=('Foo d\'Ba',), key='Keyword') + self.assertEquals( + dict(where_expression="((((title LIKE '%Foo d''Ba%'))))", + select_expression_list=[]), + q.asSQLExpression()) + + def testQuotedStringListExactMatch(self): + q = Query(title=('Foo d\'Ba',), key='ExactMatch') + self.assertEquals( + dict(where_expression="title = 'Foo d''Ba'", + select_expression_list=[]), + q.asSQLExpression()) + + def testQuotedStringDateKey(self): q = Query(title='Foo d\'Ba', type='date') self.assertEquals( -- 2.30.9