Commit 2d6ecbd7 authored by Jérome Perrin's avatar Jérome Perrin

using ExactMatch could generate invalid SQL


git-svn-id: https://svn.erp5.org/repos/public/erp5/trunk@22223 20353a03-c40f-0410-a6d1-a30d3c3de9de
parent 70707517
......@@ -39,8 +39,11 @@ class RawKey(SearchKey):
def buildSQLExpression(self, key, value,
format=None, mode=None, range_value=None, stat__=None):
if value is not None:
where_expression = "%s = '%s'" % (key, value)
value = self.quoteSQLString(value, format)
key = self.quoteSQLKey(key, format)
where_expression = "%s = %s" % (key, value)
else:
where_expression = "%s is NULL" % (key)
return where_expression, []
......@@ -384,6 +384,13 @@ class TestQuery(unittest.TestCase):
select_expression_list=[]),
q.asSQLExpression())
def testQuotedStringExactMatch(self):
q = Query(title='Foo d\'Ba', key='ExactMatch')
self.assertEquals(
dict(where_expression="title = 'Foo d''Ba'",
select_expression_list=[]),
q.asSQLExpression())
def testQuotedStringFullTextKey(self):
q = Query(title='Foo d\'Ba', type='fulltext')
self.assertEquals(
......@@ -392,6 +399,21 @@ class TestQuery(unittest.TestCase):
" AS title_relevance"]),
q.asSQLExpression())
def testQuotedStringListKeywordKey(self):
q = Query(title=('Foo d\'Ba',), key='Keyword')
self.assertEquals(
dict(where_expression="((((title LIKE '%Foo d''Ba%'))))",
select_expression_list=[]),
q.asSQLExpression())
def testQuotedStringListExactMatch(self):
q = Query(title=('Foo d\'Ba',), key='ExactMatch')
self.assertEquals(
dict(where_expression="title = 'Foo d''Ba'",
select_expression_list=[]),
q.asSQLExpression())
def testQuotedStringDateKey(self):
q = Query(title='Foo d\'Ba', type='date')
self.assertEquals(
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment