php/yii2
1
0
Fork 0
mirror of https://github.com/yiisoft/yii2.git synced 2025-10-31 10:39:59 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix #18134: Expression as columnName should not be quoted in likeCondition

Browse Source
This commit is contained in:
DarkDef
2020-07-03 12:27:31 +03:00
committed by GitHub
parent 564cae8cc9
commit 1faa45c552
3 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
framework/CHANGELOG.md
View File

@ -25,6 +25,7 @@ Yii Framework 2 Change Log
- Enh #15202: Add optional param `--silent-exit-on-exception` in `yii\console\Controller` (egorrishe) - Enh #15202: Add optional param `--silent-exit-on-exception` in `yii\console\Controller` (egorrishe)
- Bug #18110: Add quotes to return value of viewName in MSSQL schema. It is `[someView]` now (darkdef) - Bug #18110: Add quotes to return value of viewName in MSSQL schema. It is `[someView]` now (darkdef)
- Bug #17985: Convert migrationNamespaces to array if needed (darkdef) - Bug #17985: Convert migrationNamespaces to array if needed (darkdef)
- Bug #18134: Expression as columnName should not be quoted in likeCondition (darkdef)
2.0.35 May 02, 2020 2.0.35 May 02, 2020

4
framework/db/conditions/LikeConditionBuilder.php
View File

@ -66,7 +66,9 @@ class LikeConditionBuilder implements ExpressionBuilderInterface
return $not ? '' : '0=1'; return $not ? '' : '0=1';
} }
if (strpos($column, '(') === false) { if ($column instanceof ExpressionInterface) {
$column = $this->queryBuilder->buildExpression($column, $params);
} elseif (is_string($column) && strpos($column, '(') === false) {
$column = $this->queryBuilder->db->quoteColumnName($column); $column = $this->queryBuilder->db->quoteColumnName($column);
} }

3
tests/framework/db/QueryBuilderTest.php
View File

@ -2490,6 +2490,9 @@ abstract class QueryBuilderTest extends DatabaseTestCase
[new LikeCondition('name', 'not like', [new Expression('CONCAT("test", name, "%")'), '\ab_c']), '[[name]] NOT LIKE CONCAT("test", name, "%") AND [[name]] NOT LIKE :qp0', [':qp0' => '%\\\ab\_c%']], [new LikeCondition('name', 'not like', [new Expression('CONCAT("test", name, "%")'), '\ab_c']), '[[name]] NOT LIKE CONCAT("test", name, "%") AND [[name]] NOT LIKE :qp0', [':qp0' => '%\\\ab\_c%']],
[new LikeCondition('name', 'or like', [new Expression('CONCAT("test", name, "%")'), '\ab_c']), '[[name]] LIKE CONCAT("test", name, "%") OR [[name]] LIKE :qp0', [':qp0' => '%\\\ab\_c%']], [new LikeCondition('name', 'or like', [new Expression('CONCAT("test", name, "%")'), '\ab_c']), '[[name]] LIKE CONCAT("test", name, "%") OR [[name]] LIKE :qp0', [':qp0' => '%\\\ab\_c%']],
[new LikeCondition('name', 'or not like', [new Expression('CONCAT("test", name, "%")'), '\ab_c']), '[[name]] NOT LIKE CONCAT("test", name, "%") OR [[name]] NOT LIKE :qp0', [':qp0' => '%\\\ab\_c%']], [new LikeCondition('name', 'or not like', [new Expression('CONCAT("test", name, "%")'), '\ab_c']), '[[name]] NOT LIKE CONCAT("test", name, "%") OR [[name]] NOT LIKE :qp0', [':qp0' => '%\\\ab\_c%']],
// like with expression as columnName
[['like', new Expression('name'), 'string'], 'name LIKE :qp0', [':qp0' => "%string%"]],
]; ];
// adjust dbms specific escaping // adjust dbms specific escaping