multi_column_search 0.0.2 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
data/CHANGELOG CHANGED
@@ -1,3 +1,5 @@
1
+ v1.0.0 Added SQL INJ Test and launch to production
2
+
1
3
  v0.0.2 Fixed Debuging messages.
2
4
 
3
5
  v0.0.1. Initial release.
data/README.rdoc CHANGED
@@ -4,6 +4,11 @@ Quick and dirty multi column LIKE searches. Need to search accross multiple colu
4
4
 
5
5
  Running lots of queries or have a large data set? You should probably upgrade to a real search back-end already!
6
6
 
7
+ == Requirements
8
+
9
+ This gem requires ActiveRecord 3
10
+
11
+
7
12
  == Examples
8
13
 
9
14
  Add a search method to your model by calling multi_column_search with the fields you want to search.
@@ -23,13 +23,11 @@ module MultiColumnSearch
23
23
  like = connection.adapter_name == "PostgreSQL" ? "ILIKE" : "LIKE"
24
24
  scope options[:name], lambda { |terms|
25
25
  terms = terms.split.join('%')
26
- conditions = terms.split.inject([]) do |acc, term|
26
+ conditions = terms.split.inject(where(nil)) do |acc, term|
27
27
  pattern = get_multi_column_pattern options[:match], term
28
- acc << columns.collect { |column| "#{table_name}.#{column} #{like} '#{pattern}'" }
28
+ where(columns.collect { |column| "#{table_name}.#{column} #{like} :pattern" }.join(' OR '), {:pattern => pattern})
29
29
 
30
- end
31
-
32
- where conditions.map { |c| "(" + c.join(' OR ') + ")" }.join(' OR ')
30
+ end
33
31
  }
34
32
  end
35
33
 
@@ -2,11 +2,11 @@
2
2
 
3
3
  Gem::Specification.new do |s|
4
4
  s.name = %q{multi_column_search}
5
- s.version = "0.0.2"
5
+ s.version = "1.0.0"
6
6
 
7
7
  s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
8
8
  s.authors = ["Jack Russell Software"]
9
- s.date = %q{2010-08-18}
9
+ s.date = %q{2010-09-29}
10
10
  s.description = %q{Quick and dirty multi column LIKE searches.}
11
11
  s.email = %q{team@jackrussellsoftware.com}
12
12
  s.extra_rdoc_files = ["CHANGELOG", "README.rdoc", "lib/multi_column_search.rb"]
@@ -24,6 +24,10 @@ describe MultiColumnSearch do
24
24
  Sponsor.search('Mount P').count.should == 2
25
25
  end
26
26
 
27
+ it "should not allow sql injection" do
28
+ Sponsor.search(%q{'"`}).should == []
29
+ end
30
+
27
31
  end
28
32
 
29
33
 
metadata CHANGED
@@ -1,12 +1,13 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: multi_column_search
3
3
  version: !ruby/object:Gem::Version
4
+ hash: 23
4
5
  prerelease: false
5
6
  segments:
7
+ - 1
6
8
  - 0
7
9
  - 0
8
- - 2
9
- version: 0.0.2
10
+ version: 1.0.0
10
11
  platform: ruby
11
12
  authors:
12
13
  - Jack Russell Software
@@ -14,7 +15,7 @@ autorequire:
14
15
  bindir: bin
15
16
  cert_chain: []
16
17
 
17
- date: 2010-08-18 00:00:00 -04:00
18
+ date: 2010-09-29 00:00:00 -04:00
18
19
  default_executable:
19
20
  dependencies: []
20
21
 
@@ -58,6 +59,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
58
59
  requirements:
59
60
  - - ">="
60
61
  - !ruby/object:Gem::Version
62
+ hash: 3
61
63
  segments:
62
64
  - 0
63
65
  version: "0"
@@ -66,6 +68,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
66
68
  requirements:
67
69
  - - ">="
68
70
  - !ruby/object:Gem::Version
71
+ hash: 11
69
72
  segments:
70
73
  - 1
71
74
  - 2