sql-maker 0.0.4 → 0.0.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -0
- data/README.md +12 -0
- data/lib/sql/maker/quoting.rb +6 -1
- data/sql-maker.gemspec +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 332dd67e2a9366458f6b6dc6b59935af9086bc8b
|
|
4
|
+
data.tar.gz: c79fc9b7ede53d3d17c88952950ec1e18f5fabd9
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fe0432e6651c494a66fd12440a5245ce7cf1c49ed67c0c709b9091bae70c9f0425a512b7e8e35c5f5e1d134d5dd29543469ee54b042bca6093ef09c1ee418f18
|
|
7
|
+
data.tar.gz: cced5c06cf5ba70fa31b43d0a14196565988a07a7d8626ce261fdcd6682deae35b26ea39ddf6a3cafdea8498f89b8f6ea604a09ceed25371b45681bd56773216
|
data/CHANGELOG.md
CHANGED
data/README.md
CHANGED
|
@@ -80,6 +80,18 @@ See following articles for more details (perl version)
|
|
|
80
80
|
* http://blog.kazuhooku.com/2014/07/the-json-sql-injection-vulnerability.html (English)
|
|
81
81
|
* http://developers.mobage.jp/blog/2014/7/3/jsonsql-injection (Japanese)
|
|
82
82
|
|
|
83
|
+
## SQL Escape
|
|
84
|
+
|
|
85
|
+
SQL Maker automatically does escape, but when you want to do it manually by some reasons, call
|
|
86
|
+
|
|
87
|
+
```
|
|
88
|
+
SQL::Maker::Quoting.quote(string)
|
|
89
|
+
```
|
|
90
|
+
|
|
91
|
+
## See Also
|
|
92
|
+
|
|
93
|
+
* [perl の SQL::Maker (と SQL::QueryMaker) を ruby に移植した - sonots:blog](http://blog.livedoor.jp/sonots/archives/38723820.html) (Japanese)
|
|
94
|
+
|
|
83
95
|
## ChangeLog
|
|
84
96
|
|
|
85
97
|
See [CHANGELOG.md](CHANGELOG.md) for details.
|
data/lib/sql/maker/quoting.rb
CHANGED
|
@@ -73,11 +73,16 @@ module SQL::Maker::Quoting
|
|
|
73
73
|
end
|
|
74
74
|
|
|
75
75
|
# Quotes a string, escaping any ' (single quote) and \ (backslash)
|
|
76
|
-
# characters
|
|
76
|
+
# characters as SQL escape
|
|
77
77
|
def self.quote_string(s)
|
|
78
78
|
s.gsub(/\\/, '\&\&').gsub(/'/, "''") # ' (for ruby-mode)
|
|
79
79
|
end
|
|
80
80
|
|
|
81
|
+
# alias to module function quote_string
|
|
82
|
+
def self.escape(s)
|
|
83
|
+
quote_string(s)
|
|
84
|
+
end
|
|
85
|
+
|
|
81
86
|
# # def quote_string(s)
|
|
82
87
|
# def self.define_quote_string
|
|
83
88
|
# klass = self.singleton_class
|
data/sql-maker.gemspec
CHANGED
|
@@ -4,7 +4,7 @@ $LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
|
|
|
4
4
|
|
|
5
5
|
Gem::Specification.new do |spec|
|
|
6
6
|
spec.name = "sql-maker"
|
|
7
|
-
spec.version = "0.0.
|
|
7
|
+
spec.version = "0.0.5"
|
|
8
8
|
spec.authors = ["Naotoshi Seo"]
|
|
9
9
|
spec.email = ["sonots@gmail.com"]
|
|
10
10
|
spec.summary = %q{SQL Builder for Ruby}
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sql-maker
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.0.
|
|
4
|
+
version: 0.0.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Naotoshi Seo
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2015-02-11 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|