[DDC-551] Fixed the escaping of filter parameters

2024-12-13 22:56:04 +03:00 · 2011-07-22 14:48:20 +02:00 · 2011-07-22 14:48:20 +02:00 · 4cf63a4e83
commit 4cf63a4e83
parent d1908f7207
2 changed files with 2 additions and 3 deletions
--- a/lib/Doctrine/ORM/Query/Filter/SQLFilter.php
+++ b/lib/Doctrine/ORM/Query/Filter/SQLFilter.php
@ -59,8 +59,7 @@ abstract class SQLFilter
            throw new \InvalidArgumentException("Parameter '" . $name . "' does not exist.");
        }

-        // @todo: espace the parameter
-        return $this->conn->convertToDatabaseValue($this->parameters[$name]['value'], $this->parameters[$name]['type']);
+        return $this->conn->quote($this->parameters[$name]['value'], $this->parameters[$name]['type']);
    }

    abstract function addFilterConstraint(ClassMetadata $targetEntity, $targetTableAlias);
--- a/tests/Doctrine/Tests/ORM/Functional/SQLFilterTest.php
+++ b/tests/Doctrine/Tests/ORM/Functional/SQLFilterTest.php
@ -144,7 +144,7 @@ class SQLFilterTest extends \Doctrine\Tests\OrmFunctionalTestCase
        // Setup mock connection
        $conn = $this->getMockConnection();
        $conn->expects($this->once())
-            ->method('convertToDatabaseValue')
+            ->method('quote')
            ->with($this->equalTo('en'))
            ->will($this->returnValue("'en'"));