Skip to content
Toggle navigation
Projects
Groups
Snippets
Help
public
/
sequelize
This project
Loading...
Sign in
Toggle navigation
Go to a project
Project
Repository
Issues
0
Merge Requests
0
Pipelines
Wiki
Snippets
Settings
Activity
Graph
Charts
Create a new issue
Jobs
Commits
Issue Boards
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Charts
不要怂,就是干,撸起袖子干!
Commit 31c32e62
authored
Jul 19, 2016
by
Mick Hansen
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 'v3' of github.com:sequelize/sequelize into v3
2 parents
401c3943
562d5258
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
with
17 additions
and
5 deletions
lib/data-types.js
lib/dialects/postgres/data-types.js
test/integration/model/geometry.test.js
lib/data-types.js
View file @
31c32e6
...
@@ -900,8 +900,8 @@ var GEOMETRY = ABSTRACT.inherits(function(type, srid) {
...
@@ -900,8 +900,8 @@ var GEOMETRY = ABSTRACT.inherits(function(type, srid) {
GEOMETRY
.
prototype
.
key
=
GEOMETRY
.
key
=
'GEOMETRY'
;
GEOMETRY
.
prototype
.
key
=
GEOMETRY
.
key
=
'GEOMETRY'
;
GEOMETRY
.
prototype
.
escape
=
false
;
GEOMETRY
.
prototype
.
escape
=
false
;
GEOMETRY
.
prototype
.
$stringify
=
function
(
value
)
{
GEOMETRY
.
prototype
.
$stringify
=
function
(
value
,
options
)
{
return
'GeomFromText(
\''
+
Wkt
.
convert
(
value
)
+
'\
')'
;
return
'GeomFromText(
'
+
options
.
escape
(
Wkt
.
convert
(
value
))
+
')'
;
};
};
/**
/**
...
@@ -925,8 +925,8 @@ var GEOGRAPHY = ABSTRACT.inherits(function(type, srid) {
...
@@ -925,8 +925,8 @@ var GEOGRAPHY = ABSTRACT.inherits(function(type, srid) {
GEOGRAPHY
.
prototype
.
key
=
GEOGRAPHY
.
key
=
'GEOGRAPHY'
;
GEOGRAPHY
.
prototype
.
key
=
GEOGRAPHY
.
key
=
'GEOGRAPHY'
;
GEOGRAPHY
.
prototype
.
escape
=
false
;
GEOGRAPHY
.
prototype
.
escape
=
false
;
GEOGRAPHY
.
prototype
.
$stringify
=
function
(
value
)
{
GEOGRAPHY
.
prototype
.
$stringify
=
function
(
value
,
options
)
{
return
'GeomFromText(
\''
+
Wkt
.
convert
(
value
)
+
'\
')'
;
return
'GeomFromText(
'
+
options
.
escape
(
Wkt
.
convert
(
value
))
+
')'
;
};
};
Object
.
keys
(
helpers
).
forEach
(
function
(
helper
)
{
Object
.
keys
(
helpers
).
forEach
(
function
(
helper
)
{
...
...
lib/dialects/postgres/data-types.js
View file @
31c32e6
...
@@ -293,7 +293,7 @@ module.exports = function (BaseTypes) {
...
@@ -293,7 +293,7 @@ module.exports = function (BaseTypes) {
array_oids
:
[]
array_oids
:
[]
};
};
GEOGRAPHY
.
parse
=
GEOGRAPHY
.
prototype
.
parse
=
function
(
value
,
options
)
{
GEOGRAPHY
.
parse
=
GEOGRAPHY
.
prototype
.
parse
=
function
(
value
)
{
var
b
=
new
Buffer
(
value
,
'hex'
);
var
b
=
new
Buffer
(
value
,
'hex'
);
return
wkx
.
Geometry
.
parse
(
b
).
toGeoJSON
();
return
wkx
.
Geometry
.
parse
(
b
).
toGeoJSON
();
};
};
...
...
test/integration/model/geometry.test.js
View file @
31c32e6
...
@@ -197,6 +197,18 @@ describe(Support.getTestDialectTeaser('Model'), function() {
...
@@ -197,6 +197,18 @@ describe(Support.getTestDialectTeaser('Model'), function() {
}
}
});
});
});
});
it
(
'should properly escape the single quotes on coordinates'
,
function
()
{
return
this
.
Model
.
create
({
location
:
{
type
:
"Point"
,
properties
:
{
exploit
:
"'); DELETE YOLO INJECTIONS; -- "
},
coordinates
:
[
39.807222
,
"'); DELETE YOLO INJECTIONS; -- "
]
}
});
});
});
});
}
}
});
});
Write
Preview
Markdown
is supported
Attach a file
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to post a comment
