added tests ・ 9345003 ・ Gitprep

-9

lib/DBIx/Custom.pm

@@ -1697,15 +1697,6 @@ sub _where_clause_and_param {
         if defined $table_quote;
       push @$clause, "$column_quote = :$column";
     }
-
-    # Check unsafety column
-    my $safety = $self->{safety_character};
-    unless ($column_join =~ /^[$safety\.]+$/) {
-      for my $column (keys %$where) {
-        croak qq{"$column" is not safety column name } . _subname
-          unless $column =~ /^[$safety\.]+$/;
-      }
-    }
     
     $w->{clause} = @$clause ? "where ( " . join(' and ', @$clause) . " ) " : '' ;
     $w->{param} = $where;

t/common.t

View

@@ -1348,6 +1348,9 @@ $dbi->insert({$key1 => 1, $key2 => 2}, table => $table1);
 $row = $dbi->select($key1, table => $table1)->one;
 is_deeply($row, {$key1 => 1});
 
+eval { $dbi->select(table => $table1, where => {';' => 1}) };
+like($@, qr/safety/);
+
 test 'fetch filter';
 eval { $dbi->execute("drop table $table1") };
 $dbi->register_filter(

...	...	@@ -1697,15 +1697,6 @@ sub _where_clause_and_param {
1697	1697	if defined $table_quote;
1698	1698	push @$clause, "$column_quote = :$column";
1699	1699	}
1700		-
1701		- # Check unsafety column
1702		- my $safety = $self->{safety_character};
1703		- unless ($column_join =~ /^[$safety\.]+$/) {
1704		- for my $column (keys %$where) {
1705		- croak qq{"$column" is not safety column name } . _subname
1706		- unless $column =~ /^[$safety\.]+$/;
1707		- }
1708		- }
1709	1700
1710	1701	$w->{clause} = @$clause ? "where ( " . join(' and ', @$clause) . " ) " : '' ;
1711	1702	$w->{param} = $where;

...	...	@@ -1348,6 +1348,9 @@ $dbi->insert({$key1 => 1, $key2 => 2}, table => $table1);
1348	1348	$row = $dbi->select($key1, table => $table1)->one;
1349	1349	is_deeply($row, {$key1 => 1});
1350	1350
	1351	+eval { $dbi->select(table => $table1, where => {';' => 1}) };
	1352	+like($@, qr/safety/);
	1353	+
1351	1354	test 'fetch filter';
1352	1355	eval { $dbi->execute("drop table $table1") };
1353	1356	$dbi->register_filter(