Contents

module Searchlogic
  module Conditions
    # = Conditions Protection
    #
    # Adds protection from SQL injections. Just set protect = true and it will limit what kind of conditions it will accept.
    module Protection
      def self.included(klass)
        klass.class_eval do
          attr_reader :protect
          alias_method_chain :conditions=, :protection
        end
      end
      
      def conditions_with_protection=(conditions)
        unless conditions.is_a?(Hash)
          if protect?
            return if conditions.blank?
            raise(ArgumentError, "You can not pass SQL as conditions while the search is being protected, you can only pass a hash")
          end
        end
        
        self.conditions_without_protection = conditions
      end
      
      def protect=(value)
        association_objects.each { |obj| obj.protect = value }
        @protect = value
      end
      
      def protect?
        protect == true
      end
      alias_method :protected?, :protect?
    end
  end
end

Version data entries

13 entries across 13 versions & 2 rubygems

Version	Path
schof-searchlogic-0.0.2	lib/searchlogic/conditions/protection.rb
searchlogic-1.6.1	lib/searchlogic/conditions/protection.rb
searchlogic-1.5.6	lib/searchlogic/conditions/protection.rb
searchlogic-1.5.7	lib/searchlogic/conditions/protection.rb
searchlogic-1.5.8	lib/searchlogic/conditions/protection.rb
searchlogic-1.5.9	lib/searchlogic/conditions/protection.rb
searchlogic-1.5.10	lib/searchlogic/conditions/protection.rb
searchlogic-1.6.0	lib/searchlogic/conditions/protection.rb
searchlogic-1.6.6	lib/searchlogic/conditions/protection.rb
searchlogic-1.6.2	lib/searchlogic/conditions/protection.rb
searchlogic-1.6.4	lib/searchlogic/conditions/protection.rb
searchlogic-1.6.3	lib/searchlogic/conditions/protection.rb
searchlogic-1.6.5	lib/searchlogic/conditions/protection.rb