Skip to content

Commit 33c9edc

Browse files
kenjiskenjis
committed
fix: Query builder escapes negative integers
Fixes #4973
1 parent fab038d commit 33c9edc

File tree

3 files changed

+20
-2
lines changed

3 files changed

+20
-2
lines changed

system/Database/BaseConnection.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1201,7 +1201,7 @@ public function escape($str)
12011201
}
12021202

12031203
if (is_numeric($str) && $str < 0) {
1204-
return "'{$str}'";
1204+
return "{$str}";
12051205
}
12061206

12071207
return $str ?? 'NULL';

tests/system/Database/BaseQueryTest.php

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -345,6 +345,24 @@ public function testSetQueryBindsWithSetEscapeFalse()
345345
$this->assertSame($expected, $query->getQuery());
346346
}
347347

348+
/**
349+
* @see https://github.com/codeigniter4/CodeIgniter4/issues/4973
350+
*/
351+
public function testSetQueryBindsWithSetEscapeNegativeIntegers()
352+
{
353+
$query = new Query($this->db);
354+
355+
$query->setQuery(
356+
'SELECT * FROM product WHERE date_pickup < DateAdd(month, ?, Convert(date, GetDate())',
357+
[-6],
358+
true
359+
);
360+
361+
$expected = 'SELECT * FROM product WHERE date_pickup < DateAdd(month, -6, Convert(date, GetDate())';
362+
363+
$this->assertSame($expected, $query->getQuery());
364+
}
365+
348366
/**
349367
* @see https://github.com/codeigniter4/CodeIgniter4/issues/2762
350368
*/

tests/system/Database/Live/EscapeTest.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ protected function setUp(): void
4040
*/
4141
public function testEscapeProtectsNegativeNumbers()
4242
{
43-
$this->assertSame("'-100'", $this->db->escape(-100));
43+
$this->assertSame('-100', $this->db->escape(-100));
4444
}
4545

4646
public function testEscape()

0 commit comments

Comments
 (0)