From 3eb6cd2c7a162a3fe1106ee241e09778451d4159 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Timo=20Westk=C3=A4mper?= Date: Fri, 24 Sep 2010 11:59:32 +0000 Subject: [PATCH] added example for SQL injection --- .../query/scala/sql/InjectionTest.scala | 26 +++++++++++++++++++ 1 file changed, 26 insertions(+) create mode 100644 querydsl-scala/src/test/scala/com/mysema/query/scala/sql/InjectionTest.scala diff --git a/querydsl-scala/src/test/scala/com/mysema/query/scala/sql/InjectionTest.scala b/querydsl-scala/src/test/scala/com/mysema/query/scala/sql/InjectionTest.scala new file mode 100644 index 000000000..7c390ad21 --- /dev/null +++ b/querydsl-scala/src/test/scala/com/mysema/query/scala/sql/InjectionTest.scala @@ -0,0 +1,26 @@ +package com.mysema.query.scala.sql + +import com.mysema.query.sql._ +import com.mysema.query.types.Predicate +import com.mysema.query.types.template.BooleanTemplate + +import org.junit.Test +import org.junit.Assert._ + +class InjectionTest { + + implicit def asPredicate(str: String): Predicate = BooleanTemplate.create(str); + + @Test + def Injection() { + val c = QCategory as "c"; + val sq = query from c where "c.name like \"a%\"" list c; + + assertEquals("c.name like \"a%\"", sq.getMetadata.getWhere.toString); + } + + def query() = new SQLSubQuery(); + + + +} \ No newline at end of file