Skip to content

Commit

Permalink
Fix storesafe#460: readTransaction allows modification starting with …
Browse files Browse the repository at this point in the history
…extra semicolon(s)
  • Loading branch information
Christopher J. Brody committed Jul 1, 2016
1 parent cf7e180 commit ade873a
Show file tree
Hide file tree
Showing 6 changed files with 25 additions and 56 deletions.
4 changes: 4 additions & 0 deletions CHANGES.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
# Changes

### cordova-sqlite-storage 1.4.4-pre1

- Fix readTransaction to reject modification statements with extra semicolon(s) in the beginning

### cordova-sqlite-storage 1.4.3

- Handle executeSql with object sql value (solves another possible crash on iOS)
Expand Down
2 changes: 1 addition & 1 deletion SQLitePlugin.coffee.md
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@

## constant(s):

READ_ONLY_REGEX = /^\s*(?:drop|delete|insert|update|create)\s/i
READ_ONLY_REGEX = /^(\s|;)*(?:drop|delete|insert|update|create)\s/i

# per-db state
DB_STATE_INIT = "INIT"
Expand Down
8 changes: 1 addition & 7 deletions package.json
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "cordova-sqlite-storage",
"version": "1.4.3",
"version": "1.4.4-pre1",
"description": "Native interface to SQLite for PhoneGap/Cordova",
"cordova": {
"id": "cordova-sqlite-storage",
Expand All @@ -21,12 +21,6 @@
"cordova-ios",
"cordova-windows"
],
"engines": [
{
"name": "cordova",
"version": ">=6.0.0"
}
],
"author": "various",
"license": "MIT",
"bugs": {
Expand Down
2 changes: 1 addition & 1 deletion plugin.xml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
<plugin xmlns="http://www.phonegap.com/ns/plugins/1.0"
xmlns:android="http://schemas.android.com/apk/res/android"
id="cordova-sqlite-storage"
version="1.4.3">
version="1.4.4-pre1">

<name>Cordova sqlite storage plugin</name>

Expand Down
63 changes: 17 additions & 46 deletions spec/www/spec/tx-semantics-test.js
Original file line number Diff line number Diff line change
Expand Up @@ -541,13 +541,12 @@ var mytests = function() {
tx.executeSql('DROP TABLE IF EXISTS ExtraTestTable1');
tx.executeSql('DROP TABLE IF EXISTS ExtraTestTable2');
tx.executeSql('DROP TABLE IF EXISTS ExtraTestTable3');
tx.executeSql('DROP TABLE IF EXISTS ExtraTestTable4');
tx.executeSql('DROP TABLE IF EXISTS ExtraTestTable5');
tx.executeSql('DROP TABLE IF EXISTS ExtraTestTable6');

tx.executeSql('CREATE TABLE IF NOT EXISTS test_table (data)');
tx.executeSql('INSERT INTO test_table VALUES (?)', ['first']);

tx.executeSql('DROP TABLE IF EXISTS ExtraTestTable1');
tx.executeSql('DROP TABLE IF EXISTS ExtraTestTable2');
tx.executeSql('DROP TABLE IF EXISTS ExtraTestTable3');
}, function () {}, function () {
db.readTransaction(function (tx) {
tx.executeSql('SELECT * from test_table', [], function (tx, res) {
Expand Down Expand Up @@ -620,63 +619,35 @@ var mytests = function() {
tx.executeSql(' CREATE TABLE test_table3 (data)');
}, checkDone, fail);
},

// BUG #460:
function () {
db.readTransaction(function (tx) {
tx.executeSql('; CREATE TABLE ExtraTestTable1 (data)');
}, function(e) {
// CORRECT
if (!isWebSql) expect('Plugin FIXED, please update this test').toBe('--');
checkDone();
}, function() {
// BUG #460: IGNORED for Plugin ONLY:
if (!isWebSql) return checkDone(); // (returns undefined)
expect(false).toBe(true);
fail();
});
}, checkDone, fail);
},
function () {
db.readTransaction(function (tx) {
tx.executeSql(' ; CREATE TABLE ExtraTestTable2 (data)');
}, function(e) {
// CORRECT
if (!isWebSql) expect('Plugin FIXED, please update this test').toBe('--');
checkDone();
}, function() {
// BUG #460: IGNORED for Plugin ONLY:
if (!isWebSql) return checkDone(); // (returns undefined)
expect(false).toBe(true);
fail();
});
}, checkDone, fail);
},
function () {
db.readTransaction(function (tx) {
tx.executeSql(';CREATE TABLE ExtraTestTable3 (data)');
}, function(e) {
// CORRECT
if (!isWebSql) expect('Plugin FIXED, please update this test').toBe('--');
checkDone();
}, function() {
// BUG #460: IGNORED for Plugin ONLY:
if (!isWebSql) return checkDone(); // (returns undefined)
expect(false).toBe(true);
fail();
});
}, checkDone, fail);
},
function () {
db.readTransaction(function (tx) {
tx.executeSql(';; CREATE TABLE ExtraTestTable4 (data)');
}, function(e) {
// CORRECT
if (!isWebSql) expect('Plugin FIXED, please update this test').toBe('--');
checkDone();
}, function() {
// BUG #460: IGNORED for Plugin ONLY:
if (!isWebSql) return checkDone(); // (returns undefined)
expect(false).toBe(true);
fail();
});
}, checkDone, fail);
},
function () {
db.readTransaction(function (tx) {
tx.executeSql('; ;CREATE TABLE ExtraTestTable5 (data)');
}, checkDone, fail);
},
function () {
db.readTransaction(function (tx) {
tx.executeSql('; ; CREATE TABLE ExtraTestTable6 (data)');
}, checkDone, fail);
},
];
for (var i = 0; i < tasks.length; i++) {
Expand Down
2 changes: 1 addition & 1 deletion www/SQLitePlugin.js
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

root = this;

READ_ONLY_REGEX = /^\s*(?:drop|delete|insert|update|create)\s/i;
READ_ONLY_REGEX = /^(\s|;)*(?:drop|delete|insert|update|create)\s/i;

DB_STATE_INIT = "INIT";

Expand Down

0 comments on commit ade873a

Please sign in to comment.