mirror of
				https://github.com/iv-org/invidious.git
				synced 2025-10-22 16:58:28 -05:00 
			
		
		
		
	Fix escaping for materialized view SQL
This commit is contained in:
		
							parent
							
								
									bcd239ac2b
								
							
						
					
					
						commit
						99b0b4f5b8
					
				| @ -1,7 +1,7 @@ | ||||
| require "crypto/bcrypt/password" | ||||
| 
 | ||||
| # Materialized views may not be defined using bound parameters (`$1` as used elsewhere) | ||||
| MATERIALIZED_VIEW_SQL = ->(email : String) { "SELECT cv.* FROM channel_videos cv WHERE EXISTS (SELECT subscriptions FROM users u WHERE cv.ucid = ANY (u.subscriptions) AND u.email = E'#{email.gsub("'", "\\'")}') ORDER BY published DESC" } | ||||
| MATERIALIZED_VIEW_SQL = ->(email : String) { "SELECT cv.* FROM channel_videos cv WHERE EXISTS (SELECT subscriptions FROM users u WHERE cv.ucid = ANY (u.subscriptions) AND u.email = E'#{email.gsub({'\'' => "\\'", '\\' => "\\\\"})}') ORDER BY published DESC" } | ||||
| 
 | ||||
| struct User | ||||
|   module PreferencesConverter | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user