From ade873a790c653b00c27c7b0feb05b1964f586b9 Mon Sep 17 00:00:00 2001 From: "Christopher J. Brody" Date: Fri, 1 Jul 2016 16:55:29 +0200 Subject: [PATCH] Fix #460: readTransaction allows modification starting with extra semicolon(s) --- CHANGES.md | 4 ++ SQLitePlugin.coffee.md | 2 +- package.json | 8 +--- plugin.xml | 2 +- spec/www/spec/tx-semantics-test.js | 63 ++++++++---------------------- www/SQLitePlugin.js | 2 +- 6 files changed, 25 insertions(+), 56 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 2d14d079e..478c9df13 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,5 +1,9 @@ # Changes +### cordova-sqlite-storage 1.4.4-pre1 + +- Fix readTransaction to reject modification statements with extra semicolon(s) in the beginning + ### cordova-sqlite-storage 1.4.3 - Handle executeSql with object sql value (solves another possible crash on iOS) diff --git a/SQLitePlugin.coffee.md b/SQLitePlugin.coffee.md index 0a80b4449..fae780169 100644 --- a/SQLitePlugin.coffee.md +++ b/SQLitePlugin.coffee.md @@ -12,7 +12,7 @@ ## constant(s): - READ_ONLY_REGEX = /^\s*(?:drop|delete|insert|update|create)\s/i + READ_ONLY_REGEX = /^(\s|;)*(?:drop|delete|insert|update|create)\s/i # per-db state DB_STATE_INIT = "INIT" diff --git a/package.json b/package.json index 38e279542..10ce4a614 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "cordova-sqlite-storage", - "version": "1.4.3", + "version": "1.4.4-pre1", "description": "Native interface to SQLite for PhoneGap/Cordova", "cordova": { "id": "cordova-sqlite-storage", @@ -21,12 +21,6 @@ "cordova-ios", "cordova-windows" ], - "engines": [ - { - "name": "cordova", - "version": ">=6.0.0" - } - ], "author": "various", "license": "MIT", "bugs": { diff --git a/plugin.xml b/plugin.xml index d11e6836d..a88e4e169 100644 --- a/plugin.xml +++ b/plugin.xml @@ -2,7 +2,7 @@ + version="1.4.4-pre1"> Cordova sqlite storage plugin diff --git a/spec/www/spec/tx-semantics-test.js b/spec/www/spec/tx-semantics-test.js index e3bb7bc57..677a68a38 100755 --- a/spec/www/spec/tx-semantics-test.js +++ b/spec/www/spec/tx-semantics-test.js @@ -541,13 +541,12 @@ var mytests = function() { tx.executeSql('DROP TABLE IF EXISTS ExtraTestTable1'); tx.executeSql('DROP TABLE IF EXISTS ExtraTestTable2'); tx.executeSql('DROP TABLE IF EXISTS ExtraTestTable3'); + tx.executeSql('DROP TABLE IF EXISTS ExtraTestTable4'); + tx.executeSql('DROP TABLE IF EXISTS ExtraTestTable5'); + tx.executeSql('DROP TABLE IF EXISTS ExtraTestTable6'); tx.executeSql('CREATE TABLE IF NOT EXISTS test_table (data)'); tx.executeSql('INSERT INTO test_table VALUES (?)', ['first']); - - tx.executeSql('DROP TABLE IF EXISTS ExtraTestTable1'); - tx.executeSql('DROP TABLE IF EXISTS ExtraTestTable2'); - tx.executeSql('DROP TABLE IF EXISTS ExtraTestTable3'); }, function () {}, function () { db.readTransaction(function (tx) { tx.executeSql('SELECT * from test_table', [], function (tx, res) { @@ -620,63 +619,35 @@ var mytests = function() { tx.executeSql(' CREATE TABLE test_table3 (data)'); }, checkDone, fail); }, - - // BUG #460: function () { db.readTransaction(function (tx) { tx.executeSql('; CREATE TABLE ExtraTestTable1 (data)'); - }, function(e) { - // CORRECT - if (!isWebSql) expect('Plugin FIXED, please update this test').toBe('--'); - checkDone(); - }, function() { - // BUG #460: IGNORED for Plugin ONLY: - if (!isWebSql) return checkDone(); // (returns undefined) - expect(false).toBe(true); - fail(); - }); + }, checkDone, fail); }, function () { db.readTransaction(function (tx) { tx.executeSql(' ; CREATE TABLE ExtraTestTable2 (data)'); - }, function(e) { - // CORRECT - if (!isWebSql) expect('Plugin FIXED, please update this test').toBe('--'); - checkDone(); - }, function() { - // BUG #460: IGNORED for Plugin ONLY: - if (!isWebSql) return checkDone(); // (returns undefined) - expect(false).toBe(true); - fail(); - }); + }, checkDone, fail); }, function () { db.readTransaction(function (tx) { tx.executeSql(';CREATE TABLE ExtraTestTable3 (data)'); - }, function(e) { - // CORRECT - if (!isWebSql) expect('Plugin FIXED, please update this test').toBe('--'); - checkDone(); - }, function() { - // BUG #460: IGNORED for Plugin ONLY: - if (!isWebSql) return checkDone(); // (returns undefined) - expect(false).toBe(true); - fail(); - }); + }, checkDone, fail); }, function () { db.readTransaction(function (tx) { tx.executeSql(';; CREATE TABLE ExtraTestTable4 (data)'); - }, function(e) { - // CORRECT - if (!isWebSql) expect('Plugin FIXED, please update this test').toBe('--'); - checkDone(); - }, function() { - // BUG #460: IGNORED for Plugin ONLY: - if (!isWebSql) return checkDone(); // (returns undefined) - expect(false).toBe(true); - fail(); - }); + }, checkDone, fail); + }, + function () { + db.readTransaction(function (tx) { + tx.executeSql('; ;CREATE TABLE ExtraTestTable5 (data)'); + }, checkDone, fail); + }, + function () { + db.readTransaction(function (tx) { + tx.executeSql('; ; CREATE TABLE ExtraTestTable6 (data)'); + }, checkDone, fail); }, ]; for (var i = 0; i < tasks.length; i++) { diff --git a/www/SQLitePlugin.js b/www/SQLitePlugin.js index b340f100f..76c276573 100644 --- a/www/SQLitePlugin.js +++ b/www/SQLitePlugin.js @@ -3,7 +3,7 @@ root = this; - READ_ONLY_REGEX = /^\s*(?:drop|delete|insert|update|create)\s/i; + READ_ONLY_REGEX = /^(\s|;)*(?:drop|delete|insert|update|create)\s/i; DB_STATE_INIT = "INIT";