Closed Maarten88 closed 10 years ago
I've pushed a fix. It also affected StartsWith and EndsWith.
Thanks for the fast response and fix!
Still, I'll be avoiding this lambda syntax from now, as it has caused unexpected problems more than once now, it's limited in scope and I think now that writing sql this way is not such a great idea.
Your new Nuget has a dependency for CavemanTools = 3.4.0, the previous package had >= 3.8.1
With 3.4.0 I'll get the SemanticVersion bug back.
I knew I left something out. I've pushed a new version with the correct dep.
This bug is quite bad. We have a query like this:
A player has chosen DisplayName of "don't cry for me argentina" which gets translated into:
The single quote is not escaped! I would expect SqlFu to escape string parameters automatically like it does with sql params. It's a matter of time before someone figures out much funnier names than one with just a quote. We quickly changed the query and rolled out a hotfix:
which gets escaped correctly. Why are these lambda queries not also escaped?