mirror of
https://github.com/iv-org/invidious.git
synced 2024-12-23 14:03:37 +00:00
Fix escaping for materialized view SQL
This commit is contained in:
parent
bcd239ac2b
commit
99b0b4f5b8
@ -1,7 +1,7 @@
|
|||||||
require "crypto/bcrypt/password"
|
require "crypto/bcrypt/password"
|
||||||
|
|
||||||
# Materialized views may not be defined using bound parameters (`$1` as used elsewhere)
|
# Materialized views may not be defined using bound parameters (`$1` as used elsewhere)
|
||||||
MATERIALIZED_VIEW_SQL = ->(email : String) { "SELECT cv.* FROM channel_videos cv WHERE EXISTS (SELECT subscriptions FROM users u WHERE cv.ucid = ANY (u.subscriptions) AND u.email = E'#{email.gsub("'", "\\'")}') ORDER BY published DESC" }
|
MATERIALIZED_VIEW_SQL = ->(email : String) { "SELECT cv.* FROM channel_videos cv WHERE EXISTS (SELECT subscriptions FROM users u WHERE cv.ucid = ANY (u.subscriptions) AND u.email = E'#{email.gsub({'\'' => "\\'", '\\' => "\\\\"})}') ORDER BY published DESC" }
|
||||||
|
|
||||||
struct User
|
struct User
|
||||||
module PreferencesConverter
|
module PreferencesConverter
|
||||||
|
Loading…
Reference in New Issue
Block a user