Change to isUnsafeSql

mythz · mythz · commit ce5bf47047c4 · 2018-08-21T17:31:59.000-04:00
diff --git a/src/ServiceStack.OrmLite/OrmLiteUtils.cs b/src/ServiceStack.OrmLite/OrmLiteUtils.cs
@@ -465,15 +465,15 @@ public static string SqlValue(this object value)
 
         public static Func<string,string> SqlVerifyFragmentFn { get; set; }
 
-        public static bool IsSqlSafe(string sql)
+        public static bool isUnsafeSql(string sql)
         {
             if (sql == null)
-                return true;
+                return false;
 
             if (SqlVerifyFragmentFn != null)
             {
                 SqlVerifyFragmentFn(sql);
-                return true;
+                return false;
             }
 
             var fragmentToVerify = sql
@@ -483,12 +483,12 @@ public static bool IsSqlSafe(string sql)
                 .ToLower();
 
             var match = VerifyFragmentRegEx.Match(fragmentToVerify);
-            return !match.Success;
+            return match.Success;
         }
 
         public static string SqlVerifyFragment(this string sqlFragment)
         {
-            if (!IsSqlSafe(sqlFragment))
+            if (isUnsafeSql(sqlFragment))
                 throw new ArgumentException("Potential illegal fragment detected: " + sqlFragment);
 
             return sqlFragment;
diff --git a/src/ServiceStack.OrmLite/TemplateDbFilters.cs b/src/ServiceStack.OrmLite/TemplateDbFilters.cs
@@ -84,7 +84,7 @@ public int dbExec(TemplateScopeContext scope, string sql, Dictionary<string, obj
         public string sqlTake(int? limit) => padCondition(OrmLiteConfig.DialectProvider.SqlLimit(null, limit));
         public string ormliteVar(string name) => OrmLiteConfig.DialectProvider.Variables.TryGetValue(name, out var value) ? value : null;
 
-        public bool isSqlSafe(string sql) => OrmLiteUtils.IsSqlSafe(sql);
+        public bool isUnsafeSql(string sql) => OrmLiteUtils.isUnsafeSql(sql);
 
         private string padCondition(string text) => string.IsNullOrEmpty(text) ? "" : " " + text;
     }
diff --git a/src/ServiceStack.OrmLite/TemplateDbFiltersAsync.cs b/src/ServiceStack.OrmLite/TemplateDbFiltersAsync.cs
@@ -86,7 +86,7 @@ public Task<object> dbExec(TemplateScopeContext scope, string sql, Dictionary<st
         public string sqlTake(int? limit) => padCondition(OrmLiteConfig.DialectProvider.SqlLimit(null, limit));
         public string ormliteVar(string name) => OrmLiteConfig.DialectProvider.Variables.TryGetValue(name, out var value) ? value : null;
 
-        public bool isSqlSafe(string sql) => OrmLiteUtils.IsSqlSafe(sql);
+        public bool isUnsafeSql(string sql) => OrmLiteUtils.isUnsafeSql(sql);
 
         private string padCondition(string text) => string.IsNullOrEmpty(text) ? "" : " " + text;
     }

Original file line number	Diff line number	Diff line change
`@@ -465,15 +465,15 @@ public static string SqlValue(this object value)`
`465`	`465`
`466`	`466`	`public static Func<string,string> SqlVerifyFragmentFn { get; set; }`
`467`	`467`
`468`		`- public static bool IsSqlSafe(string sql)`
	`468`	`+ public static bool isUnsafeSql(string sql)`
`469`	`469`	`{`
`470`	`470`	`if (sql == null)`
`471`		`- return true;`
	`471`	`+ return false;`
`472`	`472`
`473`	`473`	`if (SqlVerifyFragmentFn != null)`
`474`	`474`	`{`
`475`	`475`	`SqlVerifyFragmentFn(sql);`
`476`		`- return true;`
	`476`	`+ return false;`
`477`	`477`	`}`
`478`	`478`
`479`	`479`	`var fragmentToVerify = sql`
`@@ -483,12 +483,12 @@ public static bool IsSqlSafe(string sql)`
`483`	`483`	`.ToLower();`
`484`	`484`
`485`	`485`	`var match = VerifyFragmentRegEx.Match(fragmentToVerify);`
`486`		`- return !match.Success;`
	`486`	`+ return match.Success;`
`487`	`487`	`}`
`488`	`488`
`489`	`489`	`public static string SqlVerifyFragment(this string sqlFragment)`
`490`	`490`	`{`
`491`		`- if (!IsSqlSafe(sqlFragment))`
	`491`	`+ if (isUnsafeSql(sqlFragment))`
`492`	`492`	`throw new ArgumentException("Potential illegal fragment detected: " + sqlFragment);`
`493`	`493`
`494`	`494`	`return sqlFragment;`
Original file line number	Diff line number	Diff line change
`@@ -84,7 +84,7 @@ public int dbExec(TemplateScopeContext scope, string sql, Dictionary<string, obj`
`84`	`84`	`public string sqlTake(int? limit) => padCondition(OrmLiteConfig.DialectProvider.SqlLimit(null, limit));`
`85`	`85`	`public string ormliteVar(string name) => OrmLiteConfig.DialectProvider.Variables.TryGetValue(name, out var value) ? value : null;`
`86`	`86`
`87`		`- public bool isSqlSafe(string sql) => OrmLiteUtils.IsSqlSafe(sql);`
	`87`	`+ public bool isUnsafeSql(string sql) => OrmLiteUtils.isUnsafeSql(sql);`
`88`	`88`
`89`	`89`	`private string padCondition(string text) => string.IsNullOrEmpty(text) ? "" : " " + text;`
`90`	`90`	`}`
Original file line number	Diff line number	Diff line change
`@@ -86,7 +86,7 @@ public Task<object> dbExec(TemplateScopeContext scope, string sql, Dictionary<st`
`86`	`86`	`public string sqlTake(int? limit) => padCondition(OrmLiteConfig.DialectProvider.SqlLimit(null, limit));`
`87`	`87`	`public string ormliteVar(string name) => OrmLiteConfig.DialectProvider.Variables.TryGetValue(name, out var value) ? value : null;`
`88`	`88`
`89`		`- public bool isSqlSafe(string sql) => OrmLiteUtils.IsSqlSafe(sql);`
	`89`	`+ public bool isUnsafeSql(string sql) => OrmLiteUtils.isUnsafeSql(sql);`
`90`	`90`
`91`	`91`	`private string padCondition(string text) => string.IsNullOrEmpty(text) ? "" : " " + text;`
`92`	`92`	`}`