Skip to content

fix: failed to modify field comment when empty due to incorrect conditions #150

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
jinzhu merged 1 commit into from
May 25, 2025
Merged

fix: failed to modify field comment when empty due to incorrect conditions #150

jinzhu merged 1 commit into from
May 25, 2025

Conversation

@iTanken
Copy link
Contributor

@iTanken iTanken commented Mar 18, 2025
edited
Loading

  • Do only one thing
  • Non breaking API changes
    • GetColumnComment(*gorm.Statement, string) string => GetColumnComment(*gorm.Statement, string) sql.NullString
  • Tested

What did this pull request do?

@jinzhu Fix issue where modifying field comments failed when the field comment was an empty string due to incorrect judgment conditions.

User Case Description

type TestTableFieldComment struct {
	ID       string     `gorm:"column:id;primaryKey;comment:"`  // field comment is an empty string
	// ...
}

func (*TestTableFieldComment) TableName() string { return "test_table_field_comment" }

// =>

type TestTableFieldCommentUpdate struct {
	ID       string     `gorm:"column:id;primaryKey;comment:ID"`
	// ...
}

func (*TestTableFieldCommentUpdate) TableName() string { return "test_table_field_comment" }

jinzhu
jinzhu reviewed Apr 17, 2025
View reviewed changes
migrator.go
return m.DB.Exec(
"EXEC sp_updateextendedproperty 'MS_Description', ?, 'SCHEMA', ?, 'TABLE', ?, 'COLUMN', ?",
field.Comment, schemaName, stmt.Table, field.DBName,
"EXEC sp_updateextendedproperty 'MS_Description', N'?', 'SCHEMA', ?, 'TABLE', ?, 'COLUMN', ?",
Copy link
Member

@jinzhu jinzhu Apr 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

will this change cause sql inject?

Copy link
Contributor Author

@iTanken iTanken Apr 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Apologies, it indeed could lead to SQL injection, and this issue has been fixed.

@iTanken iTanken force-pushed the fix_empty_field_comments branch from 606ad2b to aef868a Compare April 17, 2025 04:54
@jinzhu jinzhu merged commit cc3a5ff into go-gorm:master May 25, 2025
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jinzhu jinzhu jinzhu left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@iTanken @jinzhu