ENHANCEMENT Added prepValueForDB() which is called on DBField->writeToManipulation which ensures formatting of value before insertion to DB on a per-DBField type basis.

ENHANCEMENT Added DBFieldTest to test prepValueForDB()

git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/sapphire/trunk@62267 467b73ca-7a2a-4603-9d3b-597d59a354a9

core/model/fieldtypes/Boolean.php

@@ -39,6 +39,21 @@ class Boolean extends DBField {
 	public function scaffoldFormField($title = null) {
 		return new CheckboxField($this->name, $title);
 	}
+
+	/**
+	 * Return an encoding of the given value suitable for inclusion in a SQL statement.
+	 * If necessary, this should include quotes.
+	 */
+	function prepValueForDB($value) {
+		if($value === true) {
+			return 1;
+		} if(!$value || !is_numeric($value)) {
+			return "0";
+		} else {
+			return addslashes($value);
+		}
+	}
+	
 }
 
 ?>

core/model/fieldtypes/DBField.php

@@ -100,20 +100,36 @@ abstract class DBField extends ViewableData {
 		return ($this->value);
 	}
 	
+	/**
+	 * Return an encoding of the given value suitable
+	 * for inclusion in a SQL statement. If necessary,
+	 * this should include quotes.
+	 * 
+	 * @param $value mixed The value to check
+	 * @return string The encoded value
+	 */
+	function prepValueForDB($value) {
+		if($value === null || $value === "" || $value === false) {
+			return "null";
+		} else {
+			return "'" . addslashes($value) . "'";
+		}
+	}	
+	
 	/**
 	 * Prepare the current field for usage in a 
 	 * database-manipulation (works on a manipulation reference).
 	 * 
 	 * Make value safe for insertion into
 	 * a SQL SET statement by applying addslashes() - 
-	 * can also be used to apply
-	 * special SQL-commands to the raw value
-	 * (e.g. for GIS functionality).
+	 * can also be used to apply special SQL-commands
+	 * to the raw value (e.g. for GIS functionality).
+	 * {@see prepValueForDB}
 	 * 
 	 * @param array $manipulation
 	 */
 	function writeToManipulation(&$manipulation) {
-		$manipulation['fields'][$this->name] = $this->hasValue() ? "'" . addslashes($this->value) . "'" : $this->nullValue();
+		$manipulation['fields'][$this->name] = $this->hasValue() ? $this->prepValueForDB($this->value) : $this->nullValue();
 	}
 	
 	/**
@@ -256,5 +272,6 @@ abstract class DBField extends ViewableData {
 </ul>
 DBG;
 	}
+	
 }
 ?>

core/model/fieldtypes/Decimal.php

@@ -40,6 +40,21 @@ class Decimal extends DBField {
 	public function scaffoldFormField($title = null) {
 		return new NumericField($this->name, $title);
 	}
+
+	/**
+	 * Return an encoding of the given value suitable for inclusion in a SQL statement.
+	 * If necessary, this should include quotes.
+	 */
+	function prepValueForDB($value) {
+		if($value === true) {
+			return 1;
+		} if(!$value || !is_numeric($value)) {
+			return "0";
+		} else {
+			return addslashes($value);
+		}
+	}
+	
 }
 
 ?>

core/model/fieldtypes/Float.php

@@ -25,5 +25,20 @@ class Float extends DBField {
 	public function scaffoldFormField($title = null) {
 		return new NumericField($this->name, $title);
 	}
+
+	/**
+	 * Return an encoding of the given value suitable for inclusion in a SQL statement.
+	 * If necessary, this should include quotes.
+	 */
+	function prepValueForDB($value) {
+		if($value === true) {
+			return 1;
+		} if(!$value || !is_numeric($value)) {
+			return "0";
+		} else {
+			return addslashes($value);
+		}
+	}
+	
 }
 ?>

core/model/fieldtypes/Int.php

@@ -42,6 +42,20 @@ class Int extends DBField {
 		return new NumericField($this->name, $title);
 	}
 	
+	/**
+	 * Return an encoding of the given value suitable for inclusion in a SQL statement.
+	 * If necessary, this should include quotes.
+	 */
+	function prepValueForDB($value) {
+		if($value === true) {
+			return 1;
+		} if(!$value || !is_numeric($value)) {
+			return "0";
+		} else {
+			return addslashes($value);
+		}
+	}
+	
 }
 
 ?>

tests/fieldtypes/DBFieldTest.php

@@ -0,0 +1,77 @@
+<?php
+
+class DBFieldTest extends SapphireTest {
+	
+	/**
+	 * Test the prepValueForDB() method on DBField.
+	 */
+	function testPrepValueForDB() {
+		
+		/* Integer behaviour, asserting we have 0 */
+		$this->assertEquals('0', singleton('Int')->prepValueForDB(0));
+		$this->assertEquals('0', singleton('Int')->prepValueForDB(null));
+		$this->assertEquals('0', singleton('Int')->prepValueForDB(false));
+		$this->assertEquals('0', singleton('Int')->prepValueForDB(''));
+		$this->assertEquals('0', singleton('Int')->prepValueForDB('0'));
+		
+		/* Integer behaviour, asserting we have 1 */
+		$this->assertEquals('1', singleton('Int')->prepValueForDB(true));
+		$this->assertEquals('1', singleton('Int')->prepValueForDB(1));
+		$this->assertEquals('1', singleton('Int')->prepValueForDB('1'));
+
+		/* Decimal behaviour, asserting we have 0 */
+		$this->assertEquals('0', singleton('Decimal')->prepValueForDB(0));
+		$this->assertEquals('0', singleton('Decimal')->prepValueForDB(null));
+		$this->assertEquals('0', singleton('Decimal')->prepValueForDB(false));
+		$this->assertEquals('0', singleton('Decimal')->prepValueForDB(''));
+		$this->assertEquals('0', singleton('Decimal')->prepValueForDB('0'));
+
+		/* Decimal behaviour, asserting we have 1 */
+		$this->assertEquals('1', singleton('Decimal')->prepValueForDB(true));
+		$this->assertEquals('1', singleton('Decimal')->prepValueForDB(1));
+		$this->assertEquals('1', singleton('Decimal')->prepValueForDB('1'));
+
+		/* Boolean behaviour, asserting we have 0 */
+		$this->assertEquals('0', singleton('Boolean')->prepValueForDB(0));
+		$this->assertEquals('0', singleton('Boolean')->prepValueForDB(null));
+		$this->assertEquals('0', singleton('Boolean')->prepValueForDB(false));
+		$this->assertEquals('0', singleton('Boolean')->prepValueForDB(''));
+		$this->assertEquals('0', singleton('Boolean')->prepValueForDB('0'));
+		
+		/* Boolean behaviour, asserting we have 1 */
+		$this->assertEquals('1', singleton('Boolean')->prepValueForDB(true));
+		$this->assertEquals('1', singleton('Boolean')->prepValueForDB(1));
+		$this->assertEquals('1', singleton('Boolean')->prepValueForDB('1'));
+		
+		/* Varchar behaviour */
+		$this->assertEquals("'0'", singleton('Varchar')->prepValueForDB(0));
+		$this->assertEquals("null", singleton('Varchar')->prepValueForDB(null));
+		$this->assertEquals("null", singleton('Varchar')->prepValueForDB(false));
+		$this->assertEquals("null", singleton('Varchar')->prepValueForDB(''));
+		$this->assertEquals("'0'", singleton('Varchar')->prepValueForDB('0'));
+		$this->assertEquals("'1'", singleton('Varchar')->prepValueForDB(1));
+		$this->assertEquals("'1'", singleton('Varchar')->prepValueForDB(true));
+		$this->assertEquals("'1'", singleton('Varchar')->prepValueForDB('1'));
+		$this->assertEquals("'00000'", singleton('Varchar')->prepValueForDB('00000'));
+		$this->assertEquals("'0'", singleton('Varchar')->prepValueForDB(0000));
+		$this->assertEquals("'test'", singleton('Varchar')->prepValueForDB('test'));
+		$this->assertEquals("'123'", singleton('Varchar')->prepValueForDB(123));
+
+		/* Text behaviour */
+		$this->assertEquals("'0'", singleton('Text')->prepValueForDB(0));
+		$this->assertEquals("null", singleton('Text')->prepValueForDB(null));
+		$this->assertEquals("null", singleton('Text')->prepValueForDB(false));
+		$this->assertEquals("null", singleton('Text')->prepValueForDB(''));
+		$this->assertEquals("'0'", singleton('Text')->prepValueForDB('0'));
+		$this->assertEquals("'1'", singleton('Text')->prepValueForDB(1));
+		$this->assertEquals("'1'", singleton('Text')->prepValueForDB(true));
+		$this->assertEquals("'1'", singleton('Text')->prepValueForDB('1'));
+		$this->assertEquals("'00000'", singleton('Text')->prepValueForDB('00000'));
+		$this->assertEquals("'0'", singleton('Text')->prepValueForDB(0000));
+		$this->assertEquals("'test'", singleton('Text')->prepValueForDB('test'));
+		$this->assertEquals("'123'", singleton('Text')->prepValueForDB(123));
+	}
+	
+}
+
+?>