github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-31 11:58:33 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: use sql_fragment instead of sanitize_sql_array (#11460)

Browse Source 
This is a follow up to comment under this PR https://github.com/discourse/discourse/pull/11441

Sam suggested using sql_fragment instead of sanitize_sql_array
This commit is contained in:
Krzysztof Kotlarek
2020-12-11 10:56:26 +11:00
committed by GitHub
parent aa0d4ea764
commit 3ea4f36f26
3 changed files with 8 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
app/models/theme_field.rb
View File

@ -20,12 +20,12 @@ class ThemeField < ActiveRecord::Base
return none unless locale_codes.present?
where(target_id: Theme.targets[:translations], name: locale_codes)
.joins(self.sanitize_sql_array([
.joins(DB.sql_fragment(
"JOIN (
SELECT * FROM (VALUES #{locale_codes.map { "(?)" }.join(",")}) as Y (locale_code, locale_sort_column)
) as Y ON Y.locale_code = theme_fields.name",
*locale_codes.map.with_index { |code, index| [code, index] }
]))
))
.order("Y.locale_sort_column")
}