Jean Boussier
Jean Boussier
Lol, I totally forgot about that one. I can't believe it haven't been fixed yet.
> I would rather do something like this in my app instead: Yes that works too. If you use it for limit and enforce integers, there's no inject risk. >...
I'll be closing as I'm afraid there's really nothing we can do here. That said if someone has ideas on how to make this more usable, I'm open to it.
My bad, re-reading the issue, I forgot to look at `sanitize_for_limit`. Reopening.
> it sounds like `'10.0'` (surrounded by quotes) gets typecast by MySQL to `0.0` internally since `numeric_field` is an integer field type and this ends up producing invalid results for...
I see. You can solve this issue without a monkey patch with a cast: ```sql mysql> SELECT * FROM models WHERE IFNULL(numeric_field, CAST('20.0' AS DECIMAL)) >= '20.0'; +---------------+ | numeric_field...
For the explanation: https://dev.mysql.com/doc/refman/5.7/en/flow-control-functions.html#function_ifnull > The default return type of [IFNULL(expr1,expr2)](https://dev.mysql.com/doc/refman/5.7/en/flow-control-functions.html#function_ifnull) is the more “general” of the two expressions, in the order STRING, REAL, or INTEGER. So `IFNULL(integer, string)` always...
> Interestingly this works as expected, even though one datatype is a string: Yes, it has to do with how MySQL does casting, and it because of its casting rules...
> Seems my original use-case is not supported. Yeah, I asked to remove it because: > One part I'm a bit on the fence with is select({ "UPPER(title)" => :title...