Esempio n. 1
0
        public void Format_ShouldEscape()
        {
            string sql = CommandText.Format("SELECT * FROM Region WHERE RegionDescription = @RegionDescription", new SqlParameter
            {
                DbType        = DbType.String,
                ParameterName = "@RegionDescription",
                Value         = "cica';\r\nDROP TABLE Region -- comment last quote"
            });

            Assert.That(sql, Is.EqualTo("SELECT * FROM Region WHERE RegionDescription = 'cica'';\r\nDROP TABLE Region -- comment last quote'"));
        }
Esempio n. 2
0
        public void Format_ShouldAccept(string fmt)
        {
            IDataParameter
                p1 = new SqlParameter {
                DbType = DbType.Int32, Value = 1, ParameterName = "@RegionID"
            },
                p2 = new SqlParameter {
                DbType = DbType.String, Value = "cica", ParameterName = "RegionDescription"                         /*direkt nincs @*/
            };

            Assert.That(CommandText.Format(fmt, p1, p2), Is.EqualTo("INSERT INTO Region (RegionID, RegionDescription) VALUES (1, 'cica')"));
        }
Esempio n. 3
0
 public void Format_ShouldValidateTheName(string sql) =>
 Assert.Throws <KeyNotFoundException>(() => CommandText.Format(sql));
Esempio n. 4
0
 public void Format_ShouldValidateTheIndex(string sql) =>
 Assert.Throws <IndexOutOfRangeException>(() => CommandText.Format(sql));
Esempio n. 5
0
 public void Format_ShouldThrowOnNull()
 {
     Assert.Throws <ArgumentNullException>(() => CommandText.Format(null));
     Assert.Throws <ArgumentNullException>(() => CommandText.Format("", paramz: null));
 }