1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
From dcdc3d8675411edce3965941a2ca7c441ca48613 Mon Sep 17 00:00:00 2001
From: Alex Reisner <alex@alexreisner.com>
Date: Thu, 23 Jan 2020 09:08:45 -0700
Subject: [PATCH] Sanitize lat/lon for SQL query.
---
lib/geocoder/sql.rb | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
--- a/lib/geocoder/sql.rb
+++ b/lib/geocoder/sql.rb
@@ -44,13 +44,13 @@
end
def within_bounding_box(sw_lat, sw_lng, ne_lat, ne_lng, lat_attr, lon_attr)
- spans = "#{lat_attr} BETWEEN #{sw_lat} AND #{ne_lat} AND "
+ spans = "#{lat_attr} BETWEEN #{sw_lat.to_f} AND #{ne_lat.to_f} AND "
# handle box that spans 180 longitude
if sw_lng.to_f > ne_lng.to_f
- spans + "(#{lon_attr} BETWEEN #{sw_lng} AND 180 OR " +
- "#{lon_attr} BETWEEN -180 AND #{ne_lng})"
+ spans + "(#{lon_attr} BETWEEN #{sw_lng.to_f} AND 180 OR " +
+ "#{lon_attr} BETWEEN -180 AND #{ne_lng.to_f})"
else
- spans + "#{lon_attr} BETWEEN #{sw_lng} AND #{ne_lng}"
+ spans + "#{lon_attr} BETWEEN #{sw_lng.to_f} AND #{ne_lng.to_f}"
end
end
|
