Don't escape serialized complex types in parameterized queries

Author: mythz

src/ServiceStack.OrmLite/FieldDefinition.cs

@@ -11,7 +11,6 @@
 
 using System;
 using System.Reflection;
-using ServiceStack.Text;
 
 namespace ServiceStack.OrmLite
 {
@@ -85,6 +84,8 @@ public string GetQuotedValue(object fromInstance)
         public bool IsReference { get; set; }
 
         public string CustomFieldDefinition { get; set; }
+
+        public bool IsRefType { get; set; }
     }
 
     public class ForeignKeyConstraint

src/ServiceStack.OrmLite/OrmLiteConfigExtensions.cs

@@ -173,8 +173,9 @@ internal static ModelDefinition GetModelDefinition(this Type modelType)
                     Scale = decimalAttribute != null ? decimalAttribute.Scale : (int?)null,
                     BelongToModelName = belongToAttribute != null ? belongToAttribute.BelongToTableType.GetModelDefinition().ModelName : null,
                     CustomFieldDefinition = customFieldAttr != null ? customFieldAttr.Sql : null,
+                    IsRefType = propertyType.IsRefType(),
                 };
-
+                
                 var isIgnored = propertyInfo.HasAttributeNamed(typeof(IgnoreAttribute).Name)
                     || fieldDefinition.IsReference;
                 if (isIgnored)

src/ServiceStack.OrmLite/OrmLiteDialectProviderBase.cs

@@ -682,11 +682,7 @@ public virtual void SetParameterValues<T>(IDbCommand dbCmd, object obj)
 
         public virtual void SetParameterValue<T>(FieldDefinition fieldDef, IDataParameter p, object obj)
         {
-            var knownType = DbTypeMap.ColumnDbTypeMap.ContainsKey(fieldDef.ColumnType);
-            var value = knownType
-                ? GetValueOrDbNull<T>(fieldDef, obj)
-                : GetQuotedValueOrDbNull<T>(fieldDef, obj);
-
+            var value = GetValueOrDbNull<T>(fieldDef, obj);
             p.Value = value;
         }
 
@@ -698,9 +694,14 @@ protected virtual object GetValue<T>(FieldDefinition fieldDef, object obj)
 
             if (value != null)
             {
-                if (fieldDef.ColumnType == typeof(object))
+                if (fieldDef.IsRefType)
                 {
-                    return value.ToJsv();
+                    //Let ADO.NET providers handle byte[]
+                    if (fieldDef.FieldType == typeof(byte[]))
+                    {
+                        return value;
+                    }
+                    return OrmLiteConfig.DialectProvider.StringSerializer.SerializeToString(value);
                 }
                 if (fieldDef.FieldType == typeof(TimeSpan))
                 {
@@ -1250,7 +1251,7 @@ public virtual string GetQuotedValue(object value, Type fieldType)
             if (value == null) return "NULL";
 
             var dialectProvider = OrmLiteConfig.DialectProvider;
-            if ((!fieldType.UnderlyingSystemType.IsValueType || JsConfig.TreatValueAsRefTypes.Contains(fieldType.IsGeneric() ? fieldType.GenericTypeDefinition() : fieldType)) && fieldType != typeof(string))
+            if (fieldType.IsRefType())
             {
                 return dialectProvider.GetQuotedValue(dialectProvider.StringSerializer.SerializeToString(value));
             }

src/ServiceStack.OrmLite/OrmLiteUtilExtensions.cs

@@ -14,6 +14,7 @@
 using System.Collections.Generic;
 using System.Data;
 using System.Text;
+using ServiceStack.Text;
 
 namespace ServiceStack.OrmLite
 {
@@ -279,5 +280,13 @@ public static Dictionary<string, int> GetIndexFieldsCache(this IDataReader reade
             return cache;
         }
 
+        public static bool IsRefType(this Type fieldType)
+        {
+            return (!fieldType.UnderlyingSystemType.IsValueType
+                || JsConfig.TreatValueAsRefTypes.Contains(fieldType.IsGeneric()
+                    ? fieldType.GenericTypeDefinition()
+                    : fieldType))
+                && fieldType != typeof(string);
+        }
     }
 }

tests/ServiceStack.OrmLite.Tests/ExpressionVisitorTests.cs

@@ -87,18 +87,17 @@ public void Can_Select_using_new()
             using (var con = OpenDbConnection())
             {
                 con.Insert(new TestType
-                               {
-                                   Id = 5,
-                                   BoolCol = false,
-                                   DateCol = new DateTime(2012, 5, 1),
-                                   TextCol = "uiop",
-                                   EnumCol = TestEnum.Val3,
-                                   ComplexObjCol = new TestType {TextCol = "poiu"}
-                               });
-
-                var target =
-                    OpenDbConnection().Select<TestType>(
-                        q => q.ComplexObjCol == new TestType() {TextCol = "poiu"});
+                {
+                    Id = 5,
+                    BoolCol = false,
+                    DateCol = new DateTime(2012, 5, 1),
+                    TextCol = "uiop",
+                    EnumCol = TestEnum.Val3,
+                    ComplexObjCol = new TestType { TextCol = "poiu" }
+                });
+
+                var target = OpenDbConnection().Select<TestType>(
+                        q => q.ComplexObjCol == new TestType { TextCol = "poiu"});
                 Assert.AreEqual(1, target.Count);
             }
         }

tests/ServiceStack.OrmLite.Tests/OrmLiteComplexTypesTests.cs

@@ -102,8 +102,8 @@ public void Can_insert_Contact_with_Complex_NameDetail()
 
                 var contact = new Contact
                 {
-                    FullName = new NameDetail("Test", "Contact"),
-                    Email = "test@email.com",
+                    FullName = new NameDetail("Sinéad", "O'Connor"),
+                    Email = "Sinéad@O'Connor.com",
                     Age = 10
                 };
                 db.Save(contact);