sanitize_sql_for_conditions

sanitize_sql_for_conditions(condition, table_name = self.table_name)

Instance Protected methods

Accepts an array, hash, or string of SQL conditions and sanitizes them into a valid SQL fragment for a WHERE clause.

["name='%s' and group_id='%s'", "foo'bar", 4]  returns  "name='foo''bar' and group_id='4'"
{ name: "foo'bar", group_id: 4 }  returns "name='foo''bar' and group_id='4'"
"name='foo''bar' and group_id='4'" returns "name='foo''bar' and group_id='4'"

sanitize_sql

Links:

https://github.com/rails/rails/blob/424b2d8594121456ed347957714a20c62d09a5cd/activerecord/lib/active_record/sanitization.rb#L22

doc_ruby_on_rails

2015-06-20 00:00:00

Comments

Popular Articles

sanitize_sql_for_assignment sanitize_sql_for_assignment(assignments, default_table_name = self.table_name) Instance Protected methods Accepts an array, hash, or str

sanitize_sql_hash_for_conditions sanitize_sql_hash_for_conditions(attrs, default_table_name = self.table_name) Instance Protected methods Sanitizes a hash of attribute/v

sanitize_sql sanitize_sql(condition, table_name = self.table_name) Instance Protected methods Also aliased as: sanitize_conditions

sanitize_sql_array sanitize_sql_array(ary) Instance Protected methods Accepts an array of conditions. The array has each value sanitized and interpolated i

sanitize_sql_hash_for_assignment sanitize_sql_hash_for_assignment(attrs, table) Instance Protected methods Sanitizes a hash of attribute/value pairs into SQL conditions