How to sanitize sql fragment in Rails

Posted by dimus on Stack Overflow See other posts from Stack Overflow or by dimus
Published on 2010-06-09T19:07:06Z Indexed on 2010/06/09 19:12 UTC
Read the original article Hit count: 268

Filed under:
|
|

I have to sanitize a part of sql query. I can do something like this:

class << ActiveRecord::Base
  public :sanitize_sql
end

str = ActiveRecord::Base.sanitize_sql(["AND column1 = ?", "two's"], '')

But it is not safe because I expose protected method. What is a better way to do it?

© Stack Overflow or respective owner

Related posts about sql

Related posts about ruby-on-rails