How to sanitize sql fragment in Rails
Posted
by dimus
on Stack Overflow
See other posts from Stack Overflow
or by dimus
Published on 2010-06-09T19:07:06Z
Indexed on
2010/06/09
19:12 UTC
Read the original article
Hit count: 268
I have to sanitize a part of sql query. I can do something like this:
class << ActiveRecord::Base
public :sanitize_sql
end
str = ActiveRecord::Base.sanitize_sql(["AND column1 = ?", "two's"], '')
But it is not safe because I expose protected method. What is a better way to do it?
© Stack Overflow or respective owner