class method
self.sanitize_sql_hash_for_conditions
Ruby on Rails 2.3.18
Since v2.2.3 Last seen in v3.1.12Signature
self.sanitize_sql_hash_for_conditions(attrs, default_table_name = quoted_table_name, top_level = true)Sanitizes a hash of attribute/value pairs into SQL conditions for a WHERE clause.
{ :name => "foo'bar", :group_id => 4 }
# => "name='foo''bar' and group_id= 4"
{ :status => nil, :group_id => [1,2,3] }
# => "status IS NULL and group_id IN (1,2,3)"
{ :age => 13..18 }
# => "age BETWEEN 13 AND 18"
{ 'other_records.id' => 7 }
# => "`other_records`.`id` = 7"
{ :other_records => { :id => 7 } }
# => "`other_records`.`id` = 7"
And for value objects on a composed_of relationship:
{ :address => Address.new("123 abc st.", "chicago") }
# => "address_street='123 abc st.' and address_city='chicago'"
Parameters
-
attrsreq -
default_table_nameopt = quoted_table_name -
top_levelopt = true
Source
# File activerecord/lib/active_record/base.rb, line 2340
def sanitize_sql_hash_for_conditions(attrs, default_table_name = quoted_table_name, top_level = true)
attrs = expand_hash_conditions_for_aggregates(attrs)
return '1 = 2' if !top_level && attrs.is_a?(Hash) && attrs.empty?
conditions = attrs.map do |attr, value|
table_name = default_table_name
if not value.is_a?(Hash)
attr = attr.to_s
# Extract table name from qualified attribute names.
if attr.include?('.') and top_level
attr_table_name, attr = attr.split('.', 2)
attr_table_name = connection.quote_table_name(attr_table_name)
else
attr_table_name = table_name
end
attribute_condition("#{attr_table_name}.#{connection.quote_column_name(attr)}", value)
elsif top_level
sanitize_sql_hash_for_conditions(value, connection.quote_table_name(attr.to_s), false)
else
raise ActiveRecord::StatementInvalid
end
end.join(' AND ')
replace_bind_variables(conditions, expand_range_bind_variables(attrs.values))
end
Defined in activerecord/lib/active_record/base.rb line 2340
· View on GitHub
· Improve this page
· Find usages on GitHub
Defined in ActiveRecord::Base