instance method
quote
Ruby on Rails 3.0.20
Since v2.2.3Signature
quote(value, column = nil)Quotes the column value to help prevent SQL injection attacks.
Parameters
-
valuereq -
columnopt = nil
Source
# File activerecord/lib/active_record/connection_adapters/abstract/quoting.rb, line 8
def quote(value, column = nil)
# records are quoted as their primary key
return value.quoted_id if value.respond_to?(:quoted_id)
case value
when String, ActiveSupport::Multibyte::Chars
value = value.to_s
if column && column.type == :binary && column.class.respond_to?(:string_to_binary)
"'#{quote_string(column.class.string_to_binary(value))}'" # ' (for ruby-mode)
elsif column && [:integer, :float].include?(column.type)
value = column.type == :integer ? value.to_i : value.to_f
value.to_s
else
"'#{quote_string(value)}'" # ' (for ruby-mode)
end
when NilClass then "NULL"
when TrueClass then (column && column.type == :integer ? '1' : quoted_true)
when FalseClass then (column && column.type == :integer ? '0' : quoted_false)
when Float, Fixnum, Bignum then value.to_s
# BigDecimals need to be output in a non-normalized form and quoted.
when BigDecimal then value.to_s('F')
when Symbol then "'#{quote_string(value.to_s)}'"
else
if value.acts_like?(:date) || value.acts_like?(:time)
"'#{quoted_date(value)}'"
else
"'#{quote_string(value.to_yaml)}'"
end
end
end
Defined in activerecord/lib/active_record/connection_adapters/abstract/quoting.rb line 8
· View on GitHub
· Improve this page
· Find usages on GitHub
Defined in ActiveRecord::ConnectionAdapters::Quoting