API Guides

instance method sanitize_sql_for_conditions

Ruby on Rails 4.2.9

Since v3.2.22.5

Available in: v3.2.22.5 v4.0.13 v4.1.16 v4.2.9 v5.2.8.1 v6.0.6 v6.1.7.10 v7.0.10 v7.1.6 v7.2.3 v8.0.4 v8.1.2 

sanitize_sql_for_conditions(condition, table_name = self.table_name)

Accepts an array, hash, or string of SQL conditions and sanitizes them into a valid SQL fragment for a WHERE clause.

["name='%s' and group_id='%s'", "foo'bar", 4]  returns  "name='foo''bar' and group_id='4'"
{ name: "foo'bar", group_id: 4 }  returns "name='foo''bar' and group_id='4'"
"name='foo''bar' and group_id='4'" returns "name='foo''bar' and group_id='4'"

Parameters

condition req
table_name opt = self.table_name
Source 
# File activerecord/lib/active_record/sanitization.rb, line 22
      def sanitize_sql_for_conditions(condition, table_name = self.table_name)
        return nil if condition.blank?

        case condition
        when Array; sanitize_sql_array(condition)
        when Hash;  sanitize_sql_hash_for_conditions(condition, table_name)
        else        condition
        end
      end

Defined in activerecord/lib/active_record/sanitization.rb line 22 · View on GitHub · Improve this page · Find usages on GitHub

Defined in ActiveRecord::Sanitization::ClassMethods

Type at least 2 characters to search.

↑↓ navigate · open · esc close