API Guides

instance method sanitize_sql_for_conditions

Ruby on Rails 6.0.6

Since v3.2.22.5

Available in: v3.2.22.5 v4.0.13 v4.1.16 v4.2.9 v5.2.8.1 v6.0.6 v6.1.7.10 v7.0.10 v7.1.6 v7.2.3 v8.0.4 v8.1.2 

sanitize_sql_for_conditions(condition)

Accepts an array or string of SQL conditions and sanitizes them into a valid SQL fragment for a WHERE clause.

sanitize_sql_for_conditions(["name=? and group_id=?", "foo'bar", 4])
# => "name='foo''bar' and group_id=4"

sanitize_sql_for_conditions(["name=:name and group_id=:group_id", name: "foo'bar", group_id: 4])
# => "name='foo''bar' and group_id='4'"

sanitize_sql_for_conditions(["name='%s' and group_id='%s'", "foo'bar", 4])
# => "name='foo''bar' and group_id='4'"

sanitize_sql_for_conditions("name='foo''bar' and group_id='4'")
# => "name='foo''bar' and group_id='4'"

Parameters

condition req
Source 
# File activerecord/lib/active_record/sanitization.rb, line 22
      def sanitize_sql_for_conditions(condition)
        return nil if condition.blank?

        case condition
        when Array; sanitize_sql_array(condition)
        else        condition
        end
      end

Defined in activerecord/lib/active_record/sanitization.rb line 22 · View on GitHub · Improve this page · Find usages on GitHub

Defined in ActiveRecord::Sanitization::ClassMethods

Type at least 2 characters to search.

↑↓ navigate · open · esc close