API Guides

instance method sanitize_sql_like

Ruby on Rails 7.0.10

Since v4.2.9

Available in: v4.2.9 v5.2.8.1 v6.0.6 v6.1.7.10 v7.0.10 v7.1.6 v7.2.3 v8.0.4 v8.1.2 

sanitize_sql_like(string, escape_character = "\\")

Sanitizes a string so that it is safe to use within an SQL LIKE statement. This method uses escape_character to escape all occurrences of itself, “_” and “%”.

sanitize_sql_like("100% true!")
# => "100\\% true!"

sanitize_sql_like("snake_cased_string")
# => "snake\\_cased\\_string"

sanitize_sql_like("100% true!", "!")
# => "100!% true!!"

sanitize_sql_like("snake_cased_string", "!")
# => "snake!_cased!_string"

Parameters

string req
escape_character opt = "\\"
Source 
# File activerecord/lib/active_record/sanitization.rb, line 109
      def sanitize_sql_like(string, escape_character = "\\")
        pattern = Regexp.union(escape_character, "%", "_")
        string.gsub(pattern) { |x| [escape_character, x].join }
      end

Defined in activerecord/lib/active_record/sanitization.rb line 109 · View on GitHub · Improve this page · Find usages on GitHub

Defined in ActiveRecord::Sanitization::ClassMethods

Type at least 2 characters to search.

↑↓ navigate · open · esc close