instance method
sanitize_sql_like
Ruby on Rails 7.2.3
Since v4.2.9Signature
sanitize_sql_like(string, escape_character = "\\")
Sanitizes a string so that it is safe to use within an SQL LIKE statement. This method uses escape_character to escape all occurrences of itself, “_” and “%”.
sanitize_sql_like("100% true!")
# => "100\\% true!"
sanitize_sql_like("snake_cased_string")
# => "snake\\_cased\\_string"
sanitize_sql_like("100% true!", "!")
# => "100!% true!!"
sanitize_sql_like("snake_cased_string", "!")
# => "snake!_cased!_string"
Parameters
-
stringreq -
escape_characteropt = "\\"
Source
# File activerecord/lib/active_record/sanitization.rb, line 131
def sanitize_sql_like(string, escape_character = "\\")
if string.include?(escape_character) && escape_character != "%" && escape_character != "_"
string = string.gsub(escape_character, '\0\0')
end
string.gsub(/(?=[%_])/, escape_character)
end
Defined in activerecord/lib/active_record/sanitization.rb line 131
· View on GitHub
· Improve this page
· Find usages on GitHub
Defined in ActiveRecord::Sanitization::ClassMethods