发表新帖
发表新帖

Rails SQL injection?

后端 未结
关注
3 1255
长发绾君心
长发绾君心 2020-12-05 02:42

In Rails, when I want to find by a user given value and avoid SQL injection (escape apostrophes and the like) I can do something like this:

Post.all(:conditi
3条回答
  • 遥遥无期
    遥遥无期 (楼主)
    2020-12-05 02:57

    +1 @fphilipe and @yuval Check this 5 min video from railscast and this one from rails guide

    0 讨论(0)
 看不清?
提交回复
热议问题