发表新帖
发表新帖

How to sanitize sql fragment in Rails

前端 未结
关注
6 634
南方客
南方客 2021-02-01 13:28

I have to sanitize a part of sql query. I can do something like this:

class << ActiveRecord::Base
  public :sanitize_sql
end

str = ActiveRecord::Base.sani
6条回答
  • 刺人心
    刺人心 (楼主)
    2021-02-01 14:28

    You can bypass the protectedness of the method by invoking indirectly:

    str = ActiveRecord::Base.__send__(:sanitize_sql, ["AND column1 = ?", "two's"], '')

    ... which will at least spare you having to refashion that method as public.

    (I'm a bit suspicious that you actually need to do this, but the above will work.)

    0 讨论(0)
 看不清?
提交回复
热议问题