method

sanitize_limit

v3.0.0 - Show latest stable - Class: ActiveRecord::ConnectionAdapters::DatabaseStatements

sanitize_limit(limit)

protected

Sanitizes the given LIMIT parameter in order to prevent SQL injection.

limit may be anything that can evaluate to a string via #to_s. It should look like an integer, or a comma-delimited list of integers.

Returns the sanitized limit parameter, either as an integer, or as a string which contains a comma-delimited list of integers.

# File activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb, line 284
        def sanitize_limit(limit)
          if limit.to_s =~ /,/
            limit.to_s.split(',').map{ |i| i.to_i }.join(',')
          else
            limit.to_i
          end
        end

sanitize_limit

Related methods