RSpec
Ruby on Rails
Ruby
method
sanitize_sql
v3.1.0 -
Show latest stable
-
3 notes -
Class: ActiveRecord::Base
- 1.0.0 (0)
- 1.1.6 (0)
- 1.2.6 (13)
- 2.0.3
- 2.1.0
- 2.2.1
- 2.3.8
- 3.0.0
- 3.0.9 (-32)
- 3.1.0 (0)
- 3.2.1
- 3.2.8
- 3.2.13
- 4.0.2
- 4.1.8
- 4.2.1
- 4.2.7
- 4.2.9
- 5.0.0.1
- 5.1.7
- 5.2.3
- 6.0.0
- 6.1.3.1
- 6.1.7.7
- 7.0.0
- 7.1.3.2
- 7.1.3.4
- What's this?
-
===
-
abstract_class?
-
accessible_attributes
(<= v2.3.8)
-
active_connection_name
(<= v2.1.0)
-
add_conditions!
(<= v2.3.8)
-
add_group!
(<= v2.3.8)
-
add_joins!
(<= v2.3.8)
-
add_limit!
(<= v2.3.8)
-
add_lock!
(<= v2.3.8)
-
add_order!
(<= v2.3.8)
-
aggregate_mapping
-
all
(<= v2.3.8)
-
all_attributes_exists?
-
allow_concurrency
(<= v2.3.8)
-
allow_concurrency=
(<= v2.3.8)
-
arel_engine
-
arel_table
-
array_of_strings?
(<= v2.3.8)
-
attr_accessible
(<= v2.3.8)
-
attribute_condition
(<= v2.3.8)
-
attribute_method?
-
attribute_names
-
attributes_protected_by_def...
-
attr_protected
(<= v2.3.8)
-
attr_readonly
-
base_class
-
before_remove_const
-
benchmark
(<= v2.3.8)
-
build_default_scope
-
class_name
(<= v2.3.8)
-
class_name_of_active_record...
(<= v2.3.8)
-
class_of_active_record_desc...
-
clear_active_connection_name
(<= v2.1.0)
-
clear_active_connections!
-
clear_all_cached_connections!
(<= v2.1.0)
-
clear_cache!
-
clear_connection_cache!
(<= v1.0.0)
-
clear_reloadable_connections!
(<= v2.1.0)
-
colorize_logging
(<= v3.0.9)
-
colorize_logging=
(<= v3.0.9)
-
column_defaults
-
column_methods_hash
-
column_names
-
columns
-
columns_hash
-
compute_table_name
-
compute_type
-
configurations
-
connected?
-
connection
-
connection=
(<= v2.1.0)
-
connection_config
-
connection_handler
-
connection_id
(>= v3.2.1)
-
connection_id=
(>= v3.2.1)
-
connection_pool
-
construct_attributes_from_a...
(<= v3.0.9)
-
construct_conditions_from_a...
(<= v1.1.6)
-
construct_finder_arel
-
construct_finder_sql
(<= v2.3.8)
-
content_columns
-
count
(<= v1.0.0)
-
count_by_sql
-
create
-
current_scope
-
current_scope=
-
current_scoped_methods
(<= v3.0.9)
-
decrement_counter
(<= v2.3.8)
-
default_scope
-
default_select
(<= v2.3.8)
-
default_timezone
-
define_attr_method
(<= v2.3.8)
-
delete
(<= v2.3.8)
-
delete_all
(<= v2.3.8)
-
descends_from_active_record?
-
destroy
(<= v2.3.8)
-
destroy_all
(<= v2.3.8)
-
determine_deprecated_finder
(<= v1.2.6)
-
determine_finder
(<= v2.1.0)
-
determine_instantiator
(<= v2.1.0)
-
encode_quoted_value
-
establish_connection
-
evaluate_default_scope
-
exists?
(<= v2.3.8)
-
expand_attribute_names_for_...
-
expand_hash_conditions_for_...
-
expand_id_conditions
(<= v2.3.8)
-
expand_range_bind_variables
-
extract_attribute_names_fro...
(<= v2.1.0)
-
extract_options_from_args!
(<= v1.0.0)
-
find
(<= v2.3.8)
-
find_by_sql
-
finder_needs_type_condition?
-
find_every
(<= v2.3.8)
-
find_from_ids
(<= v2.3.8)
-
find_initial
(<= v2.3.8)
-
find_last
(<= v2.3.8)
-
find_one
(<= v2.3.8)
-
find_some
(<= v2.3.8)
-
find_sti_class
-
first
(<= v2.3.8)
-
full_table_name_prefix
-
generated_feature_methods
(>= v3.2.1)
-
get_primary_key
(<= v2.3.8)
-
human_attribute_name
(<= v2.3.8)
-
human_name
(<= v2.3.8)
-
i18n_scope
-
ignore_default_scope=
-
ignore_default_scope?
-
increment_counter
(<= v2.3.8)
-
inheritance_column
-
inheritance_column=
-
inherited
(>= v2.1.0)
-
initialize_generated_modules
(>= v3.2.1)
-
inspect
-
instantiate
-
last
(<= v2.3.8)
-
log_connections
(<= v2.1.0)
-
logger
-
lookup_ancestors
-
matches_dynamic_finder?
(<= v2.1.0)
-
matches_dynamic_finder_with...
(<= v2.1.0)
-
merge_conditions
(<= v2.3.8)
-
merge_includes
(<= v2.3.8)
-
merge_joins
(<= v2.3.8)
-
method_missing
-
mysql2_connection
-
mysql_connection
-
new
-
parse_config!
(<= v1.2.6)
-
parse_sqlite_config!
(<= v2.3.8)
-
pluralize_table_names
-
postgresql_connection
-
primary_key
(<= v2.3.8)
-
primary_key_prefix_type
-
protected_attributes
(<= v2.3.8)
-
quote_bound_value
-
quoted_table_name
-
quote_value
-
raise_if_bind_arity_mismatch
-
read_methods
(<= v1.0.0)
-
readonly_attributes
-
relation
-
remove_connection
-
remove_stale_cached_threads!
(<= v2.1.0)
-
replace_bind_variables
-
replace_named_bind_variables
-
require_mysql
(<= v2.1.0)
-
reset_column_information
-
reset_column_information_an...
(<= v3.0.9)
-
reset_counters
(<= v2.3.8)
-
reset_primary_key
(<= v2.3.8)
-
reset_scoped_methods
(<= v3.0.9)
-
reset_sequence_name
-
reset_subclasses
(<= v3.0.9)
-
reset_table_name
-
respond_to?
-
retrieve_connection
-
reverse_sql_order
(<= v2.3.8)
-
safe_to_array
(<= v2.3.8)
-
sanitize
-
sanitize_conditions
-
sanitize_sql
-
sanitize_sql_array
-
sanitize_sql_for_assignment
-
sanitize_sql_for_conditions
-
sanitize_sql_hash
-
sanitize_sql_hash_for_assig...
-
sanitize_sql_hash_for_condi...
-
schema_format
-
scope
(<= v2.3.8)
-
scoped?
(<= v2.3.8)
-
scoped_methods
(<= v3.0.9)
-
scoped_methods=
(<= v1.0.0)
-
self_and_descendants_from_a...
(<= v2.3.8)
-
self_and_descendents_from_a...
(<= v2.2.1)
-
sequence_name
-
sequence_name=
-
serialize
-
serialized_attributes
(<= v3.0.9)
-
set_inheritance_column
-
set_locking_column
(<= v1.1.6)
-
set_primary_key
(<= v2.3.8)
-
set_readonly_option!
(<= v2.3.8)
-
set_sequence_name
-
set_table_name
-
silence
(<= v2.3.8)
-
single_threaded_active_conn...
(<= v2.1.0)
-
single_threaded_scoped_methods
(<= v2.1.0)
-
sqlite3_connection
-
sqlite_connection
(<= v2.3.8)
-
sti_name
-
subclasses
(<= v3.0.9)
-
symbolized_base_class
-
symbolized_sti_name
-
table_exists?
-
table_name
-
table_name=
-
table_name_prefix
-
table_name_suffix
-
threaded_connections
(<= v1.0.0)
-
threaded_connections=
(<= v1.0.0)
-
thread_safe_active_connections
(<= v2.1.0)
-
thread_safe_scoped_methods
(<= v2.1.0)
-
timestamped_migrations
-
type_condition
-
type_name_with_module
(<= v2.3.8)
-
undecorated_table_name
-
unscoped
-
update
(<= v2.3.8)
-
update_all
(<= v2.3.8)
-
update_counters
(<= v2.3.8)
-
validate_find_options
(<= v2.3.8)
-
verification_timeout
(<= v2.3.8)
-
verification_timeout=
(<= v2.3.8)
-
verify_active_connections!
(<= v2.1.0)
-
with_exclusive_scope
-
with_scope
-
<=>
-
==
-
[]
(<= v3.0.9)
-
[]=
(<= v3.0.9)
-
arel_attributes_values
-
assign_attributes
-
assign_multiparameter_attri...
-
attribute_for_inspect
-
attribute_names
-
attribute_present?
-
attributes
-
attributes=
-
attributes_before_type_cast
(<= v2.3.8)
-
attributes_from_column_defi...
(<= v2.3.8)
-
attributes_protected_by_def...
(<= v2.3.8)
-
attributes_with_quotes
(<= v2.3.8)
-
becomes
(<= v2.3.8)
-
cache_key
-
clear_timestamp_attributes
-
clone
(<= v2.3.8)
-
clone_attributes
-
clone_attribute_value
-
column_for_attribute
-
comma_pair_list
-
connection
-
convert_number_column_value
-
create
(<= v2.3.8)
-
create_or_update
(<= v2.3.8)
-
decrement
(<= v2.3.8)
-
decrement!
(<= v2.3.8)
-
define_question_method
(<= v1.2.6)
-
define_read_method
(<= v1.2.6)
-
define_read_method_for_seri...
(<= v1.2.6)
-
define_read_methods
(<= v1.2.6)
-
delete
(<= v2.3.8)
-
destroy
(<= v2.3.8)
-
destroyed?
(<= v2.3.8)
-
dup
-
encode_with
-
ensure_proper_type
-
eql?
-
evaluate_read_method
(<= v1.2.6)
-
execute_callstack_for_multi...
-
extract_callstack_for_multi...
-
extract_max_param_for_multi...
-
find_parameter_position
-
freeze
-
frozen?
-
has_attribute?
-
hash
-
id
(<= v2.3.8)
-
id=
(<= v2.3.8)
-
id_before_type_cast
(<= v2.3.8)
-
increment
(<= v2.3.8)
-
increment!
(<= v2.3.8)
-
initialize_copy
(<= v3.0.9)
-
initialize_dup
-
init_with
-
inspect
-
instantiate_time_object
-
interpolate_and_sanitize_sql
(<= v3.0.9)
-
interpolate_sanitized_sql
(<= v3.0.9)
-
interpolate_sql
(<= v3.0.0)
-
log_protected_attribute_rem...
(<= v2.3.8)
-
mass_assignment_options
-
mass_assignment_role
-
method_missing
(<= v1.2.6)
-
new_record?
(<= v2.3.8)
-
object_from_yaml
(<= v3.0.9)
-
populate_with_current_scope...
-
query_attribute
(<= v1.2.6)
-
quote
(<= v1.2.6)
-
quote_columns
-
quoted_column_names
(<= v2.3.8)
-
quoted_comma_pair_list
-
quoted_id
-
quote_value
-
read_attribute
(<= v1.2.6)
-
read_attribute_before_type_...
(<= v1.2.6)
-
read_date_parameter_value
-
readonly!
-
readonly?
-
read_other_parameter_value
-
read_time_parameter_value
-
read_value_from_parameter
-
reload
(<= v2.3.8)
-
remove_attributes_protected...
(<= v2.3.8)
-
remove_readonly_attributes
(<= v2.3.8)
-
respond_to?
(<= v1.2.6)
-
save
(<= v2.3.8)
-
save!
(<= v2.3.8)
-
set_serialized_attributes
-
to_ary
-
toggle
(<= v2.3.8)
-
toggle!
(<= v2.3.8)
-
to_param
-
to_xml
(<= v1.1.6)
-
to_yaml
(>= v3.2.1)
-
type_cast_attribute_value
-
unserializable_attribute?
(<= v1.2.6)
-
unserialize_attribute
(<= v1.2.6)
-
update
(<= v2.3.8)
-
update_attribute
(<= v2.3.8)
-
update_attributes
(<= v2.3.8)
-
update_attributes!
(<= v2.3.8)
-
write_attribute
(<= v1.2.6)
-
yaml_initialize
(>= v3.2.1)
= private
= protected
sanitize_sql(condition, table_name = self.table_name)
protected
Alias for ActiveRecord::Base::sanitize_sql_for_conditions
Register or
log in
to add new notes.
cayblood -
January 2, 2009 - (<= v2.2.1)
eric_programmer -
January 23, 2009
leente -
October 13, 2010 - (v2.1.0 - v3.0.0)
cayblood -
January 2, 2009 - (<= v2.2.1)
3 thanks
What to use instead
For versions 2.0+, use ActiveRecord::Base::sanitize_sql_array
eric_programmer -
January 23, 2009
1 thank
Alternate for Rails 2.0
Obviously these methods are protected so usage in an app is discouraged. But if you need to use it anyway for some reason Rails 2.0 also has sanitize_sql_for_conditions which operates exactly like sanitize_sql used to (i.e. it determines if it needs to be processed as an array or hash). So if you are going to blow by the protected status might as well use the easier version. :)
leente -
October 13, 2010 - (v2.1.0 - v3.0.0)
1 thank
Replacement
Use sanitize or connection.quote instead.
