Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

plugging sql vulnerability in mysql2 adapter

  • Loading branch information...
commit 00fc49b9c247a1fef079bea1570b5767b1803e4c 1 parent 130c257
@tenderlove tenderlove authored
Showing with 1 addition and 1 deletion.
  1. +1 −1  lib/active_record/connection_adapters/mysql2_adapter.rb
View
2  lib/active_record/connection_adapters/mysql2_adapter.rb
@@ -157,7 +157,7 @@ def quote(value, column = nil)
end
def quote_column_name(name) #:nodoc:
- @quoted_column_names[name] ||= "`#{name}`"
+ @quoted_column_names[name] ||= "`#{name.to_s.gsub('`', '``')}`"
end
def quote_table_name(name) #:nodoc:
Please sign in to comment.
Something went wrong with that request. Please try again.