Permalink
Browse files

Explicitly included hashes in sentence regarding SQL-injection-safe f…

…orms
  • Loading branch information...
1 parent e84ea65 commit 3c3f8087647a15a5e88dd18a45d41358eacce142 @campbell campbell committed with fxn Jul 28, 2011
Showing with 3 additions and 3 deletions.
  1. +3 −3 activerecord/lib/active_record/base.rb
@@ -63,9 +63,9 @@ module ActiveRecord #:nodoc:
# == Conditions
#
# Conditions can either be specified as a string, array, or hash representing the WHERE-part of an SQL statement.
- # The array form is to be used when the condition input is tainted and requires sanitization. The string form can
- # be used for statements that don't involve tainted data. The hash form works much like the array form, except
- # only equality and range is possible. Examples:
+ # The array form is to be used when the condition input is tainted and requires sanitization. The string and hash
+ # forms can be used for statements that don't involve tainted data. The hash form works much like the array form,
+ # except only equality and range is possible. Examples:
#
# class User < ActiveRecord::Base
# def self.authenticate_unsafely(user_name, password)

0 comments on commit 3c3f808

Please sign in to comment.