Permalink
Browse files

Explicitly included hashes in sentence regarding SQL-injection-safe f…

…orms
  • Loading branch information...
1 parent 5a22f05 commit 6dc749596c328c44c80f898d5fa860fff6cab783 @campbell campbell committed Jul 28, 2011
Showing with 3 additions and 3 deletions.
  1. +3 −3 activerecord/lib/active_record/base.rb
@@ -63,9 +63,9 @@ module ActiveRecord #:nodoc:
# == Conditions
#
# Conditions can either be specified as a string, array, or hash representing the WHERE-part of an SQL statement.
- # The array form is to be used when the condition input is tainted and requires sanitization. The string form can
- # be used for statements that don't involve tainted data. The hash form works much like the array form, except
- # only equality and range is possible. Examples:
+ # The array form is to be used when the condition input is tainted and requires sanitization. The string and hash
+ # forms can be used for statements that don't involve tainted data. The hash form works much like the array form,
+ # except only equality and range is possible. Examples:
#
# class User < ActiveRecord::Base
# def self.authenticate_unsafely(user_name, password)

0 comments on commit 6dc7495

Please sign in to comment.