Skip to content

Commit

Permalink
Explicitly included hashes in sentence regarding SQL-injection-safe f…
Browse files Browse the repository at this point in the history 
…orms
  • Loading branch information
@campbell
campbell committed Jul 28, 2011
1 parent 5a22f05 commit 6dc7495
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions activerecord/lib/active_record/base.rb
View file
Original file line number Original file line Diff line number Diff line change
Expand Up @@ -63,9 +63,9 @@ module ActiveRecord #:nodoc:
# == Conditions # == Conditions
# #
# Conditions can either be specified as a string, array, or hash representing the WHERE-part of an SQL statement. # Conditions can either be specified as a string, array, or hash representing the WHERE-part of an SQL statement.
# The array form is to be used when the condition input is tainted and requires sanitization. The string form can # The array form is to be used when the condition input is tainted and requires sanitization. The string and hash
# be used for statements that don't involve tainted data. The hash form works much like the array form, except # forms can be used for statements that don't involve tainted data. The hash form works much like the array form,
# only equality and range is possible. Examples: # except only equality and range is possible. Examples:
# #
# class User < ActiveRecord::Base # class User < ActiveRecord::Base
# def self.authenticate_unsafely(user_name, password) # def self.authenticate_unsafely(user_name, password)
Expand Down

0 comments on commit 6dc7495

Please sign in to comment.