Permalink
Browse files

Revert "Explicitly included hashes in sentence regarding SQL-injectio…

…n-safe forms"

Reason: The hash form is secure, and preferred over the array form if possible.

This reverts commit 6dc7495.
  • Loading branch information...
1 parent 19122e7 commit b537595665527b8ca5ebad97fc053fd102e16d32 @fxn fxn committed Aug 4, 2011
Showing with 3 additions and 3 deletions.
  1. +3 −3 activerecord/lib/active_record/base.rb
@@ -63,9 +63,9 @@ module ActiveRecord #:nodoc:
# == Conditions
#
# Conditions can either be specified as a string, array, or hash representing the WHERE-part of an SQL statement.
- # The array form is to be used when the condition input is tainted and requires sanitization. The string and hash
- # forms can be used for statements that don't involve tainted data. The hash form works much like the array form,
- # except only equality and range is possible. Examples:
+ # The array form is to be used when the condition input is tainted and requires sanitization. The string form can
+ # be used for statements that don't involve tainted data. The hash form works much like the array form, except
+ # only equality and range is possible. Examples:
#
# class User < ActiveRecord::Base
# def self.authenticate_unsafely(user_name, password)

0 comments on commit b537595

Please sign in to comment.