Skip to content
This repository
Browse code

Revert "Explicitly included hashes in sentence regarding SQL-injectio…

…n-safe forms"

Reason: The hash form is secure, and preferred over the array form if possible.

This reverts commit 6dc7495.
  • Loading branch information...
commit b537595665527b8ca5ebad97fc053fd102e16d32 1 parent 19122e7
Xavier Noria fxn authored

Showing 1 changed file with 3 additions and 3 deletions. Show diff stats Hide diff stats

  1. +3 3 activerecord/lib/active_record/base.rb
6 activerecord/lib/active_record/base.rb
@@ -63,9 +63,9 @@ module ActiveRecord #:nodoc:
63 63 # == Conditions
64 64 #
65 65 # Conditions can either be specified as a string, array, or hash representing the WHERE-part of an SQL statement.
66   - # The array form is to be used when the condition input is tainted and requires sanitization. The string and hash
67   - # forms can be used for statements that don't involve tainted data. The hash form works much like the array form,
68   - # except only equality and range is possible. Examples:
  66 + # The array form is to be used when the condition input is tainted and requires sanitization. The string form can
  67 + # be used for statements that don't involve tainted data. The hash form works much like the array form, except
  68 + # only equality and range is possible. Examples:
69 69 #
70 70 # class User < ActiveRecord::Base
71 71 # def self.authenticate_unsafely(user_name, password)

0 comments on commit b537595

Please sign in to comment.
Something went wrong with that request. Please try again.