Quote prepared statements of `sanitize_sql_array` #21758

yui-knk · 2015-09-24T23:55:01Z

Sure unquoted SQL code pass test, but this % style prepared statements
are dangerous. Test codes and code examples are also "Rails" codes,
so quote placeholder of prepared statements.

Sure unquoted SQL code pass test, but this % style prepared statements are dangerous. Test codes and code examples are also "Rails" codes, so quote placeholder of prepared statements.

rails-bot · 2015-09-24T23:55:04Z

r? @eileencodes

(@rails-bot has picked a reviewer for you, use r? to override)

Quote prepared statements of `sanitize_sql_array`

Quote prepared statements of sanitize_sql_array

14d2652

Sure unquoted SQL code pass test, but this % style prepared statements are dangerous. Test codes and code examples are also "Rails" codes, so quote placeholder of prepared statements.

rails-bot assigned eileencodes Sep 24, 2015

eileencodes added a commit that referenced this pull request Sep 25, 2015

Merge pull request #21758 from yui-knk/fix_sanitize_test_example

73eec7a

Quote prepared statements of `sanitize_sql_array`

eileencodes merged commit 73eec7a into rails:master Sep 25, 2015

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Quote prepared statements of `sanitize_sql_array` #21758

Quote prepared statements of `sanitize_sql_array` #21758

yui-knk commented Sep 24, 2015

rails-bot commented Sep 24, 2015

Quote prepared statements of sanitize_sql_array #21758

Quote prepared statements of sanitize_sql_array #21758

Conversation

yui-knk commented Sep 24, 2015

rails-bot commented Sep 24, 2015

Quote prepared statements of `sanitize_sql_array` #21758

Quote prepared statements of `sanitize_sql_array` #21758