diff options
author | Aaron Suggs <aaron@ktheory.com> | 2013-11-22 13:46:51 -0500 |
---|---|---|
committer | Aaron Suggs <aaron@ktheory.com> | 2013-11-22 13:46:51 -0500 |
commit | b1737337e6b6218ae966b57e9484ae7d3aaff7e4 (patch) | |
tree | f9ee849765a229b873551e4f3aa116b15510028c /actionpack/test/controller/parameters/parameters_permit_test.rb | |
parent | d5b71591dfa5dde3f0389ffb4e268f54334cc501 (diff) | |
download | rails-b1737337e6b6218ae966b57e9484ae7d3aaff7e4.tar.gz rails-b1737337e6b6218ae966b57e9484ae7d3aaff7e4.tar.bz2 rails-b1737337e6b6218ae966b57e9484ae7d3aaff7e4.zip |
Support SQL sanitization in AR::QueryMethods#order
Add support for sanitizing arrays in SQL ORDER clauses.
This is useful when using MySQL `ORDER BY FIELD()` to return records in
a predetermined way.
```ruby
Tag.order(['field(id, ?', [1,3,2]].to_sql
# => SELECT "tags".* FROM "tags" ORDER BY field(id, 1,3,2)
```
Prior to this, developers must be careful to sanitize `#order` arguments
themselves.
Diffstat (limited to 'actionpack/test/controller/parameters/parameters_permit_test.rb')
0 files changed, 0 insertions, 0 deletions