diff options
| author | Xavier Noria <fxn@hashref.com> | 2011-08-04 15:14:06 -0700 |
|---|---|---|
| committer | Xavier Noria <fxn@hashref.com> | 2011-08-13 16:22:15 -0700 |
| commit | b537595665527b8ca5ebad97fc053fd102e16d32 (patch) | |
| tree | f0dd12f5f90f8dc7f819a24a98194cdb4fc012f8 /activerecord/lib/active_record/base.rb | |
| parent | 19122e767ca199f6b2b3e8f21d2634eb2f17a8b4 (diff) | |
| download | rails-b537595665527b8ca5ebad97fc053fd102e16d32.tar.gz rails-b537595665527b8ca5ebad97fc053fd102e16d32.tar.bz2 rails-b537595665527b8ca5ebad97fc053fd102e16d32.zip | |
Revert "Explicitly included hashes in sentence regarding SQL-injection-safe forms"
Reason: The hash form is secure, and preferred over the array form if possible.
This reverts commit 6dc749596c328c44c80f898d5fa860fff6cab783.
Diffstat (limited to 'activerecord/lib/active_record/base.rb')
| -rw-r--r-- | activerecord/lib/active_record/base.rb | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/activerecord/lib/active_record/base.rb b/activerecord/lib/active_record/base.rb index 461df0555f..4136868b39 100644 --- a/activerecord/lib/active_record/base.rb +++ b/activerecord/lib/active_record/base.rb @@ -63,9 +63,9 @@ module ActiveRecord #:nodoc: # == Conditions # # Conditions can either be specified as a string, array, or hash representing the WHERE-part of an SQL statement. - # The array form is to be used when the condition input is tainted and requires sanitization. The string and hash - # forms can be used for statements that don't involve tainted data. The hash form works much like the array form, - # except only equality and range is possible. Examples: + # The array form is to be used when the condition input is tainted and requires sanitization. The string form can + # be used for statements that don't involve tainted data. The hash form works much like the array form, except + # only equality and range is possible. Examples: # # class User < ActiveRecord::Base # def self.authenticate_unsafely(user_name, password) |