diff options
| author | Xavier Noria <fxn@hashref.com> | 2011-08-04 15:14:06 -0700 |
|---|---|---|
| committer | Xavier Noria <fxn@hashref.com> | 2011-08-04 16:41:31 -0700 |
| commit | 9e18380a323c7087b2079ec479d26ce899268b72 (patch) | |
| tree | 76b5fdf9099b21fd3137701d2276d50da8b0f57f /activerecord/lib/active_record/base.rb | |
| parent | e82b4901eb8f5f3582a079e88c75a4fbc7dea767 (diff) | |
| download | rails-9e18380a323c7087b2079ec479d26ce899268b72.tar.gz rails-9e18380a323c7087b2079ec479d26ce899268b72.tar.bz2 rails-9e18380a323c7087b2079ec479d26ce899268b72.zip | |
Revert "Explicitly included hashes in sentence regarding SQL-injection-safe forms"
Reason: The hash form is secure, and preferred over the array form if possible.
This reverts commit 6dc749596c328c44c80f898d5fa860fff6cab783.
Diffstat (limited to 'activerecord/lib/active_record/base.rb')
| -rw-r--r-- | activerecord/lib/active_record/base.rb | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/activerecord/lib/active_record/base.rb b/activerecord/lib/active_record/base.rb index 461df0555f..4136868b39 100644 --- a/activerecord/lib/active_record/base.rb +++ b/activerecord/lib/active_record/base.rb @@ -63,9 +63,9 @@ module ActiveRecord #:nodoc: # == Conditions # # Conditions can either be specified as a string, array, or hash representing the WHERE-part of an SQL statement. - # The array form is to be used when the condition input is tainted and requires sanitization. The string and hash - # forms can be used for statements that don't involve tainted data. The hash form works much like the array form, - # except only equality and range is possible. Examples: + # The array form is to be used when the condition input is tainted and requires sanitization. The string form can + # be used for statements that don't involve tainted data. The hash form works much like the array form, except + # only equality and range is possible. Examples: # # class User < ActiveRecord::Base # def self.authenticate_unsafely(user_name, password) |