aboutsummaryrefslogtreecommitdiffstats
path: root/activerecord/lib/active_record/connection_adapters/abstract/quoting.rb
diff options
context:
space:
mode:
authorJeremy Kemper <jeremy@bitsweat.net>2006-06-01 01:43:20 +0000
committerJeremy Kemper <jeremy@bitsweat.net>2006-06-01 01:43:20 +0000
commitb09d02c9e8523857aa290d0824e1c22a714604ac (patch)
tree326f2841bfcced993561d2b9b0e692f929bea142 /activerecord/lib/active_record/connection_adapters/abstract/quoting.rb
parent9fcc0654c37772a3d6884c5d6f7099a39fe88f73 (diff)
downloadrails-b09d02c9e8523857aa290d0824e1c22a714604ac.tar.gz
rails-b09d02c9e8523857aa290d0824e1c22a714604ac.tar.bz2
rails-b09d02c9e8523857aa290d0824e1c22a714604ac.zip
Records and arrays of records are bound as quoted ids.
git-svn-id: http://svn-commit.rubyonrails.org/rails/trunk@4391 5ecf4fe2-1ee6-0310-87b1-e25e094e27de
Diffstat (limited to 'activerecord/lib/active_record/connection_adapters/abstract/quoting.rb')
-rw-r--r--activerecord/lib/active_record/connection_adapters/abstract/quoting.rb3
1 files changed, 3 insertions, 0 deletions
diff --git a/activerecord/lib/active_record/connection_adapters/abstract/quoting.rb b/activerecord/lib/active_record/connection_adapters/abstract/quoting.rb
index 8d8d085bb1..05beddac75 100644
--- a/activerecord/lib/active_record/connection_adapters/abstract/quoting.rb
+++ b/activerecord/lib/active_record/connection_adapters/abstract/quoting.rb
@@ -4,6 +4,9 @@ module ActiveRecord
# Quotes the column value to help prevent
# {SQL injection attacks}[http://en.wikipedia.org/wiki/SQL_injection].
def quote(value, column = nil)
+ # records are quoted as their primary key
+ return value.quoted_id if value.respond_to?(:quoted_id)
+
case value
when String
if column && column.type == :binary && column.class.respond_to?(:string_to_binary)
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-05 03:07:45 +0000