diff options
author | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2016-12-29 15:18:44 -0500 |
---|---|---|
committer | Rafael Mendonça França <rafaelmfranca@gmail.com> | 2016-12-29 17:53:04 -0500 |
commit | fc3e67964753fb5166ccbd2030d7382e1976f393 (patch) | |
tree | a3f40d72f64aa64becfb8a41f0070815bcbc2113 /activerecord/lib/active_record/connection_adapters | |
parent | b4664864c972463c7437ad983832d2582186e886 (diff) | |
download | rails-fc3e67964753fb5166ccbd2030d7382e1976f393.tar.gz rails-fc3e67964753fb5166ccbd2030d7382e1976f393.tar.bz2 rails-fc3e67964753fb5166ccbd2030d7382e1976f393.zip |
Remove deprecated support to query using commas on LIMIT
Diffstat (limited to 'activerecord/lib/active_record/connection_adapters')
-rw-r--r-- | activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb | 7 |
1 files changed, 1 insertions, 6 deletions
diff --git a/activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb b/activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb index e444cec72b..7e7a3881f5 100644 --- a/activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb +++ b/activerecord/lib/active_record/connection_adapters/abstract/database_statements.rb @@ -334,17 +334,12 @@ module ActiveRecord # Sanitizes the given LIMIT parameter in order to prevent SQL injection. # # The +limit+ may be anything that can evaluate to a string via #to_s. It - # should look like an integer, or a comma-delimited list of integers, or - # an Arel SQL literal. + # should look like an integer, or an Arel SQL literal. # # Returns Integer and Arel::Nodes::SqlLiteral limits as is. - # Returns the sanitized limit parameter, either as an integer, or as a - # string which contains a comma-delimited list of integers. def sanitize_limit(limit) if limit.is_a?(Integer) || limit.is_a?(Arel::Nodes::SqlLiteral) limit - elsif limit.to_s.include?(",") - Arel.sql limit.to_s.split(",").map { |i| Integer(i) }.join(",") else Integer(limit) end |