aboutsummaryrefslogtreecommitdiffstats
path: root/activerecord/lib/active_record/sanitization.rb
diff options
context:
space:
mode:
authoryui-knk <spiketeika@gmail.com>2015-10-31 10:04:38 +0900
committeryui-knk <spiketeika@gmail.com>2015-11-02 21:18:18 +0900
commit6011ab853c0b843e0aa139ca90a5e4ab9ec143c2 (patch)
treedb30db13d99ca844f1b818aa4328a96d3325b4c5 /activerecord/lib/active_record/sanitization.rb
parent57493eae3d45a4253aeb0b4f60239531da9d0446 (diff)
downloadrails-6011ab853c0b843e0aa139ca90a5e4ab9ec143c2.tar.gz
rails-6011ab853c0b843e0aa139ca90a5e4ab9ec143c2.tar.bz2
rails-6011ab853c0b843e0aa139ca90a5e4ab9ec143c2.zip
Define `sanitize_sql_for_order` for AR and use it inside `preprocess_order_args`
This commit follows up of 6a6dbb4c51fb0c58ba1a810eaa552774167b758a.
Diffstat (limited to 'activerecord/lib/active_record/sanitization.rb')
-rw-r--r--activerecord/lib/active_record/sanitization.rb16
1 files changed, 16 insertions, 0 deletions
diff --git a/activerecord/lib/active_record/sanitization.rb b/activerecord/lib/active_record/sanitization.rb
index 1cf4b09bf3..0c15f45db9 100644
--- a/activerecord/lib/active_record/sanitization.rb
+++ b/activerecord/lib/active_record/sanitization.rb
@@ -53,6 +53,22 @@ module ActiveRecord
end
end
+ # Accepts an array, or string of SQL conditions and sanitizes
+ # them into a valid SQL fragment for a ORDER clause.
+ #
+ # sanitize_sql_for_order(["field(id, ?)", [1,3,2]])
+ # # => "field(id, 1,3,2)"
+ #
+ # sanitize_sql_for_order("id ASC")
+ # # => "id ASC"
+ def sanitize_sql_for_order(condition)
+ if condition.is_a?(Array) && condition.first.to_s.include?('?')
+ sanitize_sql_array(condition)
+ else
+ condition
+ end
+ end
+
# Accepts a hash of SQL conditions and replaces those attributes
# that correspond to a {#composed_of}[rdoc-ref:Aggregations::ClassMethods#composed_of]
# relationship with their expanded aggregate attribute values.